Описание
Security update for gcc12
This update for gcc12 fixes the following issues:
- CVE-2023-4039: Fixed incorrect stack protector for C99 VLAs on Aarch64 (bsc#1214052).
Список пакетов
Container suse/ltss/sle12.5/sles12sp5:latest
libgcc_s1-12.3.0+git1204-1.13.1
libstdc++6-12.3.0+git1204-1.13.1
Container suse/sles12sp5:latest
libgcc_s1-12.3.0+git1204-1.13.1
libstdc++6-12.3.0+git1204-1.13.1
Image SLES12-SP5-Azure-BYOS
libgcc_s1-12.3.0+git1204-1.13.1
libstdc++6-12.3.0+git1204-1.13.1
Image SLES12-SP5-Azure-Basic-On-Demand
libgcc_s1-12.3.0+git1204-1.13.1
libstdc++6-12.3.0+git1204-1.13.1
Image SLES12-SP5-Azure-HPC-BYOS
libgcc_s1-12.3.0+git1204-1.13.1
libstdc++6-12.3.0+git1204-1.13.1
Image SLES12-SP5-Azure-HPC-On-Demand
libgcc_s1-12.3.0+git1204-1.13.1
libstdc++6-12.3.0+git1204-1.13.1
Image SLES12-SP5-Azure-SAP-BYOS
libgcc_s1-12.3.0+git1204-1.13.1
libstdc++6-12.3.0+git1204-1.13.1
Image SLES12-SP5-Azure-SAP-On-Demand
libgcc_s1-12.3.0+git1204-1.13.1
libstdc++6-12.3.0+git1204-1.13.1
Image SLES12-SP5-Azure-Standard-On-Demand
libgcc_s1-12.3.0+git1204-1.13.1
libstdc++6-12.3.0+git1204-1.13.1
Image SLES12-SP5-EC2-BYOS
libgcc_s1-12.3.0+git1204-1.13.1
libstdc++6-12.3.0+git1204-1.13.1
Image SLES12-SP5-EC2-ECS-On-Demand
libgcc_s1-12.3.0+git1204-1.13.1
libstdc++6-12.3.0+git1204-1.13.1
Image SLES12-SP5-EC2-On-Demand
libgcc_s1-12.3.0+git1204-1.13.1
libstdc++6-12.3.0+git1204-1.13.1
Image SLES12-SP5-EC2-SAP-BYOS
libgcc_s1-12.3.0+git1204-1.13.1
libstdc++6-12.3.0+git1204-1.13.1
Image SLES12-SP5-EC2-SAP-On-Demand
libgcc_s1-12.3.0+git1204-1.13.1
libstdc++6-12.3.0+git1204-1.13.1
Image SLES12-SP5-GCE-BYOS
libgcc_s1-12.3.0+git1204-1.13.1
libstdc++6-12.3.0+git1204-1.13.1
Image SLES12-SP5-GCE-On-Demand
libgcc_s1-12.3.0+git1204-1.13.1
libstdc++6-12.3.0+git1204-1.13.1
Image SLES12-SP5-GCE-SAP-BYOS
libgcc_s1-12.3.0+git1204-1.13.1
libstdc++6-12.3.0+git1204-1.13.1
Image SLES12-SP5-GCE-SAP-On-Demand
libgcc_s1-12.3.0+git1204-1.13.1
libstdc++6-12.3.0+git1204-1.13.1
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production
libatomic1-12.3.0+git1204-1.13.1
libgcc_s1-12.3.0+git1204-1.13.1
libgomp1-12.3.0+git1204-1.13.1
libitm1-12.3.0+git1204-1.13.1
liblsan0-12.3.0+git1204-1.13.1
libstdc++6-12.3.0+git1204-1.13.1
Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production
libatomic1-12.3.0+git1204-1.13.1
libgcc_s1-12.3.0+git1204-1.13.1
libgomp1-12.3.0+git1204-1.13.1
libitm1-12.3.0+git1204-1.13.1
liblsan0-12.3.0+git1204-1.13.1
libstdc++6-12.3.0+git1204-1.13.1
SUSE Linux Enterprise Module for Toolchain 12
cpp12-12.3.0+git1204-1.13.1
cross-nvptx-gcc12-12.3.0+git1204-1.13.1
cross-nvptx-newlib12-devel-12.3.0+git1204-1.13.1
gcc12-12.3.0+git1204-1.13.1
gcc12-32bit-12.3.0+git1204-1.13.1
gcc12-PIE-12.3.0+git1204-1.13.1
gcc12-c++-12.3.0+git1204-1.13.1
gcc12-c++-32bit-12.3.0+git1204-1.13.1
gcc12-fortran-12.3.0+git1204-1.13.1
gcc12-fortran-32bit-12.3.0+git1204-1.13.1
gcc12-info-12.3.0+git1204-1.13.1
gcc12-locale-12.3.0+git1204-1.13.1
libstdc++6-devel-gcc12-12.3.0+git1204-1.13.1
libstdc++6-devel-gcc12-32bit-12.3.0+git1204-1.13.1
SUSE Linux Enterprise Server 12 SP5
libasan8-12.3.0+git1204-1.13.1
libasan8-32bit-12.3.0+git1204-1.13.1
libatomic1-12.3.0+git1204-1.13.1
libatomic1-32bit-12.3.0+git1204-1.13.1
libgcc_s1-12.3.0+git1204-1.13.1
libgcc_s1-32bit-12.3.0+git1204-1.13.1
libgfortran5-12.3.0+git1204-1.13.1
libgfortran5-32bit-12.3.0+git1204-1.13.1
libgomp1-12.3.0+git1204-1.13.1
libgomp1-32bit-12.3.0+git1204-1.13.1
libhwasan0-12.3.0+git1204-1.13.1
libitm1-12.3.0+git1204-1.13.1
libitm1-32bit-12.3.0+git1204-1.13.1
liblsan0-12.3.0+git1204-1.13.1
libobjc4-12.3.0+git1204-1.13.1
libobjc4-32bit-12.3.0+git1204-1.13.1
libquadmath0-12.3.0+git1204-1.13.1
libquadmath0-32bit-12.3.0+git1204-1.13.1
libstdc++6-12.3.0+git1204-1.13.1
libstdc++6-32bit-12.3.0+git1204-1.13.1
libstdc++6-locale-12.3.0+git1204-1.13.1
libstdc++6-pp-12.3.0+git1204-1.13.1
libstdc++6-pp-32bit-12.3.0+git1204-1.13.1
libtsan2-12.3.0+git1204-1.13.1
libubsan1-12.3.0+git1204-1.13.1
libubsan1-32bit-12.3.0+git1204-1.13.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
libasan8-12.3.0+git1204-1.13.1
libasan8-32bit-12.3.0+git1204-1.13.1
libatomic1-12.3.0+git1204-1.13.1
libatomic1-32bit-12.3.0+git1204-1.13.1
libgcc_s1-12.3.0+git1204-1.13.1
libgcc_s1-32bit-12.3.0+git1204-1.13.1
libgfortran5-12.3.0+git1204-1.13.1
libgfortran5-32bit-12.3.0+git1204-1.13.1
libgomp1-12.3.0+git1204-1.13.1
libgomp1-32bit-12.3.0+git1204-1.13.1
libhwasan0-12.3.0+git1204-1.13.1
libitm1-12.3.0+git1204-1.13.1
libitm1-32bit-12.3.0+git1204-1.13.1
liblsan0-12.3.0+git1204-1.13.1
libobjc4-12.3.0+git1204-1.13.1
libobjc4-32bit-12.3.0+git1204-1.13.1
libquadmath0-12.3.0+git1204-1.13.1
libquadmath0-32bit-12.3.0+git1204-1.13.1
libstdc++6-12.3.0+git1204-1.13.1
libstdc++6-32bit-12.3.0+git1204-1.13.1
libstdc++6-locale-12.3.0+git1204-1.13.1
libstdc++6-pp-12.3.0+git1204-1.13.1
libstdc++6-pp-32bit-12.3.0+git1204-1.13.1
libtsan2-12.3.0+git1204-1.13.1
libubsan1-12.3.0+git1204-1.13.1
libubsan1-32bit-12.3.0+git1204-1.13.1
Ссылки
- Link for SUSE-SU-2023:3640-1
- E-Mail link for SUSE-SU-2023:3640-1
- SUSE Security Ratings
- SUSE Bug 1214052
- SUSE CVE CVE-2023-4039 page
Описание
** DISPUTED ** **DISPUTED**A failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an existing buffer overflow in dynamically-sized local variables in your application without this being detected. This stack-protector failure only applies to C99-style dynamically-sized local variables or those created using alloca(). The stack-protector operates as intended for statically-sized local variables. The default behavior when the stack-protector detects an overflow is to terminate your application, resulting in controlled loss of availability. An attacker who can exploit a buffer overflow without triggering the stack-protector might be able to change program flow control to cause an uncontrolled loss of availability or to go further and affect confidentiality or integrity. NOTE: The GCC project argues that this is a missed hardening bug and not a vulnerability by itself.
Затронутые продукты
Container suse/ltss/sle12.5/sles12sp5:latest:libgcc_s1-12.3.0+git1204-1.13.1
Container suse/ltss/sle12.5/sles12sp5:latest:libstdc++6-12.3.0+git1204-1.13.1
Container suse/sles12sp5:latest:libgcc_s1-12.3.0+git1204-1.13.1
Container suse/sles12sp5:latest:libstdc++6-12.3.0+git1204-1.13.1
Ссылки
- CVE-2023-4039
- SUSE Bug 1214052
- SUSE Bug 1228298