Описание
Security update for gcc7
This update for gcc7 fixes the following issues:
Security issues fixed:
- CVE-2023-4039: Fixed incorrect stack protector for C99 VLAs on Aarch64 (bsc#1214052).
- CVE-2019-15847: Fixed POWER9 DARN miscompilation. (bsc#1149145)
- CVE-2019-14250: Includes fix for LTO linker plugin heap overflow. (bsc#1142649)
Update to GCC 7.5.0 release.
Other changes:
- Fixed KASAN kernel compile. (bsc#1205145)
- Fixed ICE with C++17 code. (bsc#1204505)
- Fixed altivec.h redefining bool in C++ which makes bool unusable (bsc#1195517):
- Adjust gnats idea of the target, fixing the build of gprbuild. [bsc#1196861]
- Do not handle exceptions in std::thread (jsc#CAR-1182)
- add -fpatchable-function-entry feature to gcc-7.
- Fixed glibc namespace violation with getauxval. (bsc#1167939)
- Backport aarch64 Straight Line Speculation mitigation [bsc#1172798, CVE-2020-13844]
- Enable fortran for the nvptx offload compiler.
- Update README.First-for.SuSE.packagers
- Avoid assembler errors with AVX512 gather and scatter instructions when using -masm=intel.
- Backport the aarch64 -moutline-atomics feature and accumulated fixes but not its default enabling. (jsc#SLE-12209, bsc#1167939)
- Fixed memcpy miscompilation on aarch64. (bsc#1178624, bsc#1178577)
- Fixed debug line info for try/catch. (bsc#1178614)
- Fixed corruption of pass private ->aux via DF. (gcc#94148)
- Fixed debug information issue with inlined functions and passed by reference arguments. [gcc#93888]
- Fixed register allocation issue with exception handling code on s390x. (bsc#1161913)
- Backport PR target/92692 to fix miscompilation of some atomic code on aarch64. (bsc#1150164)
- Fixed miscompilation in vectorized code for s390x. (bsc#1160086) [gcc#92950]
- Fixed miscompilation with thread-safe local static initialization. [gcc#85887]
- Fixed debug info created for array definitions that complete an earlier declaration. [bsc#1146475]
- Fixed vector shift miscompilation on s390. (bsc#1141897)
- Add gcc7 -flive-patching patch. [bsc#1071995, fate#323487]
- Strip -flto from $optflags.
- Disables switch jump-tables when retpolines are used. (bsc#1131264, jsc#SLE-6738)
- Fixed ICE compiling tensorflow on aarch64. (bsc#1129389)
- Fixed for aarch64 FMA steering pass use-after-free. (bsc#1128794)
- Fixed ICE compiling tensorflow. (bsc#1129389)
- Fixed s390x FP load-and-test issue. (bsc#1124644)
- Adjust gnat manual entries in the info directory. (bsc#1114592)
- Fixed to no longer try linking -lieee with -mieee-fp. (bsc#1084842)
Список пакетов
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production
Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production
SUSE Linux Enterprise Module for Toolchain 12
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server for SAP Applications 12 SP5
Ссылки
- Link for SUSE-SU-2023:3662-1
- E-Mail link for SUSE-SU-2023:3662-1
- SUSE Security Ratings
- SUSE Bug 1071995
- SUSE Bug 1084842
- SUSE Bug 1114592
- SUSE Bug 1124644
- SUSE Bug 1128794
- SUSE Bug 1129389
- SUSE Bug 1131264
- SUSE Bug 1141897
- SUSE Bug 1142649
- SUSE Bug 1146475
- SUSE Bug 1148517
- SUSE Bug 1149145
- SUSE Bug 1150164
- SUSE Bug 1160086
- SUSE Bug 1161913
- SUSE Bug 1167939
- SUSE Bug 1172798
Описание
An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow.
Затронутые продукты
Ссылки
- CVE-2019-14250
- SUSE Bug 1142649
Описание
The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.
Затронутые продукты
Ссылки
- CVE-2019-15847
- SUSE Bug 1149145
Описание
Arm Armv8-A core implementations utilizing speculative execution past unconditional changes in control flow may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka "straight-line speculation."
Затронутые продукты
Ссылки
- CVE-2020-13844
- SUSE Bug 1172798
Описание
** DISPUTED ** **DISPUTED**A failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an existing buffer overflow in dynamically-sized local variables in your application without this being detected. This stack-protector failure only applies to C99-style dynamically-sized local variables or those created using alloca(). The stack-protector operates as intended for statically-sized local variables. The default behavior when the stack-protector detects an overflow is to terminate your application, resulting in controlled loss of availability. An attacker who can exploit a buffer overflow without triggering the stack-protector might be able to change program flow control to cause an uncontrolled loss of availability or to go further and affect confidentiality or integrity. NOTE: The GCC project argues that this is a missed hardening bug and not a vulnerability by itself.
Затронутые продукты
Ссылки
- CVE-2023-4039
- SUSE Bug 1214052
- SUSE Bug 1228298