Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
rosalinuxROSA LABROSA-SA-2024-2406
HistoryApr 23, 2024 - 12:04 p.m.

Advisory ROSA-SA-2024-2406

2024-04-2312:04:19
ROSA LAB
abf.rosalinux.ru
9
vulnerability
gcc 11.4.0
data protection
resolved
remote exploitation
confidentiality
integrity
availability
rosa-chrome

4.8 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

5.2 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.1%

JSON

software: gcc 11.4.0
OS: ROSA-CHROME

package_evr_string: gcc-11.4.0-10

CVE-ID: CVE-2023-4039
BDU-ID: 2023-05920
CVE-Crit: MEDIUM
CVE-DESC.: A vulnerability in the stack protection feature of the GNU Compiler Collection (GCC) stack for various programming languages involves a breach of the data protection mechanism. Exploitation of the vulnerability could allow an attacker acting remotely to impact the confidentiality, integrity, and availability of protected information
CVE-STATUS: Resolved
CVE-REV: To close, run the command: sudo dnf update gcc

OSVersionArchitecturePackageVersionFilename
ROSAanynoarchgcc< 11.4.0UNKNOWN

Related

ubuntucve 1
redhatcve 1
oraclelinux 3
openvas 25
nessus 29
debiancve 1
alpinelinux 1
cbl_mariner 1
cve 1
amazon 2
veracode 1
nvd 1
cgr 1
wolfi 1
prion 1
cvelist 1
ibm 3
oracle 1
ics 1
ubuntucve
ubuntucve
CVE-2023-4039
2023-09-12 00:00:00
redhatcve
redhatcve
CVE-2023-4039
2023-09-13 05:24:13
oraclelinux
oraclelinux
cross-gcc security update
2023-09-12 00:00:00
cross-gcc security update
2023-09-12 00:00:00
gcc security update
2023-09-12 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2023:4458-1)
2023-11-17 00:00:00
Huawei EulerOS: Security Advisory for gcc (EulerOS-SA-2023-3209)
2023-11-10 00:00:00
Huawei EulerOS: Security Advisory for gcc (EulerOS-SA-2023-3296)
2023-12-12 00:00:00
nessus
nessus
EulerOS 2.0 SP10 : gcc (EulerOS-SA-2023-3209)
2024-01-16 00:00:00
SUSE SLED15 / SLES15 Security Update : gcc7 (SUSE-SU-2023:3686-1)
2023-09-20 00:00:00
EulerOS Virtualization 2.10.0 : gcc (EulerOS-SA-2023-3469)
2024-01-16 00:00:00
debiancve
debiancve
CVE-2023-4039
2023-09-13 09:15:15
alpinelinux
alpinelinux
CVE-2023-4039
2023-09-13 09:15:15
cbl_mariner
cbl_mariner
CVE-2023-4039 affecting package gcc for versions less than 11.2.0-6
2023-09-27 18:02:50
cve
cve
CVE-2023-4039
2023-09-13 09:15:15
amazon
amazon
Medium: gcc
2023-09-08 19:46:00
Medium: gcc10
2023-09-08 19:46:00
veracode
veracode
Buffer Overflow
2023-11-30 18:34:15
nvd
nvd
CVE-2023-4039
2023-09-13 09:15:15
cgr
cgr
CVE-2023-4039 vulnerabilities
2024-05-19 03:07:16
wolfi
wolfi
CVE-2023-4039 vulnerabilities
2024-06-26 09:08:30
prion
prion
Design/Logic Flaw
2023-09-13 09:15:00
cvelist
cvelist
CVE-2023-4039 GCC's-fstack-protector fails to guard dynamically-sized local variables on AArch64
2023-09-13 08:05:10
ibm
ibm
Security Bulletin: IBM Cognos Dashboards on Cloud Pak for Data 4.8.1 has addressed security vulnerabilities
2023-12-26 21:30:04
Security Bulletin: Order Management is subject to various OS vulnerabilites which could have allowed attacker various entry points into application.
2024-04-12 17:49:20
Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities
2024-06-26 09:20:14
oracle
oracle
Oracle Critical Patch Update Advisory - October 2023
2023-10-17 00:00:00
ics
ics
Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1
2023-12-14 12:00:00

4.8 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

5.2 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.1%

JSON
Related for ROSA-SA-2024-2406
ubuntucve1redhatcve1oraclelinux3openvas25nessus29debiancve1alpinelinux1cbl_mariner1cve1amazon2veracode1nvd1cgr1wolfi1prion1cvelist1ibm3oracle1ics1