跳转到帖子
官方通告:安全方向 - WEB渗透 /Windows & 安卓远控/ 逆向破解 /安全审计 /嵌入式开发联系 Telegram:@APTs37,或者点击此处查看详细介绍。收SHELL、出SHELL。劫持合作。

Oracle Linux: CVE-2023-4039: ELSA-2023-28766: cross-gcc security update (LOW) (Multiple Advisories)

ISHACK AI BOT
ISHACK AI BOT
?day POC 漏洞数据库

recommended_posts

发布于
  • Members

Oracle Linux: CVE-2023-4039: ELSA-2023-28766:cross-gcc security update (LOW) (Multiple Advisories)

Severity
1
CVSS
(AV:N/AC:H/Au:N/C:N/I:N/A:N)
Published
09/12/2023
Created
09/14/2023
Added
09/13/2023
Modified
01/07/2025

Description

**DISPUTED**A failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an existing buffer overflow in dynamically-sized local variables in your application without this being detected. This stack-protector failure only applies to C99-style dynamically-sized local variables or those created using alloca(). The stack-protector operates as intended for statically-sized local variables. The default behavior when the stack-protector detects an overflow is to terminate your application, resulting in controlled loss of availability. An attacker who can exploit a buffer overflow without triggering the stack-protector might be able to change program flow control to cause an uncontrolled loss of availability or to go further and affect confidentiality or integrity. NOTE: The GCC project argues that this is a missed hardening bug and not a vulnerability by itself. A vulnerability was found in GCC. The GCC's stack protection feature, enabled with the flag -fstack-protector, aims to detect buffer overflows in C/C++ function local variables that might allow an attacker to overwrite saved registers on the stack. If an attacker can modify saved register values, it may be possible for them to subvert program flow control. The feature operates by placing a canary value between local variables and saved registers on the stack on function entry and triggers an error handler on function exit if the canary value has been unexpectedly modified. When targeting AArch64, this feature did not protect the saved registers from overflows in C99-style dynamically-sized local variables and alloca() objects. Other local variables, including statically-sized local arrays, are not affected because of their different placement on the stack relative to saved registers.

Solution(s)

  • oracle-linux-upgrade-cpp
  • oracle-linux-upgrade-cross-gcc-common
  • oracle-linux-upgrade-gcc
  • oracle-linux-upgrade-gcc-aarch64-linux-gnu
  • oracle-linux-upgrade-gcc-alpha-linux-gnu
  • oracle-linux-upgrade-gcc-arc-linux-gnu
  • oracle-linux-upgrade-gcc-arm-linux-gnu
  • oracle-linux-upgrade-gcc-avr32-linux-gnu
  • oracle-linux-upgrade-gcc-bfin-linux-gnu
  • oracle-linux-upgrade-gcc-bpf-unknown-none
  • oracle-linux-upgrade-gcc-c
  • oracle-linux-upgrade-gcc-c6x-linux-gnu
  • oracle-linux-upgrade-gcc-c-aarch64-linux-gnu
  • oracle-linux-upgrade-gcc-c-alpha-linux-gnu
  • oracle-linux-upgrade-gcc-c-arc-linux-gnu
  • oracle-linux-upgrade-gcc-c-arm-linux-gnu
  • oracle-linux-upgrade-gcc-c-avr32-linux-gnu
  • oracle-linux-upgrade-gcc-c-bfin-linux-gnu
  • oracle-linux-upgrade-gcc-c-bpf-unknown-none
  • oracle-linux-upgrade-gcc-c-c6x-linux-gnu
  • oracle-linux-upgrade-gcc-c-frv-linux-gnu
  • oracle-linux-upgrade-gcc-c-h8300-linux-gnu
  • oracle-linux-upgrade-gcc-c-hppa64-linux-gnu
  • oracle-linux-upgrade-gcc-c-hppa-linux-gnu
  • oracle-linux-upgrade-gcc-c-ia64-linux-gnu
  • oracle-linux-upgrade-gcc-c-m68k-linux-gnu
  • oracle-linux-upgrade-gcc-c-microblaze-linux-gnu
  • oracle-linux-upgrade-gcc-c-mips64-linux-gnu
  • oracle-linux-upgrade-gcc-c-mn10300-linux-gnu
  • oracle-linux-upgrade-gcc-c-nios2-linux-gnu
  • oracle-linux-upgrade-gcc-c-openrisc-linux-gnu
  • oracle-linux-upgrade-gcc-c-powerpc64le-linux-gnu
  • oracle-linux-upgrade-gcc-c-powerpc64-linux-gnu
  • oracle-linux-upgrade-gcc-c-ppc64le-linux-gnu
  • oracle-linux-upgrade-gcc-c-ppc64-linux-gnu
  • oracle-linux-upgrade-gcc-c-riscv64-linux-gnu
  • oracle-linux-upgrade-gcc-c-s390x-linux-gnu
  • oracle-linux-upgrade-gcc-c-sparc64-linux-gnu
  • oracle-linux-upgrade-gcc-c-tile-linux-gnu
  • oracle-linux-upgrade-gcc-c-x86-64-linux-gnu
  • oracle-linux-upgrade-gcc-c-xtensa-linux-gnu
  • oracle-linux-upgrade-gcc-frv-linux-gnu
  • oracle-linux-upgrade-gcc-gdb-plugin
  • oracle-linux-upgrade-gcc-gfortran
  • oracle-linux-upgrade-gcc-h8300-linux-gnu
  • oracle-linux-upgrade-gcc-hppa64-linux-gnu
  • oracle-linux-upgrade-gcc-hppa-linux-gnu
  • oracle-linux-upgrade-gcc-ia64-linux-gnu
  • oracle-linux-upgrade-gcc-m68k-linux-gnu
  • oracle-linux-upgrade-gcc-microblaze-linux-gnu
  • oracle-linux-upgrade-gcc-mips64-linux-gnu
  • oracle-linux-upgrade-gcc-mn10300-linux-gnu
  • oracle-linux-upgrade-gcc-nios2-linux-gnu
  • oracle-linux-upgrade-gcc-offload-nvptx
  • oracle-linux-upgrade-gcc-openrisc-linux-gnu
  • oracle-linux-upgrade-gcc-plugin-annobin
  • oracle-linux-upgrade-gcc-plugin-devel
  • oracle-linux-upgrade-gcc-powerpc64le-linux-gnu
  • oracle-linux-upgrade-gcc-powerpc64-linux-gnu
  • oracle-linux-upgrade-gcc-ppc64le-linux-gnu
  • oracle-linux-upgrade-gcc-ppc64-linux-gnu
  • oracle-linux-upgrade-gcc-riscv64-linux-gnu
  • oracle-linux-upgrade-gcc-s390x-linux-gnu
  • oracle-linux-upgrade-gcc-sparc64-linux-gnu
  • oracle-linux-upgrade-gcc-tile-linux-gnu
  • oracle-linux-upgrade-gcc-toolset-11-gcc
  • oracle-linux-upgrade-gcc-toolset-11-gcc-c
  • oracle-linux-upgrade-gcc-toolset-11-gcc-gdb-plugin
  • oracle-linux-upgrade-gcc-toolset-11-gcc-gfortran
  • oracle-linux-upgrade-gcc-toolset-11-gcc-plugin-devel
  • oracle-linux-upgrade-gcc-toolset-11-libasan-devel
  • oracle-linux-upgrade-gcc-toolset-11-libatomic-devel
  • oracle-linux-upgrade-gcc-toolset-11-libgccjit
  • oracle-linux-upgrade-gcc-toolset-11-libgccjit-devel
  • oracle-linux-upgrade-gcc-toolset-11-libgccjit-docs
  • oracle-linux-upgrade-gcc-toolset-11-libitm-devel
  • oracle-linux-upgrade-gcc-toolset-11-liblsan-devel
  • oracle-linux-upgrade-gcc-toolset-11-libquadmath-devel
  • oracle-linux-upgrade-gcc-toolset-11-libstdc-devel
  • oracle-linux-upgrade-gcc-toolset-11-libstdc-docs
  • oracle-linux-upgrade-gcc-toolset-11-libtsan-devel
  • oracle-linux-upgrade-gcc-toolset-11-libubsan-devel
  • oracle-linux-upgrade-gcc-toolset-12-gcc
  • oracle-linux-upgrade-gcc-toolset-12-gcc-c
  • oracle-linux-upgrade-gcc-toolset-12-gcc-gfortran
  • oracle-linux-upgrade-gcc-toolset-12-gcc-plugin-annobin
  • oracle-linux-upgrade-gcc-toolset-12-gcc-plugin-devel
  • oracle-linux-upgrade-gcc-toolset-12-libasan-devel
  • oracle-linux-upgrade-gcc-toolset-12-libatomic-devel
  • oracle-linux-upgrade-gcc-toolset-12-libgccjit
  • oracle-linux-upgrade-gcc-toolset-12-libgccjit-devel
  • oracle-linux-upgrade-gcc-toolset-12-libgccjit-docs
  • oracle-linux-upgrade-gcc-toolset-12-libitm-devel
  • oracle-linux-upgrade-gcc-toolset-12-liblsan-devel
  • oracle-linux-upgrade-gcc-toolset-12-libquadmath-devel
  • oracle-linux-upgrade-gcc-toolset-12-libstdc-devel
  • oracle-linux-upgrade-gcc-toolset-12-libstdc-docs
  • oracle-linux-upgrade-gcc-toolset-12-libtsan-devel
  • oracle-linux-upgrade-gcc-toolset-12-libubsan-devel
  • oracle-linux-upgrade-gcc-toolset-12-offload-nvptx
  • oracle-linux-upgrade-gcc-x86-64-linux-gnu
  • oracle-linux-upgrade-gcc-xtensa-linux-gnu
  • oracle-linux-upgrade-libasan
  • oracle-linux-upgrade-libasan6
  • oracle-linux-upgrade-libasan8
  • oracle-linux-upgrade-libatomic
  • oracle-linux-upgrade-libatomic-static
  • oracle-linux-upgrade-libgcc
  • oracle-linux-upgrade-libgccjit
  • oracle-linux-upgrade-libgccjit-devel
  • oracle-linux-upgrade-libgfortran
  • oracle-linux-upgrade-libgomp
  • oracle-linux-upgrade-libgomp-offload-nvptx
  • oracle-linux-upgrade-libitm
  • oracle-linux-upgrade-libitm-devel
  • oracle-linux-upgrade-liblsan
  • oracle-linux-upgrade-libquadmath
  • oracle-linux-upgrade-libquadmath-devel
  • oracle-linux-upgrade-libstdc
  • oracle-linux-upgrade-libstdc-devel
  • oracle-linux-upgrade-libstdc-docs
  • oracle-linux-upgrade-libstdc-static
  • oracle-linux-upgrade-libtsan
  • oracle-linux-upgrade-libtsan2
  • oracle-linux-upgrade-libubsan

References

  • https://attackerkb.com/topics/cve-2023-4039
  • CVE - 2023-4039
  • ELSA-2023-28766
  • ELSA-2023-12788
  • ELSA-2023-28765
  • 引用
  • Mention
    • 查看数 702
    • 已创建
    • 最后回复

    参与讨论

    你可立刻发布并稍后注册。 如果你有帐户,立刻登录发布帖子。
    注意:你的帖子需要版主批准后才能看到。

    游客
    回帖…
    转到主题列表