173 matches found
RHSA-2025:1346 Red Hat Security Advisory: gcc security update
Bulletin has no description...
RHSA-2025:1308 Red Hat Security Advisory: gcc security update
Bulletin has no description...
Moderate: Red Hat Security Advisory: gcc-toolset-14-gcc security update
An update for gcc-toolset-14-gcc is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
OESA-2025-1042 gcc security update
The gcc package contains the GNU Compiler Collection version 12. You'll need this package in order to compile C code. Security Fixes: DISPUTEDA failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an existing buffer overflow in...
AZL-51681 CVE-2024-50383 affecting package botan2 2.14.0-2
Botan before 3.6.0, when certain GCC versions are used, has a compiler-induced secret-dependent operation in lib/utils/donna128.h in donna128 used in Chacha-Poly1305 and x25519. An addition can be skipped if a carry is not set. This was observed for GCC 11.3.0 with -O2 on MIPS, and GCC on x86-i38...
Malicious code in gcc-patch (npm)
--- -= Per source details. Do not edit below this line.=-...
SUSE CVE-2024-35917
In the Linux kernel, the following vulnerability has been resolved: s390/bpf: Fix bpfplt pointer arithmetic Kui-Feng Lee reported a crash on s390x triggered by the dummystops/dummyinitptrarg test 1: 0x2 bpfstructopstestrun+0x156/0x250 sysbpf+0xa1a/0xd00 s390xsysbpf+0x44/0x50 dosyscall+0x244/0x300...
The vulnerability in the compilation of compilers for various programming languages in the GNU Compiler Collection (GCC) relates to the incorrect handling of the sum of a pointer and an integer. This vulnerability allows an attacker to trigger a service failure or cause other adverse effects.
The vulnerability in the compiler set for various programming languages in the GNU Compiler Collection GCC relates to the incorrect handling of the sum of a pointer and an integer, when the sum is greater than or equal to the pointer, without using transformations. This can lead to the...
kernel: Executable Space Protection Bypass
A vulnerability was found in the Linux kernel when certain binary files have the exec-all attribute with gcc. This issue can cause the execution of bytes located in the non-executable regions of a file...
OESA-2023-1735 gcc security update
The gcc package contains the GNU Compiler Collection version 10. You'll need this package in order to compile C code. Security Fixes: A failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an existing buffer overflow in dynamically-siz...
PT-2023-9765 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a format-overflow warning in the f2fs component of the Linux kernel. The warning occurs when using the gcc compiler with the W=1 option. The problem is in the...
The vulnerability of the stack protection function in the GNU Compiler Collection (GCC), various programming languages, allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the stack protection function in the GNU Compiler Collection GCC for various programming languages is related to a violation of the data protection mechanism. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of t...
GCC's-fstack-protector fails to guard dynamically-sized local variables on AArch64
...
AZL-28769 CVE-2023-4039 affecting package gcc for versions less than 11.2.0-6
DISPUTEDA failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an existing buffer overflow in dynamically-sized local variables in your application without this being detected. This stack-protector failure only applies to C99-style...
GCC Security Vulnerabilities
GCC is a collection of GNU compilers. It is primarily used to compile the C and C++ languages. A security vulnerability exists in GCC, which stems from the presence of a buffer overflow that could lead to an uncontrolled loss of availability or further compromise confidentiality or integrity...
PT-2023-5294
Name of the Vulnerable Software and Affected Versions GCC versions prior to the fixed version Description A failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an existing buffer overflow in dynamically-sized local variables in an...
Oracle Linux 8 : gcc (ELSA-2020-1864)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-1864 advisory. - CVE-2018-12207 / Intel SKX102 OL8 gcc: Intel Mitigation for CVE: CVE-2018-12207 Tenable has extracted the preceding description block directly from the Oracle...
AZL-27123 CVE-2023-29405 affecting package msft-golang for versions less than 1.20.7-1
The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "cgo LDFLAGS" directive. Flags containing...
UBUNTU-CVE-2023-29405
The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "cgo LDFLAGS" directive. Flags containing...
kernel: Executable Space Protection Bypass
A vulnerability was found in the Linux kernel when certain binary files have the exec-all attribute with gcc. This issue can cause the execution of bytes located in the non-executable regions of a file...