SUSE-SU-2023:3640-1

Source
https://www.suse.com/support/update/announcement/2023/suse-su-20233640-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2023:3640-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2023:3640-1
Related
Published
2023-09-18T11:58:42Z
Modified
2023-09-18T11:58:42Z
Summary
Security update for gcc12
Details

This update for gcc12 fixes the following issues:

  • CVE-2023-4039: Fixed incorrect stack protector for C99 VLAs on Aarch64 (bsc#1214052).
References

Affected packages

SUSE:Linux Enterprise Module for Toolchain 12 / cross-nvptx-gcc12

Package

Name
cross-nvptx-gcc12
Purl
pkg:rpm/suse/cross-nvptx-gcc12&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Toolchain%2012

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
12.3.0+git1204-1.13.1

Ecosystem specific

{
    "binaries": [
        {
            "gcc12-32bit": "12.3.0+git1204-1.13.1",
            "cross-nvptx-gcc12": "12.3.0+git1204-1.13.1",
            "gcc12-info": "12.3.0+git1204-1.13.1",
            "libstdc++6-devel-gcc12-32bit": "12.3.0+git1204-1.13.1",
            "gcc12-fortran": "12.3.0+git1204-1.13.1",
            "gcc12": "12.3.0+git1204-1.13.1",
            "gcc12-locale": "12.3.0+git1204-1.13.1",
            "gcc12-PIE": "12.3.0+git1204-1.13.1",
            "gcc12-fortran-32bit": "12.3.0+git1204-1.13.1",
            "gcc12-c++-32bit": "12.3.0+git1204-1.13.1",
            "libstdc++6-devel-gcc12": "12.3.0+git1204-1.13.1",
            "gcc12-c++": "12.3.0+git1204-1.13.1",
            "cross-nvptx-newlib12-devel": "12.3.0+git1204-1.13.1",
            "cpp12": "12.3.0+git1204-1.13.1"
        }
    ]
}

SUSE:Linux Enterprise Module for Toolchain 12 / gcc12

Package

Name
gcc12
Purl
pkg:rpm/suse/gcc12&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Toolchain%2012

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
12.3.0+git1204-1.13.1

Ecosystem specific

{
    "binaries": [
        {
            "gcc12-32bit": "12.3.0+git1204-1.13.1",
            "cross-nvptx-gcc12": "12.3.0+git1204-1.13.1",
            "gcc12-info": "12.3.0+git1204-1.13.1",
            "libstdc++6-devel-gcc12-32bit": "12.3.0+git1204-1.13.1",
            "gcc12-fortran": "12.3.0+git1204-1.13.1",
            "gcc12": "12.3.0+git1204-1.13.1",
            "gcc12-locale": "12.3.0+git1204-1.13.1",
            "gcc12-PIE": "12.3.0+git1204-1.13.1",
            "gcc12-fortran-32bit": "12.3.0+git1204-1.13.1",
            "gcc12-c++-32bit": "12.3.0+git1204-1.13.1",
            "libstdc++6-devel-gcc12": "12.3.0+git1204-1.13.1",
            "gcc12-c++": "12.3.0+git1204-1.13.1",
            "cross-nvptx-newlib12-devel": "12.3.0+git1204-1.13.1",
            "cpp12": "12.3.0+git1204-1.13.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP5 / gcc12

Package

Name
gcc12
Purl
pkg:rpm/suse/gcc12&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
12.3.0+git1204-1.13.1

Ecosystem specific

{
    "binaries": [
        {
            "libgfortran5": "12.3.0+git1204-1.13.1",
            "libstdc++6-pp": "12.3.0+git1204-1.13.1",
            "libgomp1": "12.3.0+git1204-1.13.1",
            "libtsan2": "12.3.0+git1204-1.13.1",
            "libstdc++6": "12.3.0+git1204-1.13.1",
            "libgcc_s1-32bit": "12.3.0+git1204-1.13.1",
            "libgomp1-32bit": "12.3.0+git1204-1.13.1",
            "libubsan1": "12.3.0+git1204-1.13.1",
            "libobjc4": "12.3.0+git1204-1.13.1",
            "libstdc++6-32bit": "12.3.0+git1204-1.13.1",
            "libatomic1": "12.3.0+git1204-1.13.1",
            "libasan8-32bit": "12.3.0+git1204-1.13.1",
            "libgfortran5-32bit": "12.3.0+git1204-1.13.1",
            "libhwasan0": "12.3.0+git1204-1.13.1",
            "libasan8": "12.3.0+git1204-1.13.1",
            "libitm1": "12.3.0+git1204-1.13.1",
            "libstdc++6-pp-32bit": "12.3.0+git1204-1.13.1",
            "libstdc++6-locale": "12.3.0+git1204-1.13.1",
            "libgcc_s1": "12.3.0+git1204-1.13.1",
            "libquadmath0": "12.3.0+git1204-1.13.1",
            "libatomic1-32bit": "12.3.0+git1204-1.13.1",
            "libobjc4-32bit": "12.3.0+git1204-1.13.1",
            "libquadmath0-32bit": "12.3.0+git1204-1.13.1",
            "libitm1-32bit": "12.3.0+git1204-1.13.1",
            "liblsan0": "12.3.0+git1204-1.13.1",
            "libubsan1-32bit": "12.3.0+git1204-1.13.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP5 / gcc12

Package

Name
gcc12
Purl
pkg:rpm/suse/gcc12&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
12.3.0+git1204-1.13.1

Ecosystem specific

{
    "binaries": [
        {
            "libgfortran5": "12.3.0+git1204-1.13.1",
            "libstdc++6-pp": "12.3.0+git1204-1.13.1",
            "libgomp1": "12.3.0+git1204-1.13.1",
            "libtsan2": "12.3.0+git1204-1.13.1",
            "libstdc++6": "12.3.0+git1204-1.13.1",
            "libgcc_s1-32bit": "12.3.0+git1204-1.13.1",
            "libgomp1-32bit": "12.3.0+git1204-1.13.1",
            "libubsan1": "12.3.0+git1204-1.13.1",
            "libobjc4": "12.3.0+git1204-1.13.1",
            "libstdc++6-32bit": "12.3.0+git1204-1.13.1",
            "libatomic1": "12.3.0+git1204-1.13.1",
            "libasan8-32bit": "12.3.0+git1204-1.13.1",
            "libgfortran5-32bit": "12.3.0+git1204-1.13.1",
            "libhwasan0": "12.3.0+git1204-1.13.1",
            "libasan8": "12.3.0+git1204-1.13.1",
            "libitm1": "12.3.0+git1204-1.13.1",
            "libstdc++6-pp-32bit": "12.3.0+git1204-1.13.1",
            "libstdc++6-locale": "12.3.0+git1204-1.13.1",
            "libgcc_s1": "12.3.0+git1204-1.13.1",
            "libquadmath0": "12.3.0+git1204-1.13.1",
            "libatomic1-32bit": "12.3.0+git1204-1.13.1",
            "libobjc4-32bit": "12.3.0+git1204-1.13.1",
            "libquadmath0-32bit": "12.3.0+git1204-1.13.1",
            "libitm1-32bit": "12.3.0+git1204-1.13.1",
            "liblsan0": "12.3.0+git1204-1.13.1",
            "libubsan1-32bit": "12.3.0+git1204-1.13.1"
        }
    ]
}