vulnerability
Ubuntu: USN-7700-1 (CVE-2023-4039): GCC vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:N/AC:M/Au:N/C:P/I:P/A:N) | Sep 13, 2023 | Nov 19, 2024 | Aug 22, 2025 |
Severity
6
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:N)
Published
Sep 13, 2023
Added
Nov 19, 2024
Modified
Aug 22, 2025
Description
**DISPUTED**A failure in the -fstack-protector feature in GCC-based toolchains
that target AArch64 allows an attacker to exploit an existing buffer
overflow in dynamically-sized local variables in your application
without this being detected. This stack-protector failure only applies
to C99-style dynamically-sized local variables or those created using
alloca(). The stack-protector operates as intended for statically-sized
local variables.
The default behavior when the stack-protector
detects an overflow is to terminate your application, resulting in
controlled loss of availability. An attacker who can exploit a buffer
overflow without triggering the stack-protector might be able to change
program flow control to cause an uncontrolled loss of availability or to
go further and affect confidentiality or integrity. NOTE: The GCC project argues that this is a missed hardening bug and not a vulnerability by itself.
Solutions
ubuntu-pro-upgrade-cpp-10ubuntu-pro-upgrade-cpp-10-docubuntu-pro-upgrade-cpp-11ubuntu-pro-upgrade-cpp-11-docubuntu-pro-upgrade-cpp-12ubuntu-pro-upgrade-cpp-12-docubuntu-pro-upgrade-g-10ubuntu-pro-upgrade-g-10-multilibubuntu-pro-upgrade-g-11ubuntu-pro-upgrade-g-11-multilibubuntu-pro-upgrade-g-12ubuntu-pro-upgrade-g-12-multilibubuntu-pro-upgrade-gcc-10ubuntu-pro-upgrade-gcc-10-baseubuntu-pro-upgrade-gcc-10-docubuntu-pro-upgrade-gcc-10-hppa64-linux-gnuubuntu-pro-upgrade-gcc-10-localesubuntu-pro-upgrade-gcc-10-multilibubuntu-pro-upgrade-gcc-10-offload-amdgcnubuntu-pro-upgrade-gcc-10-offload-nvptxubuntu-pro-upgrade-gcc-10-plugin-devubuntu-pro-upgrade-gcc-10-sourceubuntu-pro-upgrade-gcc-10-test-resultsubuntu-pro-upgrade-gcc-11ubuntu-pro-upgrade-gcc-11-baseubuntu-pro-upgrade-gcc-11-docubuntu-pro-upgrade-gcc-11-hppa64-linux-gnuubuntu-pro-upgrade-gcc-11-localesubuntu-pro-upgrade-gcc-11-multilibubuntu-pro-upgrade-gcc-11-offload-amdgcnubuntu-pro-upgrade-gcc-11-offload-nvptxubuntu-pro-upgrade-gcc-11-plugin-devubuntu-pro-upgrade-gcc-11-sourceubuntu-pro-upgrade-gcc-11-test-resultsubuntu-pro-upgrade-gcc-12ubuntu-pro-upgrade-gcc-12-baseubuntu-pro-upgrade-gcc-12-docubuntu-pro-upgrade-gcc-12-hppa64-linux-gnuubuntu-pro-upgrade-gcc-12-localesubuntu-pro-upgrade-gcc-12-multilibubuntu-pro-upgrade-gcc-12-offload-amdgcnubuntu-pro-upgrade-gcc-12-offload-nvptxubuntu-pro-upgrade-gcc-12-plugin-devubuntu-pro-upgrade-gcc-12-sourceubuntu-pro-upgrade-gcc-12-test-resultsubuntu-pro-upgrade-gccbrig-10ubuntu-pro-upgrade-gccbrig-11ubuntu-pro-upgrade-gccgo-10ubuntu-pro-upgrade-gccgo-10-docubuntu-pro-upgrade-gccgo-10-multilibubuntu-pro-upgrade-gccgo-11ubuntu-pro-upgrade-gccgo-11-docubuntu-pro-upgrade-gccgo-11-multilibubuntu-pro-upgrade-gccgo-12ubuntu-pro-upgrade-gccgo-12-docubuntu-pro-upgrade-gccgo-12-multilibubuntu-pro-upgrade-gdc-10ubuntu-pro-upgrade-gdc-10-multilibubuntu-pro-upgrade-gdc-11ubuntu-pro-upgrade-gdc-11-multilibubuntu-pro-upgrade-gdc-12ubuntu-pro-upgrade-gdc-12-multilibubuntu-pro-upgrade-gfortran-10ubuntu-pro-upgrade-gfortran-10-docubuntu-pro-upgrade-gfortran-10-multilibubuntu-pro-upgrade-gfortran-11ubuntu-pro-upgrade-gfortran-11-docubuntu-pro-upgrade-gfortran-11-multilibubuntu-pro-upgrade-gfortran-12ubuntu-pro-upgrade-gfortran-12-docubuntu-pro-upgrade-gfortran-12-multilibubuntu-pro-upgrade-gm2-10ubuntu-pro-upgrade-gm2-11ubuntu-pro-upgrade-gm2-12ubuntu-pro-upgrade-gm2-12-docubuntu-pro-upgrade-gnat-10ubuntu-pro-upgrade-gnat-10-docubuntu-pro-upgrade-gnat-11ubuntu-pro-upgrade-gnat-11-docubuntu-pro-upgrade-gnat-12ubuntu-pro-upgrade-gnat-12-docubuntu-pro-upgrade-gobjc-10ubuntu-pro-upgrade-gobjc-10-multilibubuntu-pro-upgrade-gobjc-11ubuntu-pro-upgrade-gobjc-11-multilibubuntu-pro-upgrade-gobjc-12ubuntu-pro-upgrade-gobjc-12-multilibubuntu-pro-upgrade-lib32asan6ubuntu-pro-upgrade-lib32asan8ubuntu-pro-upgrade-lib32atomic1ubuntu-pro-upgrade-lib32gcc-10-devubuntu-pro-upgrade-lib32gcc-11-devubuntu-pro-upgrade-lib32gcc-12-devubuntu-pro-upgrade-lib32gcc-s1ubuntu-pro-upgrade-lib32gcc1ubuntu-pro-upgrade-lib32gfortran-10-devubuntu-pro-upgrade-lib32gfortran-11-devubuntu-pro-upgrade-lib32gfortran-12-devubuntu-pro-upgrade-lib32gfortran5ubuntu-pro-upgrade-lib32go-10-devubuntu-pro-upgrade-lib32go-11-devubuntu-pro-upgrade-lib32go-12-devubuntu-pro-upgrade-lib32go16ubuntu-pro-upgrade-lib32go19ubuntu-pro-upgrade-lib32go21ubuntu-pro-upgrade-lib32gomp1ubuntu-pro-upgrade-lib32gphobos-10-devubuntu-pro-upgrade-lib32gphobos-11-devubuntu-pro-upgrade-lib32gphobos-12-devubuntu-pro-upgrade-lib32gphobos1ubuntu-pro-upgrade-lib32gphobos2ubuntu-pro-upgrade-lib32gphobos3ubuntu-pro-upgrade-lib32itm1ubuntu-pro-upgrade-lib32lsan0ubuntu-pro-upgrade-lib32objc-10-devubuntu-pro-upgrade-lib32objc-11-devubuntu-pro-upgrade-lib32objc-12-devubuntu-pro-upgrade-lib32objc4ubuntu-pro-upgrade-lib32quadmath0ubuntu-pro-upgrade-lib32stdc-10-devubuntu-pro-upgrade-lib32stdc-11-devubuntu-pro-upgrade-lib32stdc-12-devubuntu-pro-upgrade-lib32stdc-6ubuntu-pro-upgrade-lib32ubsan1ubuntu-pro-upgrade-lib64asan6ubuntu-pro-upgrade-lib64asan8ubuntu-pro-upgrade-lib64atomic1ubuntu-pro-upgrade-lib64gcc-10-devubuntu-pro-upgrade-lib64gcc-11-devubuntu-pro-upgrade-lib64gcc-12-devubuntu-pro-upgrade-lib64gcc-s1ubuntu-pro-upgrade-lib64gcc1ubuntu-pro-upgrade-lib64gfortran-10-devubuntu-pro-upgrade-lib64gfortran-11-devubuntu-pro-upgrade-lib64gfortran-12-devubuntu-pro-upgrade-lib64gfortran5ubuntu-pro-upgrade-lib64go-10-devubuntu-pro-upgrade-lib64go-11-devubuntu-pro-upgrade-lib64go-12-devubuntu-pro-upgrade-lib64go16ubuntu-pro-upgrade-lib64go19ubuntu-pro-upgrade-lib64go21ubuntu-pro-upgrade-lib64gomp1ubuntu-pro-upgrade-lib64gphobos-10-devubuntu-pro-upgrade-lib64gphobos-11-devubuntu-pro-upgrade-lib64gphobos-12-devubuntu-pro-upgrade-lib64gphobos1ubuntu-pro-upgrade-lib64gphobos2ubuntu-pro-upgrade-lib64gphobos3ubuntu-pro-upgrade-lib64itm1ubuntu-pro-upgrade-lib64objc-10-devubuntu-pro-upgrade-lib64objc-11-devubuntu-pro-upgrade-lib64objc-12-devubuntu-pro-upgrade-lib64objc4ubuntu-pro-upgrade-lib64quadmath0ubuntu-pro-upgrade-lib64stdc-10-devubuntu-pro-upgrade-lib64stdc-11-devubuntu-pro-upgrade-lib64stdc-12-devubuntu-pro-upgrade-lib64stdc-6ubuntu-pro-upgrade-lib64ubsan1ubuntu-pro-upgrade-libasan6ubuntu-pro-upgrade-libasan8ubuntu-pro-upgrade-libatomic1ubuntu-pro-upgrade-libcc1-0ubuntu-pro-upgrade-libgcc-10-devubuntu-pro-upgrade-libgcc-11-devubuntu-pro-upgrade-libgcc-12-devubuntu-pro-upgrade-libgcc-s1ubuntu-pro-upgrade-libgcc1ubuntu-pro-upgrade-libgccjit-10-devubuntu-pro-upgrade-libgccjit-10-docubuntu-pro-upgrade-libgccjit-11-devubuntu-pro-upgrade-libgccjit-11-docubuntu-pro-upgrade-libgccjit-12-devubuntu-pro-upgrade-libgccjit-12-docubuntu-pro-upgrade-libgccjit0ubuntu-pro-upgrade-libgfortran-10-devubuntu-pro-upgrade-libgfortran-11-devubuntu-pro-upgrade-libgfortran-12-devubuntu-pro-upgrade-libgfortran5ubuntu-pro-upgrade-libgm2-10-devubuntu-pro-upgrade-libgm2-11-devubuntu-pro-upgrade-libgm2-12-devubuntu-pro-upgrade-libgm2-15ubuntu-pro-upgrade-libgm2-17ubuntu-pro-upgrade-libgnat-10ubuntu-pro-upgrade-libgnat-11ubuntu-pro-upgrade-libgnat-12ubuntu-pro-upgrade-libgnat-util10ubuntu-pro-upgrade-libgnat-util10-devubuntu-pro-upgrade-libgo-10-devubuntu-pro-upgrade-libgo-11-devubuntu-pro-upgrade-libgo-12-devubuntu-pro-upgrade-libgo16ubuntu-pro-upgrade-libgo19ubuntu-pro-upgrade-libgo21ubuntu-pro-upgrade-libgomp-plugin-amdgcn1ubuntu-pro-upgrade-libgomp-plugin-hsa1ubuntu-pro-upgrade-libgomp-plugin-nvptx1ubuntu-pro-upgrade-libgomp1ubuntu-pro-upgrade-libgphobos-10-devubuntu-pro-upgrade-libgphobos-11-devubuntu-pro-upgrade-libgphobos-12-devubuntu-pro-upgrade-libgphobos1ubuntu-pro-upgrade-libgphobos2ubuntu-pro-upgrade-libgphobos3ubuntu-pro-upgrade-libhsail-rt-10-devubuntu-pro-upgrade-libhsail-rt-11-devubuntu-pro-upgrade-libhsail-rt0ubuntu-pro-upgrade-libhwasan0ubuntu-pro-upgrade-libitm1ubuntu-pro-upgrade-liblsan0ubuntu-pro-upgrade-libobjc-10-devubuntu-pro-upgrade-libobjc-11-devubuntu-pro-upgrade-libobjc-12-devubuntu-pro-upgrade-libobjc4ubuntu-pro-upgrade-libquadmath0ubuntu-pro-upgrade-libsfasan6ubuntu-pro-upgrade-libsfatomic1ubuntu-pro-upgrade-libsfgcc-10-devubuntu-pro-upgrade-libsfgcc-s1ubuntu-pro-upgrade-libsfgcc1ubuntu-pro-upgrade-libsfgfortran-10-devubuntu-pro-upgrade-libsfgfortran5ubuntu-pro-upgrade-libsfgomp1ubuntu-pro-upgrade-libsfgphobos-10-devubuntu-pro-upgrade-libsfgphobos1ubuntu-pro-upgrade-libsfobjc-10-devubuntu-pro-upgrade-libsfobjc4ubuntu-pro-upgrade-libsfstdc-10-devubuntu-pro-upgrade-libsfstdc-6ubuntu-pro-upgrade-libsfubsan1ubuntu-pro-upgrade-libstdc-10-devubuntu-pro-upgrade-libstdc-10-docubuntu-pro-upgrade-libstdc-10-picubuntu-pro-upgrade-libstdc-11-devubuntu-pro-upgrade-libstdc-11-docubuntu-pro-upgrade-libstdc-11-picubuntu-pro-upgrade-libstdc-12-devubuntu-pro-upgrade-libstdc-12-docubuntu-pro-upgrade-libstdc-12-picubuntu-pro-upgrade-libstdc-6ubuntu-pro-upgrade-libtsan0ubuntu-pro-upgrade-libtsan2ubuntu-pro-upgrade-libubsan1ubuntu-pro-upgrade-libx32asan6ubuntu-pro-upgrade-libx32asan8ubuntu-pro-upgrade-libx32atomic1ubuntu-pro-upgrade-libx32gcc-10-devubuntu-pro-upgrade-libx32gcc-11-devubuntu-pro-upgrade-libx32gcc-12-devubuntu-pro-upgrade-libx32gcc-s1ubuntu-pro-upgrade-libx32gcc1ubuntu-pro-upgrade-libx32gfortran-10-devubuntu-pro-upgrade-libx32gfortran-11-devubuntu-pro-upgrade-libx32gfortran-12-devubuntu-pro-upgrade-libx32gfortran5ubuntu-pro-upgrade-libx32go-10-devubuntu-pro-upgrade-libx32go-11-devubuntu-pro-upgrade-libx32go-12-devubuntu-pro-upgrade-libx32go16ubuntu-pro-upgrade-libx32go19ubuntu-pro-upgrade-libx32go21ubuntu-pro-upgrade-libx32gomp1ubuntu-pro-upgrade-libx32gphobos-10-devubuntu-pro-upgrade-libx32gphobos-11-devubuntu-pro-upgrade-libx32gphobos-12-devubuntu-pro-upgrade-libx32gphobos1ubuntu-pro-upgrade-libx32gphobos2ubuntu-pro-upgrade-libx32gphobos3ubuntu-pro-upgrade-libx32itm1ubuntu-pro-upgrade-libx32lsan0ubuntu-pro-upgrade-libx32objc-10-devubuntu-pro-upgrade-libx32objc-11-devubuntu-pro-upgrade-libx32objc-12-devubuntu-pro-upgrade-libx32objc4ubuntu-pro-upgrade-libx32quadmath0ubuntu-pro-upgrade-libx32stdc-10-devubuntu-pro-upgrade-libx32stdc-11-devubuntu-pro-upgrade-libx32stdc-12-devubuntu-pro-upgrade-libx32stdc-6ubuntu-pro-upgrade-libx32ubsan1
References
- CVE-2023-4039
- https://attackerkb.com/topics/CVE-2023-4039
- CWE-693
- UBUNTU-USN-7700-1
- URL-https://developer.arm.com/Arm%20Security%20Center/GCC%20Stack%20Protector%20Vulnerability%20AArch64
- URL-https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-x7ch-h5rf-w2mf
- URL-https://rtx.meta.security/mitigation/2023/09/12/CVE-2023-4039.html
- URL-https://www.cve.org/CVERecord?id=CVE-2023-4039
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.