173 matches found
DEBIAN-CVE-2019-15847
The POWER9 backend in GNU Compiler Collection GCC before version 10 could optimize multiple calls of the builtindarn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single...
ALPINE-CVE-2019-15847
The POWER9 backend in GNU Compiler Collection GCC before version 10 could optimize multiple calls of the builtindarn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single...
UBUNTU-CVE-2019-15847
The POWER9 backend in GNU Compiler Collection GCC before version 10 could optimize multiple calls of the builtindarn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single...
CVE-2019-15847
CVE-2019-15847 affects the POWER9 backend of GCC, where the compiler could coalesce multiple __builtin_darn() calls into one due to an unspecified volatile operation, reducing random-number entropy. The GCC GLSA/Advisory notes that this issue stems from flawed code generation and can cause repeat...
CVE-2019-15847
The POWER9 backend in GNU Compiler Collection GCC before version 10 could optimize multiple calls of the builtindarn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single...
EulerOS 2.0 SP8 : gcc (EulerOS-SA-2019-1825)
According to the versions of the gcc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The gcc package contains the GNU Compiler Collection version 4.8.You'll need this package in order to compile C code. - Security fixes: -...
CVE-2018-12886
stackprotectprologue in cfgexpand.c and stackprotectepilogue in function.c in GNU Compiler Collection GCC 4.1 through 8 under certain circumstances generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the...
CVE-2018-12886
stackprotectprologue in cfgexpand.c and stackprotectepilogue in function.c in GNU Compiler Collection GCC 4.1 through 8 under certain circumstances generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the...
UBUNTU-CVE-2018-12886
stackprotectprologue in cfgexpand.c and stackprotectepilogue in function.c in GNU Compiler Collection GCC 4.1 through 8 under certain circumstances generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the...
CVE-2018-12886
CVE-2018-12886: In GCC 4.1–8, on ARM targets, stack_protect_prologue/epilogue may spill the stack-protector guard address, enabling an attacker to bypass -fstack-protector families by controlling what the canary is compared against. Impact is stack overflow protection bypass; no exploitation deta...
GNU Compiler Collection Security Bypass Vulnerability
The GNU Compiler Collection GCC is an open source compiler for programming languages from the GNU Project. A security vulnerability exists in GNU GCC versions 4.1 through 8. An attacker could exploit the vulnerability to bypass security protections...
CentOS Update for kernel CESA-2019:0415 centos6
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
EulerOS Virtualization 2.5.0 : gcc (EulerOS-SA-2018-1331)
According to the versions of the gcc packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The gcc package contains the GNU Compiler Collection version 4.8.You'll need this package in order to compile C code. - Security...
Important: Red Hat Security Advisory: kernel security and bug fix update
An update for kernel is now available for Red Hat Enterprise Linux 7.3 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
Security Bulletin: IBM QRadar Network Security is affected by a GNU Compiler Collection (GCC) vulnerability
Summary IBM QRadar Network Security has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2017-11671 DESCRIPTION: GNU Compiler Collection GCC could provide weaker than expected security, caused by a flaw in the ix86expandbuiltin function in i386.c. A remote attacker could...
Security Bulletin: A vulnerability in gcc affects PowerKVM
Summary PowerKVM is affected by a vulnerability in the GNU Compiler Collection GCC. IBM has now addressed this vulnerability. Vulnerability Details CVEID: CVE-2017-11671 DESCRIPTION: GNU Compiler Collection GCC could provide weaker than expected security, caused by a flaw in the ix86expandbuiltin...
EulerOS 2.0 SP3 : gcc (EulerOS-SA-2018-1174)
According to the versions of the gcc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The gcc package contains the GNU Compiler Collection version 4.8.You'll need this package in order to compile C code. - Security fixes: - Under...
DEBIAN-CVE-2018-11319
Syntastic aka vim-syntastic through 3.9.0 does not properly handle searches for configuration files it searches the current directory up to potentially the root. This improper handling might be exploited for arbitrary code execution via a malicious gcc plugin, if an attacker has write access to a...
Moderate: Red Hat Security Advisory: kernel security and bug fix update
An update for kernel is now available for Red Hat Enterprise Linux 6.5 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
EulerOS 2.0 SP2 : gcc (EulerOS-SA-2018-1116)
According to the versions of the gcc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The gcc package contains the GNU Compiler Collection version 4.8.You'll need this package in order to compile C code. - Security fixes: - Under...