操作系统--麒麟信安操作系统,国产操作系统,麒麟信安云桌面—

公告ID (KylinSec-SA-2025-1249)

摘要:

gcc security update

安全等级: Medium

公告ID: KylinSec-SA-2025-1249

发布日期: 2025年3月6日

关联CVE: CVE-2023-4039

详细介绍

1. 漏洞描述

The gcc package contains the GNU Compiler Collection version 12. You'll need this package in order to compile C code.

Security Fix(es):

**DISPUTED**A failure in the -fstack-protector feature in GCC-based toolchains
that target AArch64 allows an attacker to exploit an existing buffer
overflow in dynamically-sized local variables in your application
without this being detected. This stack-protector failure only applies
to C99-style dynamically-sized local variables or those created using
alloca(). The stack-protector operates as intended for statically-sized
local variables.

The default behavior when the stack-protector
detects an overflow is to terminate your application, resulting in
controlled loss of availability. An attacker who can exploit a buffer
overflow without triggering the stack-protector might be able to change
program flow control to cause an uncontrolled loss of availability or to
go further and affect confidentiality or integrity. NOTE: The GCC project argues that this is a missed hardening bug and not a vulnerability by itself.

(CVE-2023-4039)

2. 影响范围

cve名称	产品	组件	是否受影响
CVE-2023-4039	V6	gcc	Fixed

3. 影响组件

gcc

4. 修复版本

V6

软件名称	架构	版本号
cpp	x86_64	12.3.1-38.ks6.kb1
gcc	x86_64	12.3.1-38.ks6.kb1
gcc-c++	x86_64	12.3.1-38.ks6.kb1
gcc-gdb-plugin	x86_64	12.3.1-38.ks6.kb1
gcc-gfortran	x86_64	12.3.1-38.ks6.kb1
gcc-objc++	x86_64	12.3.1-38.ks6.kb1
gcc-objc	x86_64	12.3.1-38.ks6.kb1
gcc-plugin-devel	x86_64	12.3.1-38.ks6.kb1
libasan	x86_64	12.3.1-38.ks6.kb1
libasan-static	x86_64	12.3.1-38.ks6.kb1
libatomic	x86_64	12.3.1-38.ks6.kb1
libatomic-static	x86_64	12.3.1-38.ks6.kb1
libgcc	x86_64	12.3.1-38.ks6.kb1
libgccjit	x86_64	12.3.1-38.ks6.kb1
libgccjit-devel	x86_64	12.3.1-38.ks6.kb1
libgfortran	x86_64	12.3.1-38.ks6.kb1
libgfortran-static	x86_64	12.3.1-38.ks6.kb1
libgomp	x86_64	12.3.1-38.ks6.kb1
libitm	x86_64	12.3.1-38.ks6.kb1
libitm-devel	x86_64	12.3.1-38.ks6.kb1
libitm-static	x86_64	12.3.1-38.ks6.kb1
liblsan	x86_64	12.3.1-38.ks6.kb1
liblsan-static	x86_64	12.3.1-38.ks6.kb1
libobjc	x86_64	12.3.1-38.ks6.kb1
libquadmath	x86_64	12.3.1-38.ks6.kb1
libquadmath-devel	x86_64	12.3.1-38.ks6.kb1
libquadmath-static	x86_64	12.3.1-38.ks6.kb1
libstdc++	x86_64	12.3.1-38.ks6.kb1
libstdc++-devel	x86_64	12.3.1-38.ks6.kb1
libstdc++-static	x86_64	12.3.1-38.ks6.kb1
libtsan	x86_64	12.3.1-38.ks6.kb1
libtsan-static	x86_64	12.3.1-38.ks6.kb1
libubsan	x86_64	12.3.1-38.ks6.kb1
libubsan-static	x86_64	12.3.1-38.ks6.kb1
cpp	aarch64	12.3.1-38.ks6.kb1
gcc	aarch64	12.3.1-38.ks6.kb1
gcc-c++	aarch64	12.3.1-38.ks6.kb1
gcc-gdb-plugin	aarch64	12.3.1-38.ks6.kb1
gcc-gfortran	aarch64	12.3.1-38.ks6.kb1
gcc-objc++	aarch64	12.3.1-38.ks6.kb1
gcc-objc	aarch64	12.3.1-38.ks6.kb1
gcc-plugin-devel	aarch64	12.3.1-38.ks6.kb1
libasan	aarch64	12.3.1-38.ks6.kb1
libasan-static	aarch64	12.3.1-38.ks6.kb1
libatomic	aarch64	12.3.1-38.ks6.kb1
libatomic-static	aarch64	12.3.1-38.ks6.kb1
libgcc	aarch64	12.3.1-38.ks6.kb1
libgccjit	aarch64	12.3.1-38.ks6.kb1
libgccjit-devel	aarch64	12.3.1-38.ks6.kb1
libgfortran	aarch64	12.3.1-38.ks6.kb1
libgfortran-static	aarch64	12.3.1-38.ks6.kb1
libgomp	aarch64	12.3.1-38.ks6.kb1
libitm	aarch64	12.3.1-38.ks6.kb1
libitm-devel	aarch64	12.3.1-38.ks6.kb1
libitm-static	aarch64	12.3.1-38.ks6.kb1
liblsan	aarch64	12.3.1-38.ks6.kb1
liblsan-static	aarch64	12.3.1-38.ks6.kb1
libobjc	aarch64	12.3.1-38.ks6.kb1
libquadmath	aarch64	12.3.1-38.ks6.kb1
libquadmath-devel	aarch64	12.3.1-38.ks6.kb1
libquadmath-static	aarch64	12.3.1-38.ks6.kb1
libstdc++	aarch64	12.3.1-38.ks6.kb1
libstdc++-devel	aarch64	12.3.1-38.ks6.kb1
libstdc++-static	aarch64	12.3.1-38.ks6.kb1
libtsan	aarch64	12.3.1-38.ks6.kb1
libtsan-static	aarch64	12.3.1-38.ks6.kb1
libubsan	aarch64	12.3.1-38.ks6.kb1
libubsan-static	aarch64	12.3.1-38.ks6.kb1