CVE-2025-39704

CVE-2025-39704 relates to a Linux kernel issue for LoongArch KVM where send_ipi_data() may trigger a stack-protector based panic if kvm_io_bus_read() writes an 8-byte value regardless of the declared length. The root cause is a buffer handling mismatch in certain emulation paths (e.g., loongarch_...

CVE-2025-39704 LoongArch: KVM: Fix stack protector issue in send_ipi_data()

In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix stack protector issue in sendipidata Function kvmiobusread is called in function sendipidata, buffer size of parameter val should be at least 8 bytes. Since some emulation functions like loongarchipireadl and...

CVE-2025-39704 LoongArch: KVM: Fix stack protector issue in send_ipi_data()

In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix stack protector issue in sendipidata Function kvmiobusread is called in function sendipidata, buffer size of parameter val should be at least 8 bytes. Since some emulation functions like loongarchipireadl and...

Linux Distros Unpatched Vulnerability : CVE-2018-12886

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - stackprotectprologue in cfgexpand.c and stackprotectepilogue in function.c in GNU Compiler Collection GCC 4.1 through 8 under certain circumstances generate...

Ubuntu: Security Advisory (USN-7700-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-7700-1 gcc-10, gcc-11, gcc-12 vulnerability

It was discovered that the -fstack-protector hardening feature in GCC for AArch64 did not properly protect dynamically-sized local variables such as those created using C99 variable length arrays or alloca. As a result, an attacker who was able to trigger a buffer overflow in such cases could...

USN-7700-1: GCC vulnerability

It was discovered that the -fstack-protector hardening feature in GCC for AArch64 did not properly protect dynamically-sized local variables such as those created using C99 variable length arrays or alloca. As a result, an attacker who was able to trigger a buffer overflow in such cases could...

TencentOS Server 4: gcc (TSSA-2025:0132)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0132 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

Linux Distros Unpatched Vulnerability : CVE-2023-4039

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - DISPUTEDA failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an existing buffer overflow in...

OESA-2025-1042 gcc security update

The gcc package contains the GNU Compiler Collection version 12. You'll need this package in order to compile C code. Security Fixes: DISPUTEDA failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an existing buffer overflow in...

CVE-2024-42301

In the Linux kernel, the following vulnerability has been resolved: dev/parport: fix the array out-of-bounds risk Fixed array out-of-bounds issues caused by sprintf by replacing it with snprintf for safer data copying, ensuring the destination buffer is not overflowed. Below is the stack trace I...

EulerOS Virtualization 3.0.6.0 : gcc (EulerOS-SA-2024-1680)

According to the versions of the gcc packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - DISPUTEDA failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an...

EulerOS Virtualization 2.11.1 : gcc (EulerOS-SA-2024-1412)

According to the versions of the gcc packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - DISPUTEDA failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an...

Huawei EulerOS: Security Advisory for gcc (EulerOS-SA-2024-1412)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for gcc (EulerOS-SA-2024-1265)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP8 : gcc (EulerOS-SA-2024-1265)

According to the versions of the gcc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - DISPUTEDA failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an existing buffer...

openSUSE: Security Advisory for gcc12 (SUSE-SU-2023:3661-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-26586 mlxsw: spectrum_acl_tcam: Fix stack corruption

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumacltcam: Fix stack corruption When tc filters are first added to a net device, the corresponding local port gets bound to an ACL group in the device. The group contains a list of ACLs. In turn, each ACL points to a...

CVE-2024-26586 mlxsw: spectrum_acl_tcam: Fix stack corruption

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumacltcam: Fix stack corruption When tc filters are first added to a net device, the corresponding local port gets bound to an ACL group in the device. The group contains a list of ACLs. In turn, each ACL points to a...

CVE-2024-26586

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumacltcam: Fix stack corruption When tc filters are first added to a net device, the corresponding local port gets bound to an ACL group in the device. The group contains a list of ACLs. In turn, each ACL points to a...