Main Vulnerability Database SB2023111641

SB2023111641 - SUSE update for gcc13

Published: November 16, 2023

Security Bulletin ID SB2023111641

Severity

Medium

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Data manipulation

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Security features bypass (CVE-ID: CVE-2023-4039)

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to the GCC's stack smashing protection does not detect or defend against overflows of dynamically-sized local variables on AArch64 targets. A remote attacker can bypass expected security restrictions and successfully exploit buffer overflow vulnerabilities.

Remediation

Install update from vendor's website.

References

https://www.suse.com/support/update/announcement/2023/suse-su-20234458-1/

Vulnerable Software

SUSE Linux Enterprise Micro: 5.1 - 6.0
openSUSE Leap Micro: 5.3 - 5.4
Development Tools Module: 15-SP4 - 15-SP5
SUSE Package Hub 15: 15-SP4 - 15-SP5
Basesystem Module: 15-SP4 - 15-SP5
SUSE Linux Enterprise Micro for Rancher: 5.2 - 5.4
SUSE Linux Enterprise Server for SAP Applications 15: SP1 - SP5
SUSE Linux Enterprise Server 15: SP1 - SP5
SUSE Linux Enterprise Real Time 15: SP4 - SP5
SUSE Linux Enterprise High Performance Computing 15: SP1 - SP5
SUSE Linux Enterprise Desktop 15: SP4 - SP5
SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15 SP1 LTSS: 15-SP1
SUSE Linux Enterprise High Performance Computing LTSS 15: SP3
SUSE Linux Enterprise High Performance Computing ESPOS 15: SP3
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS: 15-SP1
openSUSE Leap: 15.4 - 15.5
SUSE Enterprise Storage: 7.1
SUSE Manager Retail Branch Server: 4.3
SUSE Manager Server: 4.3
SUSE Manager Proxy: 4.3
SUSE CaaS Platform: 4.0
libquadmath0: before 13.2.1+git7813-150000.1.6.1
libquadmath0-debuginfo: before 13.2.1+git7813-150000.1.6.1
libhwasan0-debuginfo: before 13.2.1+git7813-150000.1.6.1
libhwasan0: before 13.2.1+git7813-150000.1.6.1
gcc13-info: before 13.2.1+git7813-150000.1.6.1
libgdruntime4-debuginfo: before 13.2.1+git7813-150000.1.6.1
libgphobos4: before 13.2.1+git7813-150000.1.6.1
libgphobos4-debuginfo: before 13.2.1+git7813-150000.1.6.1
gcc13-d: before 13.2.1+git7813-150000.1.6.1
gcc13-d-debuginfo: before 13.2.1+git7813-150000.1.6.1
libgdruntime4: before 13.2.1+git7813-150000.1.6.1
libasan8-32bit-debuginfo: before 13.2.1+git7813-150000.1.6.1
gcc13-obj-c++-32bit: before 13.2.1+git7813-150000.1.6.1
gcc13-32bit: before 13.2.1+git7813-150000.1.6.1
libm2log18-32bit-debuginfo: before 13.2.1+git7813-150000.1.6.1
libgfortran5-32bit: before 13.2.1+git7813-150000.1.6.1
libitm1-32bit-debuginfo: before 13.2.1+git7813-150000.1.6.1
gcc13-ada-32bit: before 13.2.1+git7813-150000.1.6.1
libm2min18-32bit: before 13.2.1+git7813-150000.1.6.1
libstdc++6-32bit-debuginfo: before 13.2.1+git7813-150000.1.6.1
libstdc++6-pp-32bit: before 13.2.1+git7813-150000.1.6.1
libada13-32bit: before 13.2.1+git7813-150000.1.6.1
libm2iso18-32bit-debuginfo: before 13.2.1+git7813-150000.1.6.1
libgcc_s1-32bit: before 13.2.1+git7813-150000.1.6.1
libstdc++6-devel-gcc13-32bit: before 13.2.1+git7813-150000.1.6.1
libubsan1-32bit-debuginfo: before 13.2.1+git7813-150000.1.6.1
libitm1-32bit: before 13.2.1+git7813-150000.1.6.1
libgo22-32bit: before 13.2.1+git7813-150000.1.6.1
gcc13-d-32bit: before 13.2.1+git7813-150000.1.6.1
libgomp1-32bit-debuginfo: before 13.2.1+git7813-150000.1.6.1
libasan8-32bit: before 13.2.1+git7813-150000.1.6.1
gcc13-fortran-32bit: before 13.2.1+git7813-150000.1.6.1
gcc13-c++-32bit: before 13.2.1+git7813-150000.1.6.1
libm2iso18-32bit: before 13.2.1+git7813-150000.1.6.1
libgdruntime4-32bit-debuginfo: before 13.2.1+git7813-150000.1.6.1
libgo22-32bit-debuginfo: before 13.2.1+git7813-150000.1.6.1
gcc13-m2-32bit: before 13.2.1+git7813-150000.1.6.1
libobjc4-32bit: before 13.2.1+git7813-150000.1.6.1
libgomp1-32bit: before 13.2.1+git7813-150000.1.6.1
gcc13-objc-32bit: before 13.2.1+git7813-150000.1.6.1
libstdc++6-32bit: before 13.2.1+git7813-150000.1.6.1
libgcc_s1-32bit-debuginfo: before 13.2.1+git7813-150000.1.6.1
libobjc4-32bit-debuginfo: before 13.2.1+git7813-150000.1.6.1
libgphobos4-32bit-debuginfo: before 13.2.1+git7813-150000.1.6.1
libgdruntime4-32bit: before 13.2.1+git7813-150000.1.6.1
libm2min18-32bit-debuginfo: before 13.2.1+git7813-150000.1.6.1
libm2cor18-32bit: before 13.2.1+git7813-150000.1.6.1
libm2pim18-32bit-debuginfo: before 13.2.1+git7813-150000.1.6.1
libm2log18-32bit: before 13.2.1+git7813-150000.1.6.1
gcc13-go-32bit: before 13.2.1+git7813-150000.1.6.1
libatomic1-32bit-debuginfo: before 13.2.1+git7813-150000.1.6.1
libgphobos4-32bit: before 13.2.1+git7813-150000.1.6.1
libubsan1-32bit: before 13.2.1+git7813-150000.1.6.1
libatomic1-32bit: before 13.2.1+git7813-150000.1.6.1
libm2pim18-32bit: before 13.2.1+git7813-150000.1.6.1
libgfortran5-32bit-debuginfo: before 13.2.1+git7813-150000.1.6.1
libada13-32bit-debuginfo: before 13.2.1+git7813-150000.1.6.1
libm2cor18-32bit-debuginfo: before 13.2.1+git7813-150000.1.6.1
cross-nvptx-gcc13-debugsource: before 13.2.1+git7813-150000.1.6.1
cross-nvptx-newlib13-devel: before 13.2.1+git7813-150000.1.6.1
cross-nvptx-gcc13-debuginfo: before 13.2.1+git7813-150000.1.6.1
libquadmath0-32bit-debuginfo: before 13.2.1+git7813-150000.1.6.1
libquadmath0-32bit: before 13.2.1+git7813-150000.1.6.1
cross-nvptx-gcc13: before 13.2.1+git7813-150000.1.6.1
gcc13: before 13.2.1+git7813-150000.1.6.1
gcc13-fortran: before 13.2.1+git7813-150000.1.6.1
libm2pim18: before 13.2.1+git7813-150000.1.6.1
libm2min18: before 13.2.1+git7813-150000.1.6.1
gcc13-locale: before 13.2.1+git7813-150000.1.6.1
libtsan2: before 13.2.1+git7813-150000.1.6.1
gcc13-m2-debuginfo: before 13.2.1+git7813-150000.1.6.1
gcc13-PIE: before 13.2.1+git7813-150000.1.6.1
libm2cor18: before 13.2.1+git7813-150000.1.6.1
gcc13-go: before 13.2.1+git7813-150000.1.6.1
libm2pim18-debuginfo: before 13.2.1+git7813-150000.1.6.1
gcc13-objc: before 13.2.1+git7813-150000.1.6.1
libm2min18-debuginfo: before 13.2.1+git7813-150000.1.6.1
libm2log18: before 13.2.1+git7813-150000.1.6.1
libitm1: before 13.2.1+git7813-150000.1.6.1
gcc13-objc-debuginfo: before 13.2.1+git7813-150000.1.6.1
libgfortran5: before 13.2.1+git7813-150000.1.6.1
gcc13-obj-c++: before 13.2.1+git7813-150000.1.6.1
libubsan1: before 13.2.1+git7813-150000.1.6.1
libm2iso18-debuginfo: before 13.2.1+git7813-150000.1.6.1
libgomp1-debuginfo: before 13.2.1+git7813-150000.1.6.1
cpp13-debuginfo: before 13.2.1+git7813-150000.1.6.1
gcc13-fortran-debuginfo: before 13.2.1+git7813-150000.1.6.1
libgfortran5-debuginfo: before 13.2.1+git7813-150000.1.6.1
libubsan1-debuginfo: before 13.2.1+git7813-150000.1.6.1
libtsan2-debuginfo: before 13.2.1+git7813-150000.1.6.1
libasan8-debuginfo: before 13.2.1+git7813-150000.1.6.1
gcc13-m2: before 13.2.1+git7813-150000.1.6.1
libasan8: before 13.2.1+git7813-150000.1.6.1
libm2log18-debuginfo: before 13.2.1+git7813-150000.1.6.1
libgomp1: before 13.2.1+git7813-150000.1.6.1
gcc13-ada-debuginfo: before 13.2.1+git7813-150000.1.6.1
gcc13-ada: before 13.2.1+git7813-150000.1.6.1
gcc13-c++: before 13.2.1+git7813-150000.1.6.1
gcc13-go-debuginfo: before 13.2.1+git7813-150000.1.6.1
libstdc++6-pp: before 13.2.1+git7813-150000.1.6.1
libobjc4-debuginfo: before 13.2.1+git7813-150000.1.6.1
libm2iso18: before 13.2.1+git7813-150000.1.6.1
libitm1-debuginfo: before 13.2.1+git7813-150000.1.6.1
libstdc++6-locale: before 13.2.1+git7813-150000.1.6.1
libatomic1-debuginfo: before 13.2.1+git7813-150000.1.6.1
libada13: before 13.2.1+git7813-150000.1.6.1
libgo22-debuginfo: before 13.2.1+git7813-150000.1.6.1
gcc13-c++-debuginfo: before 13.2.1+git7813-150000.1.6.1
libm2cor18-debuginfo: before 13.2.1+git7813-150000.1.6.1
libgo22: before 13.2.1+git7813-150000.1.6.1
gcc13-obj-c++-debuginfo: before 13.2.1+git7813-150000.1.6.1
libatomic1: before 13.2.1+git7813-150000.1.6.1
libada13-debuginfo: before 13.2.1+git7813-150000.1.6.1
libobjc4: before 13.2.1+git7813-150000.1.6.1
liblsan0-debuginfo: before 13.2.1+git7813-150000.1.6.1
cpp13: before 13.2.1+git7813-150000.1.6.1
liblsan0: before 13.2.1+git7813-150000.1.6.1
libstdc++6-devel-gcc13: before 13.2.1+git7813-150000.1.6.1
libgcc_s1: before 13.2.1+git7813-150000.1.6.1
libstdc++6: before 13.2.1+git7813-150000.1.6.1
libstdc++6-debuginfo: before 13.2.1+git7813-150000.1.6.1
libgcc_s1-debuginfo: before 13.2.1+git7813-150000.1.6.1
gcc13-debuginfo: before 13.2.1+git7813-150000.1.6.1
gcc13-debugsource: before 13.2.1+git7813-150000.1.6.1