Vulnerabilities > CVE-2017-11671 - Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in GNU GCC
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
LOW Integrity impact
NONE Availability impact
NONE Summary
Under certain circumstances, the ix86_expand_builtin function in i386.c in GNU Compiler Collection (GCC) version 4.6, 4.7, 4.8, 4.9, 5 before 5.5, and 6 before 6.4 will generate instruction sequences that clobber the status flag of the RDRAND and RDSEED intrinsics before it can be read, potentially causing failures of these instructions to go unreported. This could potentially lead to less randomness in random number generation.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 13 |
Common Weakness Enumeration (CWE)
Nessus
NASL family Fedora Local Security Checks NASL id FEDORA_2017-32A4A94C72.NASL description Fixes CVE-2017-11671. Fixed bugs (http://gcc.gnu.org/PRNNNNN): 31468, 43434, 45053, 49244, 50345, 53915, 56469, 60818, 60992, 61636, 61729, 62045, 64238, 65542, 65705, 65972, 66295, 66669, 67353, 67440, 68163, 68491, 68972, 69264, 69699, 69804, 69823, 69953, 70601, 70844, 70878, 71294, 71310, 71444, 71458, 71510, 71778, 71838, 72775, 73650, 75964, 76731, 77333, 77563, 77728, 77850, 78002, 78049, 78236, 78282, 78331, 78339, 78474, 78532, 78543, 78644, 78783, 78992, 79027, 79050, 79141, 79155, 79255, 79256, 79261, 79264, 79396, 79434, 79439, 79453, 79461, 79494, 79508, 79511, 79512, 79514, 79519, 79536, 79537, 79544, 79545, 79548, 79552, 79558, 79559, 79562, 79566, 79568, 79570, 79572, 79574, 79576, 79577, 79579, 79580, 79587, 79607, 79631, 79639, 79640, 79641, 79664, 79666, 79676, 79681, 79687, 79729, 79732, 79733, 79749, 79752, 79753, 79756, 79760, 79761, 79769, 79770, 79789, 79796, 79803, 79807, 79831, 79849, 79850, 79883, 79892, 79894, 79896, 79900, 79901, 79903, 79906, 79931, 79932, 79940, 79944, 79945, 79947, 79951, 79962, 79971, 79977, 79980, 79984, 80004, 80019, 80025, 80034, 80037, 80041, 80043, 80067, 80075, 80081, 80082, 80090, 80091, 80092, 80094, 80097, 80101, 80103, 80104, 80112, 80113, 80117, 80122, 80123, 80129, 80137, 80141, 80150, 80166, 80167, 80168, 80170, 80171, 80176, 80179, 80180, 80181, 80205, 80212, 80218, 80222, 80224, 80241, 80244, 80246, 80262, 80267, 80275, 80281, 80286, 80294, 80297, 80298, 80315, 80316, 80321, 80334, 80341, 80348, 80349, 80350, 80361, 80362, 80363, 80376, 80382, 80385, 80392, 80394, 80413, 80426, 80429, 80448, 80453, 80462, 80474, 80492, 80493, 80501, 80504, 80510, 80539, 80569, 80589, 80618, 80663, 80678, 80692, 80718, 80752, 80799, 80809, 80822, 80853, 80902, 80904, 80909, 80918, 80921, 80929, 80966, 80968, 80973, 80984, 81002, 81006, 81011, 81130, 81154, 81162, 81192, 81300, 81305, 81375, 81407, 81471, 81487, 81555, 81556 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2017-08-02 plugin id 102099 published 2017-08-02 reporter This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/102099 title Fedora 25 : gcc / gcc-python-plugin / libtool (2017-32a4a94c72) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory FEDORA-2017-32a4a94c72. # include("compat.inc"); if (description) { script_id(102099); script_version("3.5"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2017-11671"); script_xref(name:"FEDORA", value:"2017-32a4a94c72"); script_name(english:"Fedora 25 : gcc / gcc-python-plugin / libtool (2017-32a4a94c72)"); script_summary(english:"Checks rpm output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Fixes CVE-2017-11671. Fixed bugs (http://gcc.gnu.org/PRNNNNN): 31468, 43434, 45053, 49244, 50345, 53915, 56469, 60818, 60992, 61636, 61729, 62045, 64238, 65542, 65705, 65972, 66295, 66669, 67353, 67440, 68163, 68491, 68972, 69264, 69699, 69804, 69823, 69953, 70601, 70844, 70878, 71294, 71310, 71444, 71458, 71510, 71778, 71838, 72775, 73650, 75964, 76731, 77333, 77563, 77728, 77850, 78002, 78049, 78236, 78282, 78331, 78339, 78474, 78532, 78543, 78644, 78783, 78992, 79027, 79050, 79141, 79155, 79255, 79256, 79261, 79264, 79396, 79434, 79439, 79453, 79461, 79494, 79508, 79511, 79512, 79514, 79519, 79536, 79537, 79544, 79545, 79548, 79552, 79558, 79559, 79562, 79566, 79568, 79570, 79572, 79574, 79576, 79577, 79579, 79580, 79587, 79607, 79631, 79639, 79640, 79641, 79664, 79666, 79676, 79681, 79687, 79729, 79732, 79733, 79749, 79752, 79753, 79756, 79760, 79761, 79769, 79770, 79789, 79796, 79803, 79807, 79831, 79849, 79850, 79883, 79892, 79894, 79896, 79900, 79901, 79903, 79906, 79931, 79932, 79940, 79944, 79945, 79947, 79951, 79962, 79971, 79977, 79980, 79984, 80004, 80019, 80025, 80034, 80037, 80041, 80043, 80067, 80075, 80081, 80082, 80090, 80091, 80092, 80094, 80097, 80101, 80103, 80104, 80112, 80113, 80117, 80122, 80123, 80129, 80137, 80141, 80150, 80166, 80167, 80168, 80170, 80171, 80176, 80179, 80180, 80181, 80205, 80212, 80218, 80222, 80224, 80241, 80244, 80246, 80262, 80267, 80275, 80281, 80286, 80294, 80297, 80298, 80315, 80316, 80321, 80334, 80341, 80348, 80349, 80350, 80361, 80362, 80363, 80376, 80382, 80385, 80392, 80394, 80413, 80426, 80429, 80448, 80453, 80462, 80474, 80492, 80493, 80501, 80504, 80510, 80539, 80569, 80589, 80618, 80663, 80678, 80692, 80718, 80752, 80799, 80809, 80822, 80853, 80902, 80904, 80909, 80918, 80921, 80929, 80966, 80968, 80973, 80984, 81002, 81006, 81011, 81130, 81154, 81162, 81192, 81300, 81305, 81375, 81407, 81471, 81487, 81555, 81556 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"http://gcc.gnu.org/PRNNNNN" ); script_set_attribute( attribute:"see_also", value:"https://bodhi.fedoraproject.org/updates/FEDORA-2017-32a4a94c72" ); script_set_attribute( attribute:"solution", value:"Update the affected gcc, gcc-python-plugin and / or libtool packages." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N"); script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:gcc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:gcc-python-plugin"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:libtool"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:25"); script_set_attribute(attribute:"vuln_publication_date", value:"2017/07/26"); script_set_attribute(attribute:"patch_publication_date", value:"2017/08/01"); script_set_attribute(attribute:"plugin_publication_date", value:"2017/08/02"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! preg(pattern:"^25([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 25", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC25", reference:"gcc-6.4.1-1.fc25")) flag++; if (rpm_check(release:"FC25", reference:"gcc-python-plugin-0.15-8.2.fc25")) flag++; if (rpm_check(release:"FC25", reference:"libtool-2.4.6-14.fc25")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_NOTE, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "gcc / gcc-python-plugin / libtool"); }
NASL family Huawei Local Security Checks NASL id EULEROS_SA-2018-1174.NASL description According to the versions of the gcc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The gcc package contains the GNU Compiler Collection version 4.8.You last seen 2020-05-06 modified 2018-07-02 plugin id 110826 published 2018-07-02 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/110826 title EulerOS 2.0 SP3 : gcc (EulerOS-SA-2018-1174) code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(110826); script_version("1.5"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/05/04"); script_cve_id( "CVE-2017-11671" ); script_name(english:"EulerOS 2.0 SP3 : gcc (EulerOS-SA-2018-1174)"); script_summary(english:"Checks the rpm output for the updated packages."); script_set_attribute(attribute:"synopsis", value: "The remote EulerOS host is missing multiple security updates."); script_set_attribute(attribute:"description", value: "According to the versions of the gcc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The gcc package contains the GNU Compiler Collection version 4.8.You'll need this package in order to compile C code. - Security fix(es): - Under certain circumstances, the ix86_expand_builtin function in i386.c in GNU Compiler Collection (GCC) version 4.6, 4.7, 4.8, 4.9, 5 before 5.5, and 6 before 6.4 will generate instruction sequences that clobber the status flag of the RDRAND and RDSEED intrinsics before it can be read, potentially causing failures of these instructions to go unreported. This could potentially lead to less randomness in random number generation.(CVE-2017-11671) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues."); # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1174 script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?62273d79"); script_set_attribute(attribute:"solution", value: "Update the affected gcc packages."); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N"); script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"); script_set_attribute(attribute:"patch_publication_date", value:"2018/06/14"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/07/02"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:cpp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:gcc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:gcc-c++"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:gcc-gfortran"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:gcc-gnat"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:gcc-go"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:gcc-objc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:gcc-objc++"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libatomic"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libatomic-static"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libgcc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libgfortran"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libgnat"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libgnat-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libgo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libgo-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libgomp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libitm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libitm-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libobjc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libquadmath"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libquadmath-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libstdc++"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libstdc++-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libstdc++-docs"); script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:2.0"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Huawei Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/sp"); script_exclude_keys("Host/EulerOS/uvp_version"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/EulerOS/release"); if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS"); if (release !~ "^EulerOS release 2\.0(\D|$)") audit(AUDIT_OS_NOT, "EulerOS 2.0"); sp = get_kb_item("Host/EulerOS/sp"); if (isnull(sp) || sp !~ "^(3)$") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP3"); uvp = get_kb_item("Host/EulerOS/uvp_version"); if (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, "EulerOS 2.0 SP3", "EulerOS UVP " + uvp); if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i686 / x86_64", cpu); flag = 0; pkgs = ["cpp-4.8.5-4.h8", "gcc-4.8.5-4.h8", "gcc-c++-4.8.5-4.h8", "gcc-gfortran-4.8.5-4.h8", "gcc-gnat-4.8.5-4.h8", "gcc-go-4.8.5-4.h8", "gcc-objc++-4.8.5-4.h8", "gcc-objc-4.8.5-4.h8", "libatomic-4.8.5-4.h8", "libatomic-static-4.8.5-4.h8", "libgcc-4.8.5-4.h8", "libgfortran-4.8.5-4.h8", "libgnat-4.8.5-4.h8", "libgnat-devel-4.8.5-4.h8", "libgo-4.8.5-4.h8", "libgo-devel-4.8.5-4.h8", "libgomp-4.8.5-4.h8", "libitm-4.8.5-4.h8", "libitm-devel-4.8.5-4.h8", "libobjc-4.8.5-4.h8", "libquadmath-4.8.5-4.h8", "libquadmath-devel-4.8.5-4.h8", "libstdc++-4.8.5-4.h8", "libstdc++-devel-4.8.5-4.h8", "libstdc++-docs-4.8.5-4.h8"]; foreach (pkg in pkgs) if (rpm_check(release:"EulerOS-2.0", sp:"3", reference:pkg)) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_NOTE, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "gcc"); }
NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2018-0849.NASL description From Red Hat Security Advisory 2018:0849 : An update for gcc is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link (s) in the References section. The gcc packages provide compilers for C, C++, Java, Fortran, Objective C, and Ada 95 GNU, as well as related support libraries. Security Fix(es) : * gcc: GCC generates incorrect code for RDRAND/RDSEED intrinsics (CVE-2017-11671) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes : For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.5 Release Notes linked from the References section. last seen 2020-06-01 modified 2020-06-02 plugin id 109108 published 2018-04-18 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/109108 title Oracle Linux 7 : gcc (ELSA-2018-0849) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2018:0849 and # Oracle Linux Security Advisory ELSA-2018-0849 respectively. # include("compat.inc"); if (description) { script_id(109108); script_version("1.2"); script_cvs_date("Date: 2019/09/27 13:00:38"); script_cve_id("CVE-2017-11671"); script_xref(name:"RHSA", value:"2018:0849"); script_name(english:"Oracle Linux 7 : gcc (ELSA-2018-0849)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Oracle Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "From Red Hat Security Advisory 2018:0849 : An update for gcc is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link (s) in the References section. The gcc packages provide compilers for C, C++, Java, Fortran, Objective C, and Ada 95 GNU, as well as related support libraries. Security Fix(es) : * gcc: GCC generates incorrect code for RDRAND/RDSEED intrinsics (CVE-2017-11671) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes : For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.5 Release Notes linked from the References section." ); script_set_attribute( attribute:"see_also", value:"https://oss.oracle.com/pipermail/el-errata/2018-April/007613.html" ); script_set_attribute(attribute:"solution", value:"Update the affected gcc packages."); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N"); script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:cpp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:gcc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:gcc-c++"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:gcc-gfortran"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:gcc-gnat"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:gcc-go"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:gcc-objc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:gcc-objc++"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:gcc-plugin-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libasan"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libasan-static"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libatomic"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libatomic-static"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libgcc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libgfortran"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libgfortran-static"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libgnat"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libgnat-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libgnat-static"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libgo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libgo-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libgo-static"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libgomp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libitm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libitm-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libitm-static"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libmudflap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libmudflap-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libmudflap-static"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libobjc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libquadmath"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libquadmath-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libquadmath-static"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libstdc++"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libstdc++-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libstdc++-docs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libstdc++-static"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libtsan"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libtsan-static"); script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:7"); script_set_attribute(attribute:"vuln_publication_date", value:"2017/07/26"); script_set_attribute(attribute:"patch_publication_date", value:"2018/04/17"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/04/18"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Oracle Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/OracleLinux", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/OracleLinux")) audit(AUDIT_OS_NOT, "Oracle Linux"); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || !pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux)", string:release)) audit(AUDIT_OS_NOT, "Oracle Linux"); os_ver = pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Oracle Linux"); os_ver = os_ver[1]; if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Oracle Linux 7", "Oracle Linux " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Oracle Linux", cpu); if ("x86_64" >!< cpu) audit(AUDIT_ARCH_NOT, "x86_64", cpu); flag = 0; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"cpp-4.8.5-28.el7")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"gcc-4.8.5-28.el7")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"gcc-c++-4.8.5-28.el7")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"gcc-gfortran-4.8.5-28.el7")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"gcc-gnat-4.8.5-28.el7")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"gcc-go-4.8.5-28.el7")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"gcc-objc-4.8.5-28.el7")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"gcc-objc++-4.8.5-28.el7")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"gcc-plugin-devel-4.8.5-28.el7")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"libasan-4.8.5-28.el7")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"libasan-static-4.8.5-28.el7")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"libatomic-4.8.5-28.el7")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"libatomic-static-4.8.5-28.el7")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"libgcc-4.8.5-28.el7")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"libgfortran-4.8.5-28.el7")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"libgfortran-static-4.8.5-28.el7")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"libgnat-4.8.5-28.el7")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"libgnat-devel-4.8.5-28.el7")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"libgnat-static-4.8.5-28.el7")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"libgo-4.8.5-28.el7")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"libgo-devel-4.8.5-28.el7")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"libgo-static-4.8.5-28.el7")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"libgomp-4.8.5-28.el7")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"libitm-4.8.5-28.el7")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"libitm-devel-4.8.5-28.el7")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"libitm-static-4.8.5-28.el7")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"libmudflap-4.8.5-28.el7")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"libmudflap-devel-4.8.5-28.el7")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"libmudflap-static-4.8.5-28.el7")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"libobjc-4.8.5-28.el7")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"libquadmath-4.8.5-28.el7")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"libquadmath-devel-4.8.5-28.el7")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"libquadmath-static-4.8.5-28.el7")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"libstdc++-4.8.5-28.el7")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"libstdc++-devel-4.8.5-28.el7")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"libstdc++-docs-4.8.5-28.el7")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"libstdc++-static-4.8.5-28.el7")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"libtsan-4.8.5-28.el7")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"libtsan-static-4.8.5-28.el7")) flag++; if (flag) { if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get()); else security_note(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "cpp / gcc / gcc-c++ / gcc-gfortran / gcc-gnat / gcc-go / gcc-objc / etc"); }
NASL family NewStart CGSL Local Security Checks NASL id NEWSTART_CGSL_NS-SA-2019-0023_GCC.NASL description The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has gcc packages installed that are affected by a vulnerability: - Under certain circumstances, the ix86_expand_builtin function in i386.c in GNU Compiler Collection (GCC) version 4.6, 4.7, 4.8, 4.9, 5 before 5.5, and 6 before 6.4 will generate instruction sequences that clobber the status flag of the RDRAND and RDSEED intrinsics before it can be read, potentially causing failures of these instructions to go unreported. This could potentially lead to less randomness in random number generation. (CVE-2017-11671) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-01 modified 2020-06-02 plugin id 127181 published 2019-08-12 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/127181 title NewStart CGSL CORE 5.04 / MAIN 5.04 : gcc Vulnerability (NS-SA-2019-0023) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from ZTE advisory NS-SA-2019-0023. The text # itself is copyright (C) ZTE, Inc. include("compat.inc"); if (description) { script_id(127181); script_version("1.2"); script_cvs_date("Date: 2019/10/17 14:31:04"); script_cve_id("CVE-2017-11671"); script_name(english:"NewStart CGSL CORE 5.04 / MAIN 5.04 : gcc Vulnerability (NS-SA-2019-0023)"); script_set_attribute(attribute:"synopsis", value: "The remote machine is affected by a vulnerability."); script_set_attribute(attribute:"description", value: "The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has gcc packages installed that are affected by a vulnerability: - Under certain circumstances, the ix86_expand_builtin function in i386.c in GNU Compiler Collection (GCC) version 4.6, 4.7, 4.8, 4.9, 5 before 5.5, and 6 before 6.4 will generate instruction sequences that clobber the status flag of the RDRAND and RDSEED intrinsics before it can be read, potentially causing failures of these instructions to go unreported. This could potentially lead to less randomness in random number generation. (CVE-2017-11671) Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number."); script_set_attribute(attribute:"see_also", value:"http://security.gd-linux.com/notice/NS-SA-2019-0023"); script_set_attribute(attribute:"solution", value: "Upgrade the vulnerable CGSL gcc packages. Note that updated packages may not be available yet. Please contact ZTE for more information."); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2017-11671"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"vuln_publication_date", value:"2017/07/26"); script_set_attribute(attribute:"patch_publication_date", value:"2019/07/17"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/08/12"); script_set_attribute(attribute:"plugin_type", value:"local"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"NewStart CGSL Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/ZTE-CGSL/release", "Host/ZTE-CGSL/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/ZTE-CGSL/release"); if (isnull(release) || release !~ "^CGSL (MAIN|CORE)") audit(AUDIT_OS_NOT, "NewStart Carrier Grade Server Linux"); if (release !~ "CGSL CORE 5.04" && release !~ "CGSL MAIN 5.04") audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.04 / NewStart CGSL MAIN 5.04'); if (!get_kb_item("Host/ZTE-CGSL/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "NewStart Carrier Grade Server Linux", cpu); flag = 0; pkgs = { "CGSL CORE 5.04": [ "cpp-4.8.5-28.el7_5.1", "gcc-4.8.5-28.el7_5.1", "gcc-base-debuginfo-4.8.5-28.el7_5.1", "gcc-c++-4.8.5-28.el7_5.1", "gcc-debuginfo-4.8.5-28.el7_5.1", "gcc-gfortran-4.8.5-28.el7_5.1", "gcc-gnat-4.8.5-28.el7_5.1", "gcc-go-4.8.5-28.el7_5.1", "gcc-objc-4.8.5-28.el7_5.1", "gcc-objc++-4.8.5-28.el7_5.1", "gcc-plugin-devel-4.8.5-28.el7_5.1", "libasan-4.8.5-28.el7_5.1", "libasan-static-4.8.5-28.el7_5.1", "libatomic-4.8.5-28.el7_5.1", "libatomic-static-4.8.5-28.el7_5.1", "libgcc-4.8.5-28.el7_5.1", "libgfortran-4.8.5-28.el7_5.1", "libgfortran-static-4.8.5-28.el7_5.1", "libgnat-4.8.5-28.el7_5.1", "libgnat-devel-4.8.5-28.el7_5.1", "libgnat-static-4.8.5-28.el7_5.1", "libgo-4.8.5-28.el7_5.1", "libgo-devel-4.8.5-28.el7_5.1", "libgo-static-4.8.5-28.el7_5.1", "libgomp-4.8.5-28.el7_5.1", "libitm-4.8.5-28.el7_5.1", "libitm-devel-4.8.5-28.el7_5.1", "libitm-static-4.8.5-28.el7_5.1", "libmudflap-4.8.5-28.el7_5.1", "libmudflap-devel-4.8.5-28.el7_5.1", "libmudflap-static-4.8.5-28.el7_5.1", "libobjc-4.8.5-28.el7_5.1", "libquadmath-4.8.5-28.el7_5.1", "libquadmath-devel-4.8.5-28.el7_5.1", "libquadmath-static-4.8.5-28.el7_5.1", "libstdc++-4.8.5-28.el7_5.1", "libstdc++-devel-4.8.5-28.el7_5.1", "libstdc++-docs-4.8.5-28.el7_5.1", "libstdc++-static-4.8.5-28.el7_5.1", "libtsan-4.8.5-28.el7_5.1", "libtsan-static-4.8.5-28.el7_5.1" ], "CGSL MAIN 5.04": [ "cpp-4.8.5-28.el7_5.1", "gcc-4.8.5-28.el7_5.1", "gcc-base-debuginfo-4.8.5-28.el7_5.1", "gcc-c++-4.8.5-28.el7_5.1", "gcc-debuginfo-4.8.5-28.el7_5.1", "gcc-gfortran-4.8.5-28.el7_5.1", "gcc-gnat-4.8.5-28.el7_5.1", "gcc-go-4.8.5-28.el7_5.1", "gcc-objc-4.8.5-28.el7_5.1", "gcc-objc++-4.8.5-28.el7_5.1", "gcc-plugin-devel-4.8.5-28.el7_5.1", "libasan-4.8.5-28.el7_5.1", "libasan-static-4.8.5-28.el7_5.1", "libatomic-4.8.5-28.el7_5.1", "libatomic-static-4.8.5-28.el7_5.1", "libgcc-4.8.5-28.el7_5.1", "libgfortran-4.8.5-28.el7_5.1", "libgfortran-static-4.8.5-28.el7_5.1", "libgnat-4.8.5-28.el7_5.1", "libgnat-devel-4.8.5-28.el7_5.1", "libgnat-static-4.8.5-28.el7_5.1", "libgo-4.8.5-28.el7_5.1", "libgo-devel-4.8.5-28.el7_5.1", "libgo-static-4.8.5-28.el7_5.1", "libgomp-4.8.5-28.el7_5.1", "libitm-4.8.5-28.el7_5.1", "libitm-devel-4.8.5-28.el7_5.1", "libitm-static-4.8.5-28.el7_5.1", "libmudflap-4.8.5-28.el7_5.1", "libmudflap-devel-4.8.5-28.el7_5.1", "libmudflap-static-4.8.5-28.el7_5.1", "libobjc-4.8.5-28.el7_5.1", "libquadmath-4.8.5-28.el7_5.1", "libquadmath-devel-4.8.5-28.el7_5.1", "libquadmath-static-4.8.5-28.el7_5.1", "libstdc++-4.8.5-28.el7_5.1", "libstdc++-devel-4.8.5-28.el7_5.1", "libstdc++-docs-4.8.5-28.el7_5.1", "libstdc++-static-4.8.5-28.el7_5.1", "libtsan-4.8.5-28.el7_5.1", "libtsan-static-4.8.5-28.el7_5.1" ] }; pkg_list = pkgs[release]; foreach (pkg in pkg_list) if (rpm_check(release:"ZTE " + release, reference:pkg)) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_NOTE, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "gcc"); }
NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2018-1_0-0150.NASL description An update of {'gcc', 'nghttp2'} packages of Photon OS has been released. last seen 2019-02-21 modified 2019-02-07 plugin id 111276 published 2018-07-24 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=111276 title Photon OS 1.0 : gcc / nghttp2 (PhotonOS-PHSA-2018-1.0-0150 (deprecated) NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2018-1_0-0150_GCC.NASL description An update of the gcc package has been released. last seen 2020-03-17 modified 2019-02-07 plugin id 121849 published 2019-02-07 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/121849 title Photon OS 1.0: Gcc PHSA-2018-1.0-0150 NASL family SuSE Local Security Checks NASL id SUSE_SU-2017-2526-1.NASL description This update for gcc48 fixes the following issues: Security issues fixed : - A new option -fstack-clash-protection is now offered, which mitigates the stack clash type of attacks. [bnc#1039513] Future maintenance releases of packages will be built with this option. - CVE-2017-11671: Fixed rdrand/rdseed code generation issue [bsc#1050947] Bugs fixed : - Enable LFS support in 32bit libgcov.a. [bsc#1044016] - Bump libffi version in libffi.pc to 3.0.11. - Fix libffi issue for armv7l. [bsc#988274] - Properly diagnose missing -fsanitize=address support on ppc64le. [bnc#1028744] - Backport patch for PR65612. [bnc#1022062] - Fixed DR#1288. [bnc#1011348] Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 103355 published 2017-09-20 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/103355 title SUSE SLED12 / SLES12 Security Update : gcc48 (SUSE-SU-2017:2526-1) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2018-0849.NASL description An update for gcc is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link (s) in the References section. The gcc packages provide compilers for C, C++, Java, Fortran, Objective C, and Ada 95 GNU, as well as related support libraries. Security Fix(es) : * gcc: GCC generates incorrect code for RDRAND/RDSEED intrinsics (CVE-2017-11671) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes : For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.5 Release Notes linked from the References section. last seen 2020-06-01 modified 2020-06-02 plugin id 109374 published 2018-04-27 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/109374 title CentOS 7 : gcc (CESA-2018:0849) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2018-1116.NASL description According to the versions of the gcc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The gcc package contains the GNU Compiler Collection version 4.8.You last seen 2020-05-06 modified 2018-05-02 plugin id 109514 published 2018-05-02 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/109514 title EulerOS 2.0 SP2 : gcc (EulerOS-SA-2018-1116) NASL family SuSE Local Security Checks NASL id OPENSUSE-2017-1223.NASL description This update for gcc48 fixes the following issues : Security issues fixed : - A new option -fstack-clash-protection is now offered, which mitigates the stack clash type of attacks. [bnc#1039513] Future maintenance releases of packages will be built with this option. - CVE-2017-11671: Fixed rdrand/rdseed code generation issue [bsc#1050947] Bugs fixed : - Enable LFS support in 32bit libgcov.a. [bsc#1044016] - Bump libffi version in libffi.pc to 3.0.11. - Fix libffi issue for armv7l. [bsc#988274] - Properly diagnose missing -fsanitize=address support on ppc64le. [bnc#1028744] - Backport patch for PR65612. [bnc#1022062] - Fixed DR#1288. [bnc#1011348] This update was imported from the SUSE:SLE-12:Update update project. last seen 2020-06-05 modified 2017-10-30 plugin id 104245 published 2017-10-30 reporter This script is Copyright (C) 2017-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/104245 title openSUSE Security Update : gcc48 (openSUSE-2017-1223) NASL family Scientific Linux Local Security Checks NASL id SL_20180410_GCC_ON_SL7_X.NASL description Security Fix(es) : - gcc: GCC generates incorrect code for RDRAND/RDSEED intrinsics (CVE-2017-11671) Additional Changes : last seen 2020-03-18 modified 2018-05-01 plugin id 109446 published 2018-05-01 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/109446 title Scientific Linux Security Update : gcc on SL7.x x86_64 (20180410) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2018-1331.NASL description According to the versions of the gcc packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The gcc package contains the GNU Compiler Collection version 4.8.You last seen 2020-06-01 modified 2020-06-02 plugin id 118419 published 2018-10-26 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/118419 title EulerOS Virtualization 2.5.0 : gcc (EulerOS-SA-2018-1331) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2018-0849.NASL description An update for gcc is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link (s) in the References section. The gcc packages provide compilers for C, C++, Java, Fortran, Objective C, and Ada 95 GNU, as well as related support libraries. Security Fix(es) : * gcc: GCC generates incorrect code for RDRAND/RDSEED intrinsics (CVE-2017-11671) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes : For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.5 Release Notes linked from the References section. last seen 2020-06-01 modified 2020-06-02 plugin id 108988 published 2018-04-11 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/108988 title RHEL 7 : gcc (RHSA-2018:0849)
Redhat
advisories |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
rpms |
|
References
- http://openwall.com/lists/oss-security/2017/07/27/2
- http://openwall.com/lists/oss-security/2017/07/27/2
- http://www.securityfocus.com/bid/100018
- http://www.securityfocus.com/bid/100018
- https://access.redhat.com/errata/RHSA-2018:0849
- https://access.redhat.com/errata/RHSA-2018:0849
- https://gcc.gnu.org/bugzilla/show_bug.cgi?id=80180
- https://gcc.gnu.org/bugzilla/show_bug.cgi?id=80180
- https://gcc.gnu.org/ml/gcc-patches/2017-03/msg01349.html
- https://gcc.gnu.org/ml/gcc-patches/2017-03/msg01349.html