vulnerability
SUSE: CVE-2023-4039: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:N/AC:M/Au:N/C:P/I:P/A:N) | 2023-09-13 | 2023-09-19 | 2025-01-28 |
Severity
6
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:N)
Published
2023-09-13
Added
2023-09-19
Modified
2025-01-28
Description
**DISPUTED**A failure in the -fstack-protector feature in GCC-based toolchains
that target AArch64 allows an attacker to exploit an existing buffer
overflow in dynamically-sized local variables in your application
without this being detected. This stack-protector failure only applies
to C99-style dynamically-sized local variables or those created using
alloca(). The stack-protector operates as intended for statically-sized
local variables.
The default behavior when the stack-protector
detects an overflow is to terminate your application, resulting in
controlled loss of availability. An attacker who can exploit a buffer
overflow without triggering the stack-protector might be able to change
program flow control to cause an uncontrolled loss of availability or to
go further and affect confidentiality or integrity. NOTE: The GCC project argues that this is a missed hardening bug and not a vulnerability by itself.
Solution(s)
suse-upgrade-cpp12suse-upgrade-cpp13suse-upgrade-cpp7suse-upgrade-cross-aarch64-gcc12-bootstrapsuse-upgrade-cross-aarch64-gcc7suse-upgrade-cross-aarch64-gcc7-icecream-backendsuse-upgrade-cross-arm-gcc12suse-upgrade-cross-arm-gcc12-icecream-backendsuse-upgrade-cross-arm-gcc7suse-upgrade-cross-arm-none-gcc12-bootstrapsuse-upgrade-cross-arm-none-gcc7-bootstrapsuse-upgrade-cross-avr-gcc12-bootstrapsuse-upgrade-cross-avr-gcc7-bootstrapsuse-upgrade-cross-epiphany-gcc12-bootstrapsuse-upgrade-cross-epiphany-gcc7-bootstrapsuse-upgrade-cross-hppa-gcc12suse-upgrade-cross-hppa-gcc12-bootstrapsuse-upgrade-cross-hppa-gcc12-icecream-backendsuse-upgrade-cross-hppa-gcc7suse-upgrade-cross-hppa-gcc7-icecream-backendsuse-upgrade-cross-i386-gcc7suse-upgrade-cross-i386-gcc7-icecream-backendsuse-upgrade-cross-m68k-gcc12suse-upgrade-cross-m68k-gcc12-icecream-backendsuse-upgrade-cross-m68k-gcc7suse-upgrade-cross-m68k-gcc7-icecream-backendsuse-upgrade-cross-mips-gcc12suse-upgrade-cross-mips-gcc12-icecream-backendsuse-upgrade-cross-mips-gcc7suse-upgrade-cross-mips-gcc7-icecream-backendsuse-upgrade-cross-nvptx-gcc12suse-upgrade-cross-nvptx-gcc13suse-upgrade-cross-nvptx-gcc7suse-upgrade-cross-nvptx-newlib12-develsuse-upgrade-cross-nvptx-newlib13-develsuse-upgrade-cross-nvptx-newlib7-develsuse-upgrade-cross-ppc64-gcc12suse-upgrade-cross-ppc64-gcc12-icecream-backendsuse-upgrade-cross-ppc64-gcc7suse-upgrade-cross-ppc64-gcc7-icecream-backendsuse-upgrade-cross-ppc64le-gcc12suse-upgrade-cross-ppc64le-gcc12-icecream-backendsuse-upgrade-cross-ppc64le-gcc7suse-upgrade-cross-ppc64le-gcc7-icecream-backendsuse-upgrade-cross-riscv64-elf-gcc12-bootstrapsuse-upgrade-cross-riscv64-gcc12-bootstrapsuse-upgrade-cross-rx-gcc12-bootstrapsuse-upgrade-cross-rx-gcc7-bootstrapsuse-upgrade-cross-s390x-gcc12suse-upgrade-cross-s390x-gcc12-icecream-backendsuse-upgrade-cross-s390x-gcc7suse-upgrade-cross-s390x-gcc7-icecream-backendsuse-upgrade-cross-sparc-gcc12suse-upgrade-cross-sparc-gcc7suse-upgrade-cross-sparc64-gcc12suse-upgrade-cross-sparc64-gcc12-icecream-backendsuse-upgrade-cross-sparc64-gcc7suse-upgrade-cross-sparc64-gcc7-icecream-backendsuse-upgrade-cross-sparcv9-gcc12-icecream-backendsuse-upgrade-cross-sparcv9-gcc7-icecream-backendsuse-upgrade-cross-x86_64-gcc12suse-upgrade-cross-x86_64-gcc12-icecream-backendsuse-upgrade-cross-x86_64-gcc7suse-upgrade-cross-x86_64-gcc7-icecream-backendsuse-upgrade-gcc12suse-upgrade-gcc12-32bitsuse-upgrade-gcc12-adasuse-upgrade-gcc12-ada-32bitsuse-upgrade-gcc12-csuse-upgrade-gcc12-c-32bitsuse-upgrade-gcc12-dsuse-upgrade-gcc12-d-32bitsuse-upgrade-gcc12-fortransuse-upgrade-gcc12-fortran-32bitsuse-upgrade-gcc12-gosuse-upgrade-gcc12-go-32bitsuse-upgrade-gcc12-infosuse-upgrade-gcc12-localesuse-upgrade-gcc12-obj-csuse-upgrade-gcc12-obj-c-32bitsuse-upgrade-gcc12-objcsuse-upgrade-gcc12-objc-32bitsuse-upgrade-gcc12-piesuse-upgrade-gcc12-testresultssuse-upgrade-gcc13suse-upgrade-gcc13-32bitsuse-upgrade-gcc13-adasuse-upgrade-gcc13-ada-32bitsuse-upgrade-gcc13-csuse-upgrade-gcc13-c-32bitsuse-upgrade-gcc13-dsuse-upgrade-gcc13-d-32bitsuse-upgrade-gcc13-fortransuse-upgrade-gcc13-fortran-32bitsuse-upgrade-gcc13-gosuse-upgrade-gcc13-go-32bitsuse-upgrade-gcc13-infosuse-upgrade-gcc13-localesuse-upgrade-gcc13-m2suse-upgrade-gcc13-m2-32bitsuse-upgrade-gcc13-obj-csuse-upgrade-gcc13-obj-c-32bitsuse-upgrade-gcc13-objcsuse-upgrade-gcc13-objc-32bitsuse-upgrade-gcc13-piesuse-upgrade-gcc7suse-upgrade-gcc7-32bitsuse-upgrade-gcc7-adasuse-upgrade-gcc7-ada-32bitsuse-upgrade-gcc7-csuse-upgrade-gcc7-c-32bitsuse-upgrade-gcc7-fortransuse-upgrade-gcc7-fortran-32bitsuse-upgrade-gcc7-gosuse-upgrade-gcc7-go-32bitsuse-upgrade-gcc7-infosuse-upgrade-gcc7-localesuse-upgrade-gcc7-obj-csuse-upgrade-gcc7-obj-c-32bitsuse-upgrade-gcc7-objcsuse-upgrade-gcc7-objc-32bitsuse-upgrade-gcc7-testresultssuse-upgrade-libada12suse-upgrade-libada12-32bitsuse-upgrade-libada13suse-upgrade-libada13-32bitsuse-upgrade-libada7suse-upgrade-libada7-32bitsuse-upgrade-libasan4suse-upgrade-libasan4-32bitsuse-upgrade-libasan8suse-upgrade-libasan8-32bitsuse-upgrade-libatomic1suse-upgrade-libatomic1-32bitsuse-upgrade-libatomic1-gcc7suse-upgrade-libatomic1-gcc7-32bitsuse-upgrade-libcilkrts5suse-upgrade-libcilkrts5-32bitsuse-upgrade-libgcc_s1suse-upgrade-libgcc_s1-32bitsuse-upgrade-libgcc_s1-gcc7suse-upgrade-libgcc_s1-gcc7-32bitsuse-upgrade-libgdruntime3suse-upgrade-libgdruntime3-32bitsuse-upgrade-libgdruntime4suse-upgrade-libgdruntime4-32bitsuse-upgrade-libgfortran4suse-upgrade-libgfortran4-32bitsuse-upgrade-libgfortran5suse-upgrade-libgfortran5-32bitsuse-upgrade-libgo11suse-upgrade-libgo11-32bitsuse-upgrade-libgo21suse-upgrade-libgo21-32bitsuse-upgrade-libgo22suse-upgrade-libgo22-32bitsuse-upgrade-libgomp1suse-upgrade-libgomp1-32bitsuse-upgrade-libgomp1-gcc7suse-upgrade-libgomp1-gcc7-32bitsuse-upgrade-libgphobos3suse-upgrade-libgphobos3-32bitsuse-upgrade-libgphobos4suse-upgrade-libgphobos4-32bitsuse-upgrade-libhwasan0suse-upgrade-libitm1suse-upgrade-libitm1-32bitsuse-upgrade-libitm1-gcc7suse-upgrade-libitm1-gcc7-32bitsuse-upgrade-liblsan0suse-upgrade-liblsan0-gcc7suse-upgrade-libm2cor18suse-upgrade-libm2cor18-32bitsuse-upgrade-libm2iso18suse-upgrade-libm2iso18-32bitsuse-upgrade-libm2log18suse-upgrade-libm2log18-32bitsuse-upgrade-libm2min18suse-upgrade-libm2min18-32bitsuse-upgrade-libm2pim18suse-upgrade-libm2pim18-32bitsuse-upgrade-libmpx2-gcc7suse-upgrade-libmpx2-gcc7-32bitsuse-upgrade-libmpxwrappers2-gcc7suse-upgrade-libmpxwrappers2-gcc7-32bitsuse-upgrade-libobjc4suse-upgrade-libobjc4-32bitsuse-upgrade-libobjc4-gcc7suse-upgrade-libobjc4-gcc7-32bitsuse-upgrade-libquadmath0suse-upgrade-libquadmath0-32bitsuse-upgrade-libquadmath0-gcc7suse-upgrade-libquadmath0-gcc7-32bitsuse-upgrade-libstdc-6suse-upgrade-libstdc-6-32bitsuse-upgrade-libstdc-6-devel-gcc12suse-upgrade-libstdc-6-devel-gcc12-32bitsuse-upgrade-libstdc-6-devel-gcc13suse-upgrade-libstdc-6-devel-gcc13-32bitsuse-upgrade-libstdc-6-devel-gcc7suse-upgrade-libstdc-6-devel-gcc7-32bitsuse-upgrade-libstdc-6-gcc7suse-upgrade-libstdc-6-gcc7-32bitsuse-upgrade-libstdc-6-gcc7-localesuse-upgrade-libstdc-6-localesuse-upgrade-libstdc-6-ppsuse-upgrade-libstdc-6-pp-32bitsuse-upgrade-libtsan0-gcc7suse-upgrade-libtsan2suse-upgrade-libubsan0suse-upgrade-libubsan0-32bitsuse-upgrade-libubsan1suse-upgrade-libubsan1-32bit
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.