173 matches found
The vulnerabilities of the `stack_protect_prologue` and `stack_protect_epilogue` functions in the GNU Compiler Collection (GCC) for various programming languages allow attackers to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerabilities of functions stackprotectprologue cfgexpand.c and stackprotectepilogue function.c are related to information leakage in error messages. Exploiting these vulnerabilities can allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected...
SUSE CVE-2002-2439
Integer overflow in the new operator in gcc before 4.8.0 allows attackers to have unspecified impacts...
SUSE CVE-2008-1367
gcc 4.3.x does not generate a cld instruction while compiling functions used for string manipulation such as memcpy and memmove on x86 and i386, which can prevent the direction flag DF from being reset in violation of ABI conventions and cause data to be copied in the wrong direction during signa...
SUSE CVE-2015-5276
The std::randomdevice class in libstdc++ in the GNU Compiler Collection aka GCC before 4.9.4 does not properly handle short reads from blocking sources, which makes it easier for context-dependent attackers to predict the random values via unspecified vectors...
SUSE CVE-2017-11671
Under certain circumstances, the ix86expandbuiltin function in i386.c in GNU Compiler Collection GCC version 4.6, 4.7, 4.8, 4.9, 5 before 5.5, and 6 before 6.4 will generate instruction sequences that clobber the status flag of the RDRAND and RDSEED intrinsics before it can be read, potentially...
SUSE CVE-2018-12886
stackprotectprologue in cfgexpand.c and stackprotectepilogue in function.c in GNU Compiler Collection GCC 4.1 through 8 under certain circumstances generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the...
SUSE CVE-2019-15847
The POWER9 backend in GNU Compiler Collection GCC before version 10 could optimize multiple calls of the builtindarn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single...
SUSE CVE-2021-37322
GCC c++filt v2.26 was discovered to contain a use-after-free vulnerability via the component cplus-dem.c...
SUSE CVE-2022-27943
libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangleconst, as demonstrated by nm-new...
USN-5770-1: GCC vulnerability
Todd Eisenberger discovered that certain versions of GNU Compiler Collection GCC could be made to clobber the status flag of RDRAND and RDSEED with specially crafted input. This could potentially lead to less randomness in random number generation...
USN-5770-1 gcc-5, gccgo-6 vulnerability
Todd Eisenberger discovered that certain versions of GNU Compiler Collection GCC could be made to clobber the status flag of RDRAND and RDSEED with specially crafted input. This could potentially lead to less randomness in random number generation...
Ubuntu 16.04 ESM : GCC vulnerability (USN-5770-1)
The remote Ubuntu 16.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-5770-1 advisory. Todd Eisenberger discovered that certain versions of GNU Compiler Collection GCC could be made to clobber the status flag of RDRAND and RDSEED with specially...
gcc: uncontrolled recursion in libiberty/rust-demangle.c
A flaw was discovered in the GNU libiberty library within the demanglepath function in rust-demangle.c, as distributed in the GNU Compiler Collection GCC. This flaw allows a crafted symbol to cause stack memory to be exhausted, leading to a crash...
Gcc 安全漏洞
GCC is a collection of GNU compilers. It is mainly used to compile the C and C++ languages. A security vulnerability exists in Gcc. An attacker has exploited this vulnerability to cause g++ to crash during compilation via a specially crafted input source file...
PT-2022-8940 · Gnu · Gcc
Name of the Vulnerable Software and Affected Versions: gcc affected versions not specified Description: A crafted input source file could cause g++ to crash during compilation when provided certain optimization flags. The issue is related to the ipcp store vr results function in gcc/ipa-cp.c...
GCC 安全漏洞
GCC is a collection of GNU compilers. It is primarily used to compile the C and C++ languages. A security vulnerability exists in GCC, which stems from an internal compiler error in the matchreload function in lra-constraints.c that causes the input file to crash...
NewStart CGSL CORE 5.04 / MAIN 5.04 : gcc Multiple Vulnerabilities (NS-SA-2022-0019)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has gcc packages installed that are affected by multiple vulnerabilities: - Multiple integer overflows in libgfortran might allow remote attackers to execute arbitrary code or cause a denial of service Fortran application crash...
GNU GCC 资源管理错误漏洞
Gcc is a collection of Gnu compilers. It is mainly used to compile the C and C++ languages. A security vulnerability exists in GNU GCC 11.2, which stems from a stack overflow in nm-new that can be triggered by an attacker via a crafted elf file...
Fedora: Security Advisory for gcc (FEDORA-2022-42ea499a7d)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 36 Update: gcc-12.0.1-0.12.fc36
The gcc package contains the GNU Compiler Collection version 12. You'll need this package in order to compile C code...