vulnerability
Oracle Linux: CVE-2023-4039: ELSA-2023-12788: gcc security update (LOW) (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 1 | (AV:N/AC:M/Au:N/C:N/I:N/A:N) | Sep 12, 2023 | Sep 13, 2023 | Dec 3, 2025 |
Severity
1
CVSS
(AV:N/AC:M/Au:N/C:N/I:N/A:N)
Published
Sep 12, 2023
Added
Sep 13, 2023
Modified
Dec 3, 2025
Description
**DISPUTED**A failure in the -fstack-protector feature in GCC-based toolchains
that target AArch64 allows an attacker to exploit an existing buffer
overflow in dynamically-sized local variables in your application
without this being detected. This stack-protector failure only applies
to C99-style dynamically-sized local variables or those created using
alloca(). The stack-protector operates as intended for statically-sized
local variables.
The default behavior when the stack-protector
detects an overflow is to terminate your application, resulting in
controlled loss of availability. An attacker who can exploit a buffer
overflow without triggering the stack-protector might be able to change
program flow control to cause an uncontrolled loss of availability or to
go further and affect confidentiality or integrity. NOTE: The GCC project argues that this is a missed hardening bug and not a vulnerability by itself.
A vulnerability was found in GCC. The GCC's stack protection feature, enabled with the flag -fstack-protector, aims to detect buffer overflows in C/C++ function local variables that might allow an attacker to overwrite saved registers on the stack. If an attacker can modify saved register values, it may be possible for them to subvert program flow control. The feature operates by placing a canary value between local variables and saved registers on the stack on function entry and triggers an error handler on function exit if the canary value has been unexpectedly modified.
When targeting AArch64, this feature did not protect the saved registers from overflows in C99-style dynamically-sized local variables and alloca() objects. Other local variables, including statically-sized local arrays, are not affected because of their different placement on the stack relative to saved registers.
that target AArch64 allows an attacker to exploit an existing buffer
overflow in dynamically-sized local variables in your application
without this being detected. This stack-protector failure only applies
to C99-style dynamically-sized local variables or those created using
alloca(). The stack-protector operates as intended for statically-sized
local variables.
The default behavior when the stack-protector
detects an overflow is to terminate your application, resulting in
controlled loss of availability. An attacker who can exploit a buffer
overflow without triggering the stack-protector might be able to change
program flow control to cause an uncontrolled loss of availability or to
go further and affect confidentiality or integrity. NOTE: The GCC project argues that this is a missed hardening bug and not a vulnerability by itself.
A vulnerability was found in GCC. The GCC's stack protection feature, enabled with the flag -fstack-protector, aims to detect buffer overflows in C/C++ function local variables that might allow an attacker to overwrite saved registers on the stack. If an attacker can modify saved register values, it may be possible for them to subvert program flow control. The feature operates by placing a canary value between local variables and saved registers on the stack on function entry and triggers an error handler on function exit if the canary value has been unexpectedly modified.
When targeting AArch64, this feature did not protect the saved registers from overflows in C99-style dynamically-sized local variables and alloca() objects. Other local variables, including statically-sized local arrays, are not affected because of their different placement on the stack relative to saved registers.
Solutions
oracle-linux-upgrade-cpporacle-linux-upgrade-cross-gcc-commonoracle-linux-upgrade-gccoracle-linux-upgrade-gcc-aarch64-linux-gnuoracle-linux-upgrade-gcc-alpha-linux-gnuoracle-linux-upgrade-gcc-arc-linux-gnuoracle-linux-upgrade-gcc-arm-linux-gnuoracle-linux-upgrade-gcc-avr32-linux-gnuoracle-linux-upgrade-gcc-bfin-linux-gnuoracle-linux-upgrade-gcc-bpf-unknown-noneoracle-linux-upgrade-gcc-coracle-linux-upgrade-gcc-c6x-linux-gnuoracle-linux-upgrade-gcc-c-aarch64-linux-gnuoracle-linux-upgrade-gcc-c-alpha-linux-gnuoracle-linux-upgrade-gcc-c-arc-linux-gnuoracle-linux-upgrade-gcc-c-arm-linux-gnuoracle-linux-upgrade-gcc-c-avr32-linux-gnuoracle-linux-upgrade-gcc-c-bfin-linux-gnuoracle-linux-upgrade-gcc-c-bpf-unknown-noneoracle-linux-upgrade-gcc-c-c6x-linux-gnuoracle-linux-upgrade-gcc-c-frv-linux-gnuoracle-linux-upgrade-gcc-c-h8300-linux-gnuoracle-linux-upgrade-gcc-c-hppa64-linux-gnuoracle-linux-upgrade-gcc-c-hppa-linux-gnuoracle-linux-upgrade-gcc-c-ia64-linux-gnuoracle-linux-upgrade-gcc-c-m68k-linux-gnuoracle-linux-upgrade-gcc-c-microblaze-linux-gnuoracle-linux-upgrade-gcc-c-mips64-linux-gnuoracle-linux-upgrade-gcc-c-mn10300-linux-gnuoracle-linux-upgrade-gcc-c-nios2-linux-gnuoracle-linux-upgrade-gcc-c-openrisc-linux-gnuoracle-linux-upgrade-gcc-c-powerpc64le-linux-gnuoracle-linux-upgrade-gcc-c-powerpc64-linux-gnuoracle-linux-upgrade-gcc-c-ppc64le-linux-gnuoracle-linux-upgrade-gcc-c-ppc64-linux-gnuoracle-linux-upgrade-gcc-c-riscv64-linux-gnuoracle-linux-upgrade-gcc-c-s390x-linux-gnuoracle-linux-upgrade-gcc-c-sparc64-linux-gnuoracle-linux-upgrade-gcc-c-tile-linux-gnuoracle-linux-upgrade-gcc-c-x86-64-linux-gnuoracle-linux-upgrade-gcc-c-xtensa-linux-gnuoracle-linux-upgrade-gcc-frv-linux-gnuoracle-linux-upgrade-gcc-gdb-pluginoracle-linux-upgrade-gcc-gfortranoracle-linux-upgrade-gcc-h8300-linux-gnuoracle-linux-upgrade-gcc-hppa64-linux-gnuoracle-linux-upgrade-gcc-hppa-linux-gnuoracle-linux-upgrade-gcc-ia64-linux-gnuoracle-linux-upgrade-gcc-m68k-linux-gnuoracle-linux-upgrade-gcc-microblaze-linux-gnuoracle-linux-upgrade-gcc-mips64-linux-gnuoracle-linux-upgrade-gcc-mn10300-linux-gnuoracle-linux-upgrade-gcc-nios2-linux-gnuoracle-linux-upgrade-gcc-offload-nvptxoracle-linux-upgrade-gcc-openrisc-linux-gnuoracle-linux-upgrade-gcc-plugin-annobinoracle-linux-upgrade-gcc-plugin-develoracle-linux-upgrade-gcc-powerpc64le-linux-gnuoracle-linux-upgrade-gcc-powerpc64-linux-gnuoracle-linux-upgrade-gcc-ppc64le-linux-gnuoracle-linux-upgrade-gcc-ppc64-linux-gnuoracle-linux-upgrade-gcc-riscv64-linux-gnuoracle-linux-upgrade-gcc-s390x-linux-gnuoracle-linux-upgrade-gcc-sparc64-linux-gnuoracle-linux-upgrade-gcc-tile-linux-gnuoracle-linux-upgrade-gcc-toolset-11-gccoracle-linux-upgrade-gcc-toolset-11-gcc-coracle-linux-upgrade-gcc-toolset-11-gcc-gdb-pluginoracle-linux-upgrade-gcc-toolset-11-gcc-gfortranoracle-linux-upgrade-gcc-toolset-11-gcc-plugin-develoracle-linux-upgrade-gcc-toolset-11-libasan-develoracle-linux-upgrade-gcc-toolset-11-libatomic-develoracle-linux-upgrade-gcc-toolset-11-libgccjitoracle-linux-upgrade-gcc-toolset-11-libgccjit-develoracle-linux-upgrade-gcc-toolset-11-libgccjit-docsoracle-linux-upgrade-gcc-toolset-11-libitm-develoracle-linux-upgrade-gcc-toolset-11-liblsan-develoracle-linux-upgrade-gcc-toolset-11-libquadmath-develoracle-linux-upgrade-gcc-toolset-11-libstdc-develoracle-linux-upgrade-gcc-toolset-11-libstdc-docsoracle-linux-upgrade-gcc-toolset-11-libtsan-develoracle-linux-upgrade-gcc-toolset-11-libubsan-develoracle-linux-upgrade-gcc-toolset-12-gccoracle-linux-upgrade-gcc-toolset-12-gcc-coracle-linux-upgrade-gcc-toolset-12-gcc-gfortranoracle-linux-upgrade-gcc-toolset-12-gcc-plugin-annobinoracle-linux-upgrade-gcc-toolset-12-gcc-plugin-develoracle-linux-upgrade-gcc-toolset-12-libasan-develoracle-linux-upgrade-gcc-toolset-12-libatomic-develoracle-linux-upgrade-gcc-toolset-12-libgccjitoracle-linux-upgrade-gcc-toolset-12-libgccjit-develoracle-linux-upgrade-gcc-toolset-12-libgccjit-docsoracle-linux-upgrade-gcc-toolset-12-libitm-develoracle-linux-upgrade-gcc-toolset-12-liblsan-develoracle-linux-upgrade-gcc-toolset-12-libquadmath-develoracle-linux-upgrade-gcc-toolset-12-libstdc-develoracle-linux-upgrade-gcc-toolset-12-libstdc-docsoracle-linux-upgrade-gcc-toolset-12-libtsan-develoracle-linux-upgrade-gcc-toolset-12-libubsan-develoracle-linux-upgrade-gcc-toolset-12-offload-nvptxoracle-linux-upgrade-gcc-x86-64-linux-gnuoracle-linux-upgrade-gcc-xtensa-linux-gnuoracle-linux-upgrade-libasanoracle-linux-upgrade-libasan6oracle-linux-upgrade-libasan8oracle-linux-upgrade-libatomicoracle-linux-upgrade-libatomic-staticoracle-linux-upgrade-libgccoracle-linux-upgrade-libgccjitoracle-linux-upgrade-libgccjit-develoracle-linux-upgrade-libgfortranoracle-linux-upgrade-libgomporacle-linux-upgrade-libgomp-offload-nvptxoracle-linux-upgrade-libitmoracle-linux-upgrade-libitm-develoracle-linux-upgrade-liblsanoracle-linux-upgrade-libquadmathoracle-linux-upgrade-libquadmath-develoracle-linux-upgrade-libstdcoracle-linux-upgrade-libstdc-develoracle-linux-upgrade-libstdc-docsoracle-linux-upgrade-libstdc-staticoracle-linux-upgrade-libtsanoracle-linux-upgrade-libtsan2oracle-linux-upgrade-libubsan
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.