Gentoo FoundationMGASA-2014-0306Updated gcc packages fix security vulnerability and other bugs
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.026 Low
EPSS
Percentile
90.4%
Updated gcc packages fix the following security issue: Multiple integer overflow issues were found in libgfortran, the run-time support library for the Fortran compiler. These could possibly be used to crash a Fortran application or cause it to execute arbitrary code. (CVE-2014-5044) They also fix the following bugs: The gcc rtl-optimization sched2 miscompiles syscall sequence wich can cause random panic in glibc and kernel (gcc/PR61801) clang++ fails to find cxxabi.h and cxxabi_tweaks.h during build (mga#13543)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Mageia | 3 | noarch | gcc | < 4.7.2-8.2 | gcc-4.7.2-8.2.mga3 |
| Mageia | 4 | noarch | gcc | < 4.8.2-3.2 | gcc-4.8.2-3.2.mga4 |
References
Related
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.026 Low
EPSS
Percentile
90.4%