Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

SUSE: 2023:3662-1 Important: Gcc7 Stack Protector Security Update

suse
Calendar Grey February 27, 2024
Dist Suse Esm H88
A significant gcc7 security patch for Fedora introduces numerous corrections, tackling various vulnerabilities, and improving overall system integrity.
* bsc#1071995 * bsc#1084842 * bsc#1114592 * bsc#1124644 * bsc#1128794

Summary

## This update for gcc7 fixes the following issues: Security issues fixed: * CVE-2023-4039: Fixed incorrect stack protector for C99 VLAs on Aarch64 (bsc#1214052). * CVE-2019-15847: Fixed POWER9 DARN miscompilation. (bsc#1149145) * CVE-2019-14250: Includes fix for LTO linker plugin heap overflow. (bsc#1142649) Update to GCC 7.5.0 release. Other changes: * Fixed KASAN kernel compile. (bsc#1205145) * Fixed ICE with C++17 code. (bsc#1204505) * Fixed altivec.h redefining bool in C++ which makes bool unusable (bsc#1195517): * Adjust gnats idea of the target, fixing the build of gprbuild. [bsc#1196861] * Do not handle exceptions in std::thread (jsc#CAR-1182) * add -fpatchable-function-entry feature to gcc-7. * Fixed glibc namespace violation with getauxval. (bsc#1167939)

Topics%20covered

Topics Covered

security advisory SUSE important fix gcc7 stack protector

References

* bsc#1071995

* bsc#1084842

* bsc#1114592

* bsc#1124644

* bsc#1128794

* bsc#1129389

* bsc#1131264

* bsc#1141897

* bsc#1142649

* bsc#1146475

* bsc#1148517

* bsc#1149145

* bsc#1150164

* bsc#1160086

* bsc#1161913

* bsc#1167939

* bsc#1172798

* bsc#1178577

* bsc#1178614

* bsc#1178624

* bsc#1178675

* bsc#1181618

* bsc#1195517

* bsc#1196861

* bsc#1204505

* bsc#1205145

* bsc#1214052

* jsc#SLE-12209

* jsc#SLE-6738

Cross-

* CVE-2019-14250

* CVE-2019-15847

* CVE-2020-13844

* CVE-2023-4039

CVSS scores:

* CVE-2019-14250 ( SUSE ): 5.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

* CVE-2019-14250 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

* CVE-2019-14250 ( NVD ): 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2023:3662-1
Rating: important

Topics%20covered

Topics Covered

security advisory SUSE important fix gcc7 stack protector

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here