Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2023-28765

Опубликовано: 12 сент. 2023
Источник: oracle-oval
Платформа: Oracle Linux 8
Платформа: Oracle Linux 9

Описание

ELSA-2023-28765: cross-gcc security update (LOW)

[12.1.1-2.0.4]

Обновленные пакеты

Oracle Linux 8

Oracle Linux aarch64

cross-gcc-common

12.1.1-2.0.4.el8

gcc-aarch64-linux-gnu

12.1.1-2.0.4.el8

gcc-alpha-linux-gnu

12.1.1-2.0.4.el8

gcc-arc-linux-gnu

12.1.1-2.0.4.el8

gcc-arm-linux-gnu

12.1.1-2.0.4.el8

gcc-avr32-linux-gnu

12.1.1-2.0.4.el8

gcc-bfin-linux-gnu

12.1.1-2.0.4.el8

gcc-bpf-unknown-none

12.1.1-2.0.4.el8

gcc-c++-aarch64-linux-gnu

12.1.1-2.0.4.el8

gcc-c++-alpha-linux-gnu

12.1.1-2.0.4.el8

gcc-c++-arc-linux-gnu

12.1.1-2.0.4.el8

gcc-c++-arm-linux-gnu

12.1.1-2.0.4.el8

gcc-c++-avr32-linux-gnu

12.1.1-2.0.4.el8

gcc-c++-bfin-linux-gnu

12.1.1-2.0.4.el8

gcc-c++-bpf-unknown-none

12.1.1-2.0.4.el8

gcc-c++-c6x-linux-gnu

12.1.1-2.0.4.el8

gcc-c++-frv-linux-gnu

12.1.1-2.0.4.el8

gcc-c++-h8300-linux-gnu

12.1.1-2.0.4.el8

gcc-c++-hppa-linux-gnu

12.1.1-2.0.4.el8

gcc-c++-hppa64-linux-gnu

12.1.1-2.0.4.el8

gcc-c++-ia64-linux-gnu

12.1.1-2.0.4.el8

gcc-c++-m68k-linux-gnu

12.1.1-2.0.4.el8

gcc-c++-microblaze-linux-gnu

12.1.1-2.0.4.el8

gcc-c++-mips64-linux-gnu

12.1.1-2.0.4.el8

gcc-c++-mn10300-linux-gnu

12.1.1-2.0.4.el8

gcc-c++-nios2-linux-gnu

12.1.1-2.0.4.el8

gcc-c++-openrisc-linux-gnu

12.1.1-2.0.4.el8

gcc-c++-powerpc64-linux-gnu

12.1.1-2.0.4.el8

gcc-c++-powerpc64le-linux-gnu

12.1.1-2.0.4.el8

gcc-c++-ppc64-linux-gnu

12.1.1-2.0.4.el8

gcc-c++-ppc64le-linux-gnu

12.1.1-2.0.4.el8

gcc-c++-riscv64-linux-gnu

12.1.1-2.0.4.el8

gcc-c++-s390x-linux-gnu

12.1.1-2.0.4.el8

gcc-c++-sparc64-linux-gnu

12.1.1-2.0.4.el8

gcc-c++-tile-linux-gnu

12.1.1-2.0.4.el8

gcc-c++-x86_64-linux-gnu

12.1.1-2.0.4.el8

gcc-c++-xtensa-linux-gnu

12.1.1-2.0.4.el8

gcc-c6x-linux-gnu

12.1.1-2.0.4.el8

gcc-frv-linux-gnu

12.1.1-2.0.4.el8

gcc-h8300-linux-gnu

12.1.1-2.0.4.el8

gcc-hppa-linux-gnu

12.1.1-2.0.4.el8

gcc-hppa64-linux-gnu

12.1.1-2.0.4.el8

gcc-ia64-linux-gnu

12.1.1-2.0.4.el8

gcc-m68k-linux-gnu

12.1.1-2.0.4.el8

gcc-microblaze-linux-gnu

12.1.1-2.0.4.el8

gcc-mips64-linux-gnu

12.1.1-2.0.4.el8

gcc-mn10300-linux-gnu

12.1.1-2.0.4.el8

gcc-nios2-linux-gnu

12.1.1-2.0.4.el8

gcc-openrisc-linux-gnu

12.1.1-2.0.4.el8

gcc-powerpc64-linux-gnu

12.1.1-2.0.4.el8

gcc-powerpc64le-linux-gnu

12.1.1-2.0.4.el8

gcc-ppc64-linux-gnu

12.1.1-2.0.4.el8

gcc-ppc64le-linux-gnu

12.1.1-2.0.4.el8

gcc-riscv64-linux-gnu

12.1.1-2.0.4.el8

gcc-s390x-linux-gnu

12.1.1-2.0.4.el8

gcc-sparc64-linux-gnu

12.1.1-2.0.4.el8

gcc-tile-linux-gnu

12.1.1-2.0.4.el8

gcc-x86_64-linux-gnu

12.1.1-2.0.4.el8

gcc-xtensa-linux-gnu

12.1.1-2.0.4.el8

Oracle Linux x86_64

cross-gcc-common

12.1.1-2.0.4.el8

gcc-aarch64-linux-gnu

12.1.1-2.0.4.el8

gcc-alpha-linux-gnu

12.1.1-2.0.4.el8

gcc-arc-linux-gnu

12.1.1-2.0.4.el8

gcc-arm-linux-gnu

12.1.1-2.0.4.el8

gcc-avr32-linux-gnu

12.1.1-2.0.4.el8

gcc-bfin-linux-gnu

12.1.1-2.0.4.el8

gcc-bpf-unknown-none

12.1.1-2.0.4.el8

gcc-c++-aarch64-linux-gnu

12.1.1-2.0.4.el8

gcc-c++-alpha-linux-gnu

12.1.1-2.0.4.el8

gcc-c++-arc-linux-gnu

12.1.1-2.0.4.el8

gcc-c++-arm-linux-gnu

12.1.1-2.0.4.el8

gcc-c++-avr32-linux-gnu

12.1.1-2.0.4.el8

gcc-c++-bfin-linux-gnu

12.1.1-2.0.4.el8

gcc-c++-bpf-unknown-none

12.1.1-2.0.4.el8

gcc-c++-c6x-linux-gnu

12.1.1-2.0.4.el8

gcc-c++-frv-linux-gnu

12.1.1-2.0.4.el8

gcc-c++-h8300-linux-gnu

12.1.1-2.0.4.el8

gcc-c++-hppa-linux-gnu

12.1.1-2.0.4.el8

gcc-c++-hppa64-linux-gnu

12.1.1-2.0.4.el8

gcc-c++-ia64-linux-gnu

12.1.1-2.0.4.el8

gcc-c++-m68k-linux-gnu

12.1.1-2.0.4.el8

gcc-c++-microblaze-linux-gnu

12.1.1-2.0.4.el8

gcc-c++-mips64-linux-gnu

12.1.1-2.0.4.el8

gcc-c++-mn10300-linux-gnu

12.1.1-2.0.4.el8

gcc-c++-nios2-linux-gnu

12.1.1-2.0.4.el8

gcc-c++-openrisc-linux-gnu

12.1.1-2.0.4.el8

gcc-c++-powerpc64-linux-gnu

12.1.1-2.0.4.el8

gcc-c++-powerpc64le-linux-gnu

12.1.1-2.0.4.el8

gcc-c++-ppc64-linux-gnu

12.1.1-2.0.4.el8

gcc-c++-ppc64le-linux-gnu

12.1.1-2.0.4.el8

gcc-c++-riscv64-linux-gnu

12.1.1-2.0.4.el8

gcc-c++-s390x-linux-gnu

12.1.1-2.0.4.el8

gcc-c++-sparc64-linux-gnu

12.1.1-2.0.4.el8

gcc-c++-tile-linux-gnu

12.1.1-2.0.4.el8

gcc-c++-x86_64-linux-gnu

12.1.1-2.0.4.el8

gcc-c++-xtensa-linux-gnu

12.1.1-2.0.4.el8

gcc-c6x-linux-gnu

12.1.1-2.0.4.el8

gcc-frv-linux-gnu

12.1.1-2.0.4.el8

gcc-h8300-linux-gnu

12.1.1-2.0.4.el8

gcc-hppa-linux-gnu

12.1.1-2.0.4.el8

gcc-hppa64-linux-gnu

12.1.1-2.0.4.el8

gcc-ia64-linux-gnu

12.1.1-2.0.4.el8

gcc-m68k-linux-gnu

12.1.1-2.0.4.el8

gcc-microblaze-linux-gnu

12.1.1-2.0.4.el8

gcc-mips64-linux-gnu

12.1.1-2.0.4.el8

gcc-mn10300-linux-gnu

12.1.1-2.0.4.el8

gcc-nios2-linux-gnu

12.1.1-2.0.4.el8

gcc-openrisc-linux-gnu

12.1.1-2.0.4.el8

gcc-powerpc64-linux-gnu

12.1.1-2.0.4.el8

gcc-powerpc64le-linux-gnu

12.1.1-2.0.4.el8

gcc-ppc64-linux-gnu

12.1.1-2.0.4.el8

gcc-ppc64le-linux-gnu

12.1.1-2.0.4.el8

gcc-riscv64-linux-gnu

12.1.1-2.0.4.el8

gcc-s390x-linux-gnu

12.1.1-2.0.4.el8

gcc-sparc64-linux-gnu

12.1.1-2.0.4.el8

gcc-tile-linux-gnu

12.1.1-2.0.4.el8

gcc-x86_64-linux-gnu

12.1.1-2.0.4.el8

gcc-xtensa-linux-gnu

12.1.1-2.0.4.el8

Oracle Linux 9

Oracle Linux aarch64

cross-gcc-common

12.1.1-2.0.4.el9

gcc-aarch64-linux-gnu

12.1.1-2.0.4.el9

gcc-alpha-linux-gnu

12.1.1-2.0.4.el9

gcc-arc-linux-gnu

12.1.1-2.0.4.el9

gcc-arm-linux-gnu

12.1.1-2.0.4.el9

gcc-avr32-linux-gnu

12.1.1-2.0.4.el9

gcc-bfin-linux-gnu

12.1.1-2.0.4.el9

gcc-bpf-unknown-none

12.1.1-2.0.4.el9

gcc-c++-aarch64-linux-gnu

12.1.1-2.0.4.el9

gcc-c++-alpha-linux-gnu

12.1.1-2.0.4.el9

gcc-c++-arc-linux-gnu

12.1.1-2.0.4.el9

gcc-c++-arm-linux-gnu

12.1.1-2.0.4.el9

gcc-c++-avr32-linux-gnu

12.1.1-2.0.4.el9

gcc-c++-bfin-linux-gnu

12.1.1-2.0.4.el9

gcc-c++-bpf-unknown-none

12.1.1-2.0.4.el9

gcc-c++-c6x-linux-gnu

12.1.1-2.0.4.el9

gcc-c++-frv-linux-gnu

12.1.1-2.0.4.el9

gcc-c++-h8300-linux-gnu

12.1.1-2.0.4.el9

gcc-c++-hppa-linux-gnu

12.1.1-2.0.4.el9

gcc-c++-hppa64-linux-gnu

12.1.1-2.0.4.el9

gcc-c++-ia64-linux-gnu

12.1.1-2.0.4.el9

gcc-c++-m68k-linux-gnu

12.1.1-2.0.4.el9

gcc-c++-microblaze-linux-gnu

12.1.1-2.0.4.el9

gcc-c++-mips64-linux-gnu

12.1.1-2.0.4.el9

gcc-c++-mn10300-linux-gnu

12.1.1-2.0.4.el9

gcc-c++-nios2-linux-gnu

12.1.1-2.0.4.el9

gcc-c++-openrisc-linux-gnu

12.1.1-2.0.4.el9

gcc-c++-powerpc64-linux-gnu

12.1.1-2.0.4.el9

gcc-c++-powerpc64le-linux-gnu

12.1.1-2.0.4.el9

gcc-c++-ppc64-linux-gnu

12.1.1-2.0.4.el9

gcc-c++-ppc64le-linux-gnu

12.1.1-2.0.4.el9

gcc-c++-riscv64-linux-gnu

12.1.1-2.0.4.el9

gcc-c++-s390x-linux-gnu

12.1.1-2.0.4.el9

gcc-c++-sparc64-linux-gnu

12.1.1-2.0.4.el9

gcc-c++-tile-linux-gnu

12.1.1-2.0.4.el9

gcc-c++-x86_64-linux-gnu

12.1.1-2.0.4.el9

gcc-c++-xtensa-linux-gnu

12.1.1-2.0.4.el9

gcc-c6x-linux-gnu

12.1.1-2.0.4.el9

gcc-frv-linux-gnu

12.1.1-2.0.4.el9

gcc-h8300-linux-gnu

12.1.1-2.0.4.el9

gcc-hppa-linux-gnu

12.1.1-2.0.4.el9

gcc-hppa64-linux-gnu

12.1.1-2.0.4.el9

gcc-ia64-linux-gnu

12.1.1-2.0.4.el9

gcc-m68k-linux-gnu

12.1.1-2.0.4.el9

gcc-microblaze-linux-gnu

12.1.1-2.0.4.el9

gcc-mips64-linux-gnu

12.1.1-2.0.4.el9

gcc-mn10300-linux-gnu

12.1.1-2.0.4.el9

gcc-nios2-linux-gnu

12.1.1-2.0.4.el9

gcc-openrisc-linux-gnu

12.1.1-2.0.4.el9

gcc-powerpc64-linux-gnu

12.1.1-2.0.4.el9

gcc-powerpc64le-linux-gnu

12.1.1-2.0.4.el9

gcc-ppc64-linux-gnu

12.1.1-2.0.4.el9

gcc-ppc64le-linux-gnu

12.1.1-2.0.4.el9

gcc-riscv64-linux-gnu

12.1.1-2.0.4.el9

gcc-s390x-linux-gnu

12.1.1-2.0.4.el9

gcc-sparc64-linux-gnu

12.1.1-2.0.4.el9

gcc-tile-linux-gnu

12.1.1-2.0.4.el9

gcc-x86_64-linux-gnu

12.1.1-2.0.4.el9

gcc-xtensa-linux-gnu

12.1.1-2.0.4.el9

Oracle Linux x86_64

cross-gcc-common

12.1.1-2.0.4.el9

gcc-aarch64-linux-gnu

12.1.1-2.0.4.el9

gcc-alpha-linux-gnu

12.1.1-2.0.4.el9

gcc-arc-linux-gnu

12.1.1-2.0.4.el9

gcc-arm-linux-gnu

12.1.1-2.0.4.el9

gcc-avr32-linux-gnu

12.1.1-2.0.4.el9

gcc-bfin-linux-gnu

12.1.1-2.0.4.el9

gcc-bpf-unknown-none

12.1.1-2.0.4.el9

gcc-c++-aarch64-linux-gnu

12.1.1-2.0.4.el9

gcc-c++-alpha-linux-gnu

12.1.1-2.0.4.el9

gcc-c++-arc-linux-gnu

12.1.1-2.0.4.el9

gcc-c++-arm-linux-gnu

12.1.1-2.0.4.el9

gcc-c++-avr32-linux-gnu

12.1.1-2.0.4.el9

gcc-c++-bfin-linux-gnu

12.1.1-2.0.4.el9

gcc-c++-bpf-unknown-none

12.1.1-2.0.4.el9

gcc-c++-c6x-linux-gnu

12.1.1-2.0.4.el9

gcc-c++-frv-linux-gnu

12.1.1-2.0.4.el9

gcc-c++-h8300-linux-gnu

12.1.1-2.0.4.el9

gcc-c++-hppa-linux-gnu

12.1.1-2.0.4.el9

gcc-c++-hppa64-linux-gnu

12.1.1-2.0.4.el9

gcc-c++-ia64-linux-gnu

12.1.1-2.0.4.el9

gcc-c++-m68k-linux-gnu

12.1.1-2.0.4.el9

gcc-c++-microblaze-linux-gnu

12.1.1-2.0.4.el9

gcc-c++-mips64-linux-gnu

12.1.1-2.0.4.el9

gcc-c++-mn10300-linux-gnu

12.1.1-2.0.4.el9

gcc-c++-nios2-linux-gnu

12.1.1-2.0.4.el9

gcc-c++-openrisc-linux-gnu

12.1.1-2.0.4.el9

gcc-c++-powerpc64-linux-gnu

12.1.1-2.0.4.el9

gcc-c++-powerpc64le-linux-gnu

12.1.1-2.0.4.el9

gcc-c++-ppc64-linux-gnu

12.1.1-2.0.4.el9

gcc-c++-ppc64le-linux-gnu

12.1.1-2.0.4.el9

gcc-c++-riscv64-linux-gnu

12.1.1-2.0.4.el9

gcc-c++-s390x-linux-gnu

12.1.1-2.0.4.el9

gcc-c++-sparc64-linux-gnu

12.1.1-2.0.4.el9

gcc-c++-tile-linux-gnu

12.1.1-2.0.4.el9

gcc-c++-x86_64-linux-gnu

12.1.1-2.0.4.el9

gcc-c++-xtensa-linux-gnu

12.1.1-2.0.4.el9

gcc-c6x-linux-gnu

12.1.1-2.0.4.el9

gcc-frv-linux-gnu

12.1.1-2.0.4.el9

gcc-h8300-linux-gnu

12.1.1-2.0.4.el9

gcc-hppa-linux-gnu

12.1.1-2.0.4.el9

gcc-hppa64-linux-gnu

12.1.1-2.0.4.el9

gcc-ia64-linux-gnu

12.1.1-2.0.4.el9

gcc-m68k-linux-gnu

12.1.1-2.0.4.el9

gcc-microblaze-linux-gnu

12.1.1-2.0.4.el9

gcc-mips64-linux-gnu

12.1.1-2.0.4.el9

gcc-mn10300-linux-gnu

12.1.1-2.0.4.el9

gcc-nios2-linux-gnu

12.1.1-2.0.4.el9

gcc-openrisc-linux-gnu

12.1.1-2.0.4.el9

gcc-powerpc64-linux-gnu

12.1.1-2.0.4.el9

gcc-powerpc64le-linux-gnu

12.1.1-2.0.4.el9

gcc-ppc64-linux-gnu

12.1.1-2.0.4.el9

gcc-ppc64le-linux-gnu

12.1.1-2.0.4.el9

gcc-riscv64-linux-gnu

12.1.1-2.0.4.el9

gcc-s390x-linux-gnu

12.1.1-2.0.4.el9

gcc-sparc64-linux-gnu

12.1.1-2.0.4.el9

gcc-tile-linux-gnu

12.1.1-2.0.4.el9

gcc-x86_64-linux-gnu

12.1.1-2.0.4.el9

gcc-xtensa-linux-gnu

12.1.1-2.0.4.el9

Связанные CVE

CVE-2023-4039

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2023-4039

CVSS3: 4.8
ubuntu
почти 2 года назад

**DISPUTED**A failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an existing buffer overflow in dynamically-sized local variables in your application without this being detected. This stack-protector failure only applies to C99-style dynamically-sized local variables or those created using alloca(). The stack-protector operates as intended for statically-sized local variables. The default behavior when the stack-protector detects an overflow is to terminate your application, resulting in controlled loss of availability. An attacker who can exploit a buffer overflow without triggering the stack-protector might be able to change program flow control to cause an uncontrolled loss of availability or to go further and affect confidentiality or integrity. NOTE: The GCC project argues that this is a missed hardening bug and not a vulnerability by itself.

redhat логотип

CVE-2023-4039

redhat
почти 2 года назад

**DISPUTED**A failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an existing buffer overflow in dynamically-sized local variables in your application without this being detected. This stack-protector failure only applies to C99-style dynamically-sized local variables or those created using alloca(). The stack-protector operates as intended for statically-sized local variables. The default behavior when the stack-protector detects an overflow is to terminate your application, resulting in controlled loss of availability. An attacker who can exploit a buffer overflow without triggering the stack-protector might be able to change program flow control to cause an uncontrolled loss of availability or to go further and affect confidentiality or integrity. NOTE: The GCC project argues that this is a missed hardening bug and not a vulnerability by itself.

nvd логотип

CVE-2023-4039

CVSS3: 4.8
nvd
почти 2 года назад

**DISPUTED**A failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an existing buffer overflow in dynamically-sized local variables in your application without this being detected. This stack-protector failure only applies to C99-style dynamically-sized local variables or those created using alloca(). The stack-protector operates as intended for statically-sized local variables. The default behavior when the stack-protector detects an overflow is to terminate your application, resulting in controlled loss of availability. An attacker who can exploit a buffer overflow without triggering the stack-protector might be able to change program flow control to cause an uncontrolled loss of availability or to go further and affect confidentiality or integrity. NOTE: The GCC project argues that this is a missed hardening bug and not a vulnerability by itself.

msrc логотип

CVE-2023-4039

CVSS3: 4.8
msrc
почти 2 года назад

Описание отсутствует

debian логотип

CVE-2023-4039

CVSS3: 4.8
debian
почти 2 года назад

**DISPUTED**A failure in the -fstack-protector feature in GCC-based to ...

Уязвимость ELSA-2023-28765