vulnerability
Huawei EulerOS: CVE-2018-12886: gcc security update
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
7 | (AV:N/AC:M/Au:N/C:P/I:P/A:P) | May 22, 2019 | Aug 28, 2019 | Aug 28, 2019 |
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
May 22, 2019
Added
Aug 28, 2019
Modified
Aug 28, 2019
Description
stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.
Solution(s)
huawei-euleros-2_0_sp8-upgrade-cpphuawei-euleros-2_0_sp8-upgrade-gcchuawei-euleros-2_0_sp8-upgrade-gcc-c++huawei-euleros-2_0_sp8-upgrade-gcc-gfortranhuawei-euleros-2_0_sp8-upgrade-gcc-objchuawei-euleros-2_0_sp8-upgrade-gcc-objc++huawei-euleros-2_0_sp8-upgrade-libasanhuawei-euleros-2_0_sp8-upgrade-libatomichuawei-euleros-2_0_sp8-upgrade-libatomic-statichuawei-euleros-2_0_sp8-upgrade-libgcchuawei-euleros-2_0_sp8-upgrade-libgfortranhuawei-euleros-2_0_sp8-upgrade-libgomphuawei-euleros-2_0_sp8-upgrade-libitmhuawei-euleros-2_0_sp8-upgrade-libitm-develhuawei-euleros-2_0_sp8-upgrade-libobjchuawei-euleros-2_0_sp8-upgrade-libstdc++huawei-euleros-2_0_sp8-upgrade-libstdc++-devel

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.