CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 2CVE-2023-4039 – GCC's-fstack-protector fails to guard dynamically-sized local variables on AArch64
https://notcve.org/view.php?id=CVE-2023-4039
13 Sep 2023 — **DISPUTED**A failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an existing buffer overflow in dynamically-sized local variables in your application without this being detected. This stack-protector failure only applies to C99-style dynamically-sized local variables or those created using alloca(). The stack-protector operates as intended for statically-sized local variables. The default behavior when the stack-protector detects an overflow is... • https://developer.arm.com/Arm%20Security%20Center/GCC%20Stack%20Protector%20Vulnerability%20AArch64 • CWE-693: Protection Mechanism Failure •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2021-37322
https://notcve.org/view.php?id=CVE-2021-37322
18 Nov 2021 — GCC c++filt v2.26 was discovered to contain a use-after-free vulnerability via the component cplus-dem.c. Se ha detectado que GCC c++filt versión v2.26 contiene una vulnerabilidad de uso de memoria previamente liberada por medio del componente cplus-dem.c. • https://gcc.gnu.org/bugzilla/show_bug.cgi?id=99188 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2002-2439
https://notcve.org/view.php?id=CVE-2002-2439
23 Oct 2019 — Integer overflow in the new[] operator in gcc before 4.8.0 allows attackers to have unspecified impacts. Un desbordamiento de enteros en el operador new[] en gcc versiones anteriores a 4.8.0, permite a atacantes tener impactos no especificados. • https://access.redhat.com/security/cve/cve-2002-2439 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2019-15847 – gcc: POWER9 "DARN" RNG intrinsic produces repeated output
https://notcve.org/view.php?id=CVE-2019-15847
02 Sep 2019 — The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same. El backend POWER9 en GNU Compiler Collection (GCC) en versiones anteriores a la 10 podría optimizar múltiples llamadas de __buil... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html • CWE-331: Insufficient Entropy •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 1CVE-2018-12886
https://notcve.org/view.php?id=CVE-2018-12886
22 May 2019 — stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against. stack_protec... • https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&view=markup • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 5.6EPSS: 0%CPEs: 13EXPL: 0CVE-2017-11671 – gcc: GCC generates incorrect code for RDRAND/RDSEED intrinsics
https://notcve.org/view.php?id=CVE-2017-11671
26 Jul 2017 — Under certain circumstances, the ix86_expand_builtin function in i386.c in GNU Compiler Collection (GCC) version 4.6, 4.7, 4.8, 4.9, 5 before 5.5, and 6 before 6.4 will generate instruction sequences that clobber the status flag of the RDRAND and RDSEED intrinsics before it can be read, potentially causing failures of these instructions to go unreported. This could potentially lead to less randomness in random number generation. Bajo ciertas circunstancias, la función ix86_expand_builtin en el archivo i386.... • http://openwall.com/lists/oss-security/2017/07/27/2 • CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2015-5276
https://notcve.org/view.php?id=CVE-2015-5276
17 Nov 2015 — The std::random_device class in libstdc++ in the GNU Compiler Collection (aka GCC) before 4.9.4 does not properly handle short reads from blocking sources, which makes it easier for context-dependent attackers to predict the random values via unspecified vectors. La clase std::random_device en libstdc++ en el GNU Compiler Collection (también conocido como GCC) en versiones anteriores a 4.9.4 no maneja adecuadamente lecturas cortas desde fuentes bloqueadas, lo que hace mas fácil para atacantes dependientes d... • http://lists.opensuse.org/opensuse-updates/2015-11/msg00054.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 8EXPL: 0CVE-2013-4598
https://notcve.org/view.php?id=CVE-2013-4598
27 May 2014 — The Groups, Communities and Co (GCC) module 7.x-1.x before 7.x-1.1 for Drupal does not properly check permission, which allows remote attackers to access the configuration pages via unspecified vectors. El módulo Groups, Communities And Co (GCC) 7.x-1.x anterior a 7.x-1.1 para Drupal no comprueba debidamente permiso, lo que permite a atacantes remotos acceder a las páginas de configuración a través de vectores no especificados. • http://secunia.com/advisories/55651 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0CVE-2008-1685
https://notcve.org/view.php?id=CVE-2008-1685
06 Apr 2008 — gcc 4.2.0 through 4.3.0 in GNU Compiler Collection, when casts are not used, considers the sum of a pointer and an int to be greater than or equal to the pointer, which might lead to removal of length testing code that was intended as a protection mechanism against integer overflow and buffer overflow attacks, and provide no diagnostic message about this removal. NOTE: the vendor has determined that this compiler behavior is correct according to section 6.5.6 of the C99 standard (aka ISO/IEC 9899:1999) ** D... • http://gcc.gnu.org/bugzilla/show_bug.cgi?id=26763 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-189: Numeric Errors •
CVSS: 9.1EPSS: 3%CPEs: 1EXPL: 1CVE-2008-1367 – Kernel doesn't clear DF for signal handlers
https://notcve.org/view.php?id=CVE-2008-1367
17 Mar 2008 — gcc 4.3.x does not generate a cld instruction while compiling functions used for string manipulation such as memcpy and memmove on x86 and i386, which can prevent the direction flag (DF) from being reset in violation of ABI conventions and cause data to be copied in the wrong direction during signal handling in the Linux kernel, which might allow context-dependent attackers to trigger memory corruption. NOTE: this issue was originally reported for CPU consumption in SBCL. gcc 4.3.x no genera una instrucción... • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469058 • CWE-399: Resource Management Errors •