CVE-2023-4039 – GCC's-fstack-protector fails to guard dynamically-sized local variables on AArch64
https://notcve.org/view.php?id=CVE-2023-4039
**DISPUTED**A failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an existing buffer overflow in dynamically-sized local variables in your application without this being detected. This stack-protector failure only applies to C99-style dynamically-sized local variables or those created using alloca(). The stack-protector operates as intended for statically-sized local variables. The default behavior when the stack-protector detects an overflow is to terminate your application, resulting in controlled loss of availability. An attacker who can exploit a buffer overflow without triggering the stack-protector might be able to change program flow control to cause an uncontrolled loss of availability or to go further and affect confidentiality or integrity. NOTE: The GCC project argues that this is a missed hardening bug and not a vulnerability by itself. • https://developer.arm.com/Arm%20Security%20Center/GCC%20Stack%20Protector%20Vulnerability%20AArch64 https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-x7ch-h5rf-w2mf • CWE-693: Protection Mechanism Failure •
CVE-2021-3826 – libiberty: Heap/stack buffer overflow in the dlang_lname function in d-demangle.c
https://notcve.org/view.php?id=CVE-2021-3826
Heap/stack buffer overflow in the dlang_lname function in d-demangle.c in libiberty allows attackers to potentially cause a denial of service (segmentation fault and crash) via a crafted mangled symbol. Un desbordamiento del búfer de la pila en la función dlang_lname en el archivo d-demangle.c en libiberty permite a atacantes causar potencialmente una denegación de servicio (fallo de segmentación y caída) por medio de un símbolo mangled diseñado A vulnerability was found in Libiberty. A heap and stack buffer overflow found in the dlang_lname function in d-demangle.c leads to a denial of service. • https://gcc.gnu.org/git/?p=gcc.git%3Ba=commit%3Bh=5481040197402be6dfee265bd2ff5a4c88e30505 https://gcc.gnu.org/pipermail/gcc-patches/2021-September/579987 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4MYLS3VR4OPL5ECRWOR4ZHMGXUSCJFZY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6AKZ2DTS3ATVN5PANNVLKLE5OP4OF25Q https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7MTEHT3G6YKJ7F7MSGWYSI4UM3XBAYXZ https://lists.fedo • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVE-2022-27943
https://notcve.org/view.php?id=CVE-2022-27943
libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangle_const, as demonstrated by nm-new. El archivo libiberty/rust-demangle.c en GNU GCC versión 11.2, permite un consumo de pila en demangle_const, como lo demuestra nm-new • https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105039 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H424YXGW7OKXS2NCAP35OP6Y4P4AW6VG https://sourceware.org/bugzilla/show_bug.cgi?id=28995 • CWE-674: Uncontrolled Recursion •
CVE-2021-46195 – gcc: uncontrolled recursion in libiberty/rust-demangle.c
https://notcve.org/view.php?id=CVE-2021-46195
GCC v12.0 was discovered to contain an uncontrolled recursion via the component libiberty/rust-demangle.c. This vulnerability allows attackers to cause a Denial of Service (DoS) by consuming excessive CPU and memory resources. Se ha detectado que GCC versión v12.0, contiene una recursión no controlada por medio del componente libiberty/rust-demangle.c. Esta vulnerabilidad permite a atacantes causar una denegación de servicio (DoS) al consumir excesivos recursos de CPU y memoria A flaw was discovered in the GNU libiberty library within the demangle_path() function in rust-demangle.c, as distributed in the GNU Compiler Collection (GCC). This flaw allows a crafted symbol to cause stack memory to be exhausted, leading to a crash. • https://gcc.gnu.org/bugzilla/show_bug.cgi?id=103841 https://access.redhat.com/security/cve/CVE-2021-46195 https://bugzilla.redhat.com/show_bug.cgi?id=2046300 • CWE-674: Uncontrolled Recursion •
CVE-2021-37322
https://notcve.org/view.php?id=CVE-2021-37322
GCC c++filt v2.26 was discovered to contain a use-after-free vulnerability via the component cplus-dem.c. Se ha detectado que GCC c++filt versión v2.26 contiene una vulnerabilidad de uso de memoria previamente liberada por medio del componente cplus-dem.c. • https://gcc.gnu.org/bugzilla/show_bug.cgi?id=99188 • CWE-416: Use After Free •