52 matches found
Siemens SIMATIC and SCALANCE Protection Mechanism Failure (CVE-2023-4039)
A failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an existing buffer overflow in dynamically-sized local variables in your application without this being detected. This stack-protector failure only applies to C99-style...
USN-7700-1 gcc-10, gcc-11, gcc-12 vulnerability
It was discovered that the -fstack-protector hardening feature in GCC for AArch64 did not properly protect dynamically-sized local variables such as those created using C99 variable length arrays or alloca. As a result, an attacker who was able to trigger a buffer overflow in such cases could...
Security Bulletin: Order Management is subject to various OS vulnerabilites which could have allowed attacker various entry points into application.
Summary Order Management has updated the container OS version and remediated to the point of code freeze. This bulletin identifies the steps to take to address the vulnerabilities by updating to the very latest OS version. Vulnerability Details CVEID:CVE-2022-2923 DESCRIPTION: Vim is vulnerable t...
Linux Distros Unpatched Vulnerability : CVE-2023-4039
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - DISPUTEDA failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an existing buffer overflow in...
Azure Linux 3.0 Security Update: gcc (CVE-2023-4039)
The version of gcc installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-4039 advisory. - DISPUTEDA failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacke...
OESA-2025-1042 gcc security update
The gcc package contains the GNU Compiler Collection version 12. You'll need this package in order to compile C code. Security Fixes: DISPUTEDA failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an existing buffer overflow in...
CVE-2023-4039 affecting package gcc for versions less than 13.2.0-7
CVE-2023-4039 affecting package gcc for versions less than 13.2.0-7. A patched version of the package is available...
RHEL 6 : gcc (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - gcc: Exploitable buffer overflow CVE-2016-2226 - Use-after-free vulnerability in libiberty allows remote...
EulerOS Virtualization 2.11.1 : gcc (EulerOS-SA-2024-1412)
According to the versions of the gcc packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - DISPUTEDA failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an...
EulerOS 2.0 SP8 : gcc (EulerOS-SA-2024-1265)
According to the versions of the gcc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - DISPUTEDA failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an existing buffer...
openSUSE: Security Advisory for gcc13 (SUSE-SU-2023:4162-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for gcc13 (SUSE-SU-2023:4458-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2023:3661-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP11 : gcc (EulerOS-SA-2024-1103)
According to the versions of the gcc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an existing buffer overflow in...
EulerOS Virtualization 2.9.0 : gcc (EulerOS-SA-2024-1007)
According to the versions of the gcc packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an existing...
EulerOS 2.0 SP10 : gcc (EulerOS-SA-2023-3209)
According to the versions of the gcc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an existing buffer overflow in...
EulerOS 2.0 SP9 : gcc (EulerOS-SA-2023-3296)
According to the versions of the gcc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an existing buffer overflow in...
EulerOS Virtualization 2.10.1 : gcc (EulerOS-SA-2023-3497)
According to the versions of the gcc packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an existing...
EulerOS 2.0 SP10 : gcc (EulerOS-SA-2023-3174)
According to the versions of the gcc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an existing buffer overflow in...
EulerOS Virtualization 2.9.1 : gcc (EulerOS-SA-2024-1033)
According to the versions of the gcc packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an existing...