Siemens SCALANCE, SIMATIC S7-1500 Generation of Error Message Containing Sensitive Information (CVE-2018-12886)

stackprotectprologue in cfgexpand.c and stackprotectepilogue in function.c in GNU Compiler Collection GCC 4.1 through 8 under certain circumstances generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the...

CVE-2021-47631

In the Linux kernel, the following vulnerability has been resolved: ARM: davinci: da850-evm: Avoid NULL pointer dereference With newer versions of GCC, there is a panic in da850evmconfigemac when booting multiv5defconfig in QEMU under the palmetto-bmc machine: Unable to handle kernel NULL pointer...

CVE-2021-47631

In the Linux kernel, the following vulnerability has been resolved: ARM: davinci: da850-evm: Avoid NULL pointer dereference With newer versions of GCC, there is a panic in da850evmconfigemac when booting multiv5defconfig in QEMU under the palmetto-bmc machine: Unable to handle kernel NULL pointer...

SUSE CVE-2024-50383

Botan before 3.6.0, when certain GCC versions are used, has a compiler-induced secret-dependent operation in lib/utils/donna128.h in donna128 used in Chacha-Poly1305 and x25519. An addition can be skipped if a carry is not set. This was observed for GCC 11.3.0 with -O2 on MIPS, and GCC on x86-i38...

CVE-2024-50383

Botan before 3.6.0, when certain GCC versions are used, has a compiler-induced secret-dependent operation in lib/utils/donna128.h in donna128 used in Chacha-Poly1305 and x25519. An addition can be skipped if a carry is not set. This was observed for GCC 11.3.0 with -O2 on MIPS, and GCC on x86-i38...

gcc security update

gcc el8 8.5.0-18.0.5 - CVE-2023-4039 GCC mitigation. Orabug 35751743. Includes removal of aarch64-preserve-args.patch. - CVE-2022-40982 'Intel Downfall' mitigation. Orabug 35751810. Add two patches originally from GCC upstream releases/gcc-11 branch. with major adjustment...

SUSE CVE-2006-3619

Directory traversal vulnerability in FastJar 0.93, as used in Gnu GCC 4.1.1 and earlier, and 3.4.6 and earlier, allows user-assisted attackers to overwrite arbitrary files via a .jar file containing filenames with "../" sequences...

SUSE CVE-2008-1685

gcc 4.2.0 through 4.3.0 in GNU Compiler Collection, when casts are not used, considers the sum of a pointer and an int to be greater than or equal to the pointer, which might lead to removal of length testing code that was intended as a protection mechanism against integer overflow and buffer...

Analysis of the EQGRP leakage

As you know, yesterday TheShadowBrokers group released EQGRP archive with some interesting data inside. As they mentioned, it’s a NSA leakage with a lot of “cyberweapon”. I analysed this data yesterday to find the answers to following questions: 1. When did the leak occur? 2. Who were the targets...

FreeBSD : Cyrus IMAPd -- APPEND command uses undefined programming construct (31952117-3d17-11d9-8818-008088034841)

To support MULTIAPPENDS the cmdappend handler uses the global stage array. This array is one of the things that gets destructed when the fatal function is triggered. When the Cyrus IMAP code adds new entries to this array this is done with the help of the postfix increment operator in combination...