173 matches found
Important: Red Hat Security Advisory: kernel security and bug fix update
An update for kernel is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support, Red Hat Enterprise Linux 7.2 Telco Extended Update Support, and Red Hat Enterprise Linux 7.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impac...
gcc: GCC generates incorrect code for RDRAND/RDSEED intrinsics
Under certain circumstances, the ix86expandbuiltin function in i386.c in GNU Compiler Collection GCC version 4.6, 4.7, 4.8, 4.9, 5 before 5.5, and 6 before 6.4 will generate instruction sequences that clobber the status flag of the RDRAND and RDSEED intrinsics before it can be read, potentially...
libgfortran Integer Overflow Vulnerability
libgfortran is a Fortran compilation library developed for GCC GNU Compiler Collection. An integer overflow vulnerability exists in libgfortran. A remote attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service Fortran application crash...
[SECURITY] Fedora 25 Update: gcc-6.4.1-1.fc25
The gcc package contains the GNU Compiler Collection version 6. You'll need this package in order to compile C code...
GNU GCC Insecure Random Number Generator Vulnerability
GNU gcc GNU Compiler Collection is an open source compiler for programming languages developed by the GNU Project. An insecure random number generator vulnerability exists in GNU GCC. An attacker could exploit the vulnerability to gain access to perform certain unauthorized operations...
CVE-2017-11671
Under certain circumstances, the ix86expandbuiltin function in i386.c in GNU Compiler Collection GCC version 4.6, 4.7, 4.8, 4.9, 5 before 5.5, and 6 before 6.4 will generate instruction sequences that clobber the status flag of the RDRAND and RDSEED intrinsics before it can be read, potentially...
UBUNTU-CVE-2017-11671
Under certain circumstances, the ix86expandbuiltin function in i386.c in GNU Compiler Collection GCC version 4.6, 4.7, 4.8, 4.9, 5 before 5.5, and 6 before 6.4 will generate instruction sequences that clobber the status flag of the RDRAND and RDSEED intrinsics before it can be read, potentially...
CVE-2017-11671
CVE-2017-11671 affects GCC: the ix86_expand_builtin path in i386.c can generate RDRAND/RDSEED instruction sequences that clobber the status flag before being read, potentially causing reduced randomness. Documented in GCC bug reports and affected across GCC 4.6–4.9, 5 before 5.5, and 6 before 6.4...
UBUNTU-CVE-2016-4973
Binaries compiled against targets that use the libssp library in GCC for stack smashing protection SSP might allow local users to perform buffer overflow attacks by leveraging lack of the Object Size Checking feature...
CVE-2016-7042
The prockeysshow function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection gcc stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allows local users to cause a denial of service stack memory corruption and panic by...
DEBIAN-CVE-2016-7042
The prockeysshow function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection gcc stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allows local users to cause a denial of service stack memory corruption and panic by...
Memory corruption
The prockeysshow function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection gcc stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allows local users to cause a denial of service stack memory corruption and panic by...
CVE-2016-7042
The prockeysshow function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection gcc stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allows local users to cause a denial of service stack memory corruption and panic by...
GNU gcc Local Security Bypass Vulnerability
GNU gcc GNU Compiler Collection is an open source compiler for programming languages developed by the GNU Project. A local security bypass vulnerability exists in GNU gcc, which can be exploited by attackers to bypass security restrictions and perform unauthorized operations...
GNU gcc Stack Buffer Overflow Vulnerability
GNU gcc GNU Compiler Collection is an open source compiler for programming languages developed by the GNU Project. A stack buffer overflow vulnerability exists in the libiberty demangler library of GNU gcc. An attacker could exploit this vulnerability to crash the host application, causing stack...
GNU gcc Integer Overflow Vulnerability
GNU gcc GNU Compiler Collection is an open source compiler for programming languages developed by the GNU Project. An integer overflow vulnerability exists in GNU gcc, which stems from inconsistent use of the long and int types for string/array lengths in the cp-demangle.c file. An attacker can...
GNU gcc memory misreference vulnerability (CNVD-2016-03093)
GNU gcc GNU Compiler Collection is an open source compiler for programming languages developed by the GNU Project. A memory misreference vulnerability exists in GNU gcc. An attacker can exploit the vulnerability to cause invalid writes with the help of the 'btypevec' parameter...
GNU gcc Denial of Service Vulnerability
GNU gcc GNU Compiler Collection is an open source compiler for programming languages developed by the GNU Project. A security vulnerability exists in the libiberty demangler library of GNU gcc. An attacker could exploit the vulnerability to read array index values in mangled strings, crashing the...
GNU gcc integer overflow vulnerability (CNVD-2016-03094)
GNU gcc GNU Compiler Collection is an open source compiler for programming languages developed by the GNU Project. An integer overflow vulnerability exists in the 'gnuspecial' method of GNU gcc. An attacker could exploit this vulnerability to cause an invalid write...
GNU gcc integer overflow vulnerability (CNVD-2016-03095)
GNU gcc GNU Compiler Collection is an open source compiler for programming languages developed by the GNU Project. An integer overflow vulnerability exists in GNU gcc, which arises from a program's failure to properly handle data of type signed int. An attacker could exploit this vulnerability to...