Search CVE reports
1 – 10 of 13 results
CVE-2023-4039
Medium prioritySome fixes available 21 of 200
**DISPUTED**A failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an existing buffer overflow in dynamically-sized local variables in your application without this...
65 affected packages
gcc-10, gcc-10-cross, gcc-10-cross-mipsen, gcc-10-cross-ports, gcc-11...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gcc-10 | Fixed | Needs evaluation | Needs evaluation | Not in release | Not in release |
gcc-10-cross | Fixed | Needs evaluation | Needs evaluation | Not in release | Not in release |
gcc-10-cross-mipsen | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Not in release |
gcc-10-cross-ports | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Not in release |
gcc-11 | Fixed | Vulnerable | Not in release | Not in release | Not in release |
gcc-11-cross | Fixed | Vulnerable | Not in release | Not in release | Not in release |
gcc-11-cross-mipsen | Needs evaluation | Not in release | Not in release | Not in release | Not in release |
gcc-11-cross-ports | Needs evaluation | Needs evaluation | Not in release | Not in release | Not in release |
gcc-12 | Fixed | Vulnerable | Not in release | Not in release | Not in release |
gcc-12-cross | Fixed | Vulnerable | Not in release | Not in release | Not in release |
gcc-12-cross-mipsen | Needs evaluation | Not in release | Not in release | Not in release | Not in release |
gcc-12-cross-ports | Needs evaluation | Needs evaluation | Not in release | Not in release | Not in release |
gcc-13 | Fixed | Not in release | Not in release | Not in release | Not in release |
gcc-13-cross | Not affected | Not in release | Not in release | Not in release | Not in release |
gcc-13-cross-ports | Fixed | Not in release | Not in release | Not in release | Not in release |
gcc-3.3 | Not affected | Not affected | Not affected | Not affected | Not affected |
gcc-4.4 | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-4.6 | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-4.7 | Not in release | Not in release | Not in release | Not in release | Ignored |
gcc-4.7-armel-cross | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
gcc-4.7-armhf-cross | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
gcc-4.8 | Not in release | Not in release | Not in release | Needs evaluation | Ignored |
gcc-4.8-arm64-cross | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
gcc-4.8-armhf-cross | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
gcc-4.8-powerpc-cross | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
gcc-4.8-ppc64el-cross | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
gcc-4.9 | Not in release | Not in release | Not in release | Not in release | Ignored |
gcc-4.9-cross | Not in release | Not in release | Not in release | Ignored | Needs evaluation |
gcc-5 | Not in release | Not in release | Not in release | Needs evaluation | Ignored |
gcc-5-cross | Not in release | Not in release | Not in release | Needs evaluation | Needs evaluation |
gcc-5-cross-ports | Not in release | Not in release | Not in release | Needs evaluation | Needs evaluation |
gcc-6 | Not in release | Not in release | Not in release | Needs evaluation | Not in release |
gcc-6-cross | Not in release | Not in release | Not in release | Needs evaluation | Not in release |
gcc-6-cross-ports | Not in release | Not in release | Not in release | Needs evaluation | Not in release |
gcc-7 | Not in release | Not in release | Needs evaluation | Needs evaluation | Not in release |
gcc-7-cross | Not in release | Not in release | Not in release | Needs evaluation | Not in release |
gcc-7-cross-ports | Not in release | Not in release | Not in release | Needs evaluation | Not in release |
gcc-8 | Not in release | Not in release | Needs evaluation | Needs evaluation | Not in release |
gcc-8-cross | Not in release | Not in release | Needs evaluation | Needs evaluation | Not in release |
gcc-8-cross-ports | Not in release | Not in release | Needs evaluation | Needs evaluation | Not in release |
gcc-9 | Fixed | Needs evaluation | Needs evaluation | Not in release | Not in release |
gcc-9-cross | Fixed | Needs evaluation | Needs evaluation | Not in release | Not in release |
gcc-9-cross-mipsen | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Not in release |
gcc-9-cross-ports | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Not in release |
gcc-arm-linux-androideabi | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
gcc-arm-none-eabi | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
gcc-avr | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
gcc-defaults | Not affected | Not affected | Not affected | Not affected | Not affected |
gcc-defaults-arm64-cross | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-defaults-armel-cross | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-defaults-armhf-cross | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-defaults-powerpc-cross | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-defaults-ppc64el-cross | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-h8300-hms | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
gcc-i686-linux-android | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
gcc-m68hc1x | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
gcc-mingw-w64 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
gcc-msp430 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
gcc-opt | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
gcc-or1k-elf | Needs evaluation | Needs evaluation | Not in release | Ignored | Ignored |
gcc-riscv64-unknown-elf | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
gcc-snapshot | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
gcc-xtensa-lx106 | Not in release | Needs evaluation | Needs evaluation | Ignored | Ignored |
gccgo-4.9 | Not in release | Not in release | Not in release | Not in release | Not in release |
gccgo-6 | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
CVE-2021-3826
Low priorityHeap/stack buffer overflow in the dlang_lname function in d-demangle.c in libiberty allows attackers to potentially cause a denial of service (segmentation fault and crash) via a crafted mangled symbol.
51 affected packages
binutils, gcc-10, gcc-11, gcc-12, gcc-13...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
binutils | Not affected | Not affected | Not affected | Not affected | Not affected |
gcc-10 | Not affected | Not affected | Not affected | Not in release | Not in release |
gcc-11 | Vulnerable | Vulnerable | Not in release | Not in release | Not in release |
gcc-12 | Not affected | Not affected | Not in release | Ignored | Ignored |
gcc-13 | Not affected | Not in release | Not in release | Ignored | Ignored |
gcc-3.3 | Not affected | Not affected | Not affected | Not affected | Not affected |
gcc-4.4 | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-4.6 | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-4.7 | Not in release | Not in release | Not in release | Not in release | Not affected |
gcc-4.7-armel-cross | Not in release | Not in release | Not in release | Not in release | Not affected |
gcc-4.7-armhf-cross | Not in release | Not in release | Not in release | Not in release | Not affected |
gcc-4.8 | Not in release | Not in release | Not in release | Not affected | Not affected |
gcc-4.8-arm64-cross | Not in release | Not in release | Not in release | Not in release | Not affected |
gcc-4.8-armhf-cross | Not in release | Not in release | Not in release | Not in release | Not affected |
gcc-4.8-powerpc-cross | Not in release | Not in release | Not in release | Not in release | Not affected |
gcc-4.8-ppc64el-cross | Not in release | Not in release | Not in release | Not in release | Not affected |
gcc-4.9 | Not in release | Not in release | Not in release | Not in release | Not affected |
gcc-5 | Not in release | Not in release | Not in release | Not affected | Not affected |
gcc-5-cross | Not in release | Not in release | Not in release | Not affected | Not affected |
gcc-6 | Not in release | Not in release | Not in release | Not affected | Not in release |
gcc-6-cross | Not in release | Not in release | Not in release | Not affected | Not in release |
gcc-6-cross-ports | Not in release | Not in release | Not in release | Not affected | Not in release |
gcc-7 | Not in release | Not in release | Not affected | Not affected | Not in release |
gcc-7-cross | Not in release | Not in release | Not in release | Not affected | Not in release |
gcc-7-cross-ports | Not in release | Not in release | Not in release | Not affected | Not in release |
gcc-8 | Not in release | Not in release | Not affected | Not affected | Not in release |
gcc-8-cross | Not in release | Not in release | Not affected | Not affected | Not in release |
gcc-8-cross-ports | Not in release | Not in release | Not affected | Not affected | Not in release |
gcc-9 | Not affected | Not affected | Not affected | Not in release | Not in release |
gcc-9-cross | Not affected | Not affected | Not affected | Not in release | Not in release |
gcc-9-cross-ports | Not affected | Not affected | Not affected | Not in release | Not in release |
gcc-arm-linux-androideabi | Not in release | Not in release | Not in release | Not in release | Not affected |
gcc-arm-none-eabi | Not affected | Not affected | Not affected | Not affected | Not affected |
gcc-avr | Not affected | Not affected | Not affected | Not affected | Not affected |
gcc-defaults | Not affected | Not affected | Not affected | Not affected | Not affected |
gcc-defaults-arm64-cross | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-defaults-armel-cross | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-defaults-armhf-cross | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-defaults-powerpc-cross | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-defaults-ppc64el-cross | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-h8300-hms | Not affected | Not affected | Not affected | Not affected | Not affected |
gcc-i686-linux-android | Not in release | Not in release | Not in release | Not in release | Not affected |
gcc-m68hc1x | Not in release | Not affected | Not affected | Not affected | Not affected |
gcc-mingw-w64 | Not affected | Not affected | Not affected | Not affected | Not affected |
gcc-msp430 | Not in release | Not affected | Not affected | Not affected | Not affected |
gcc-opt | Not affected | Not affected | Not affected | Not affected | Not affected |
gcc-snapshot | Not affected | Not affected | Not affected | Not affected | Not affected |
gccgo-4.9 | Not in release | Not in release | Not in release | Not in release | Not in release |
gccgo-6 | Not in release | Not in release | Not in release | Not in release | Not affected |
gdb | Not affected | Not affected | Not affected | Needs evaluation | Needs evaluation |
libiberty | Not affected | Vulnerable | Not affected | Not affected | Not affected |
CVE-2022-27943
Low prioritylibiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangle_const, as demonstrated by nm-new.
52 affected packages
binutils, crash, gcc-10, gcc-11, gcc-12...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
binutils | Not affected | Vulnerable | Not affected | Not affected | Not affected |
crash | Not affected | Not affected | Not affected | Not affected | Not affected |
gcc-10 | Not affected | Not affected | Not affected | Not in release | Not in release |
gcc-11 | Vulnerable | Vulnerable | Not in release | Not in release | Not in release |
gcc-12 | Vulnerable | Vulnerable | Not in release | Not in release | Not in release |
gcc-13 | Not affected | Not in release | Not in release | Not in release | Not in release |
gcc-3.3 | Not affected | Not affected | Not affected | Not affected | Needs evaluation |
gcc-4.4 | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-4.6 | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-4.7 | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
gcc-4.7-armel-cross | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
gcc-4.7-armhf-cross | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
gcc-4.8 | Not in release | Not in release | Not in release | Not affected | Not affected |
gcc-4.8-arm64-cross | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
gcc-4.8-armhf-cross | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
gcc-4.8-powerpc-cross | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
gcc-4.8-ppc64el-cross | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
gcc-4.9 | Not in release | Not in release | Not in release | Not in release | Not affected |
gcc-5 | Not in release | Not in release | Not in release | Not affected | Not affected |
gcc-5-cross | Not in release | Not in release | Not in release | Not affected | Not affected |
gcc-6 | Not in release | Not in release | Not in release | Not affected | Not in release |
gcc-6-cross | Not in release | Not in release | Not in release | Not affected | Not in release |
gcc-6-cross-ports | Not in release | Not in release | Not in release | Not affected | Not in release |
gcc-7 | Not in release | Not in release | Not affected | Not affected | Not in release |
gcc-7-cross | Not in release | Not in release | Not in release | Needs evaluation | Not in release |
gcc-7-cross-ports | Not in release | Not in release | Not in release | Needs evaluation | Not in release |
gcc-8 | Not in release | Not in release | Not affected | Not affected | Not in release |
gcc-8-cross | Not in release | Not in release | Needs evaluation | Needs evaluation | Not in release |
gcc-8-cross-ports | Not in release | Not in release | Not affected | Not affected | Not in release |
gcc-9 | Not affected | Not affected | Not affected | Not in release | Not in release |
gcc-9-cross | Not affected | Not affected | Not affected | Not in release | Not in release |
gcc-9-cross-ports | Not affected | Not affected | Not affected | Not in release | Not in release |
gcc-arm-linux-androideabi | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
gcc-arm-none-eabi | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
gcc-avr | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
gcc-defaults | Not affected | Not affected | Not affected | Not affected | Not affected |
gcc-defaults-arm64-cross | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-defaults-armel-cross | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-defaults-armhf-cross | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-defaults-powerpc-cross | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-defaults-ppc64el-cross | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-h8300-hms | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
gcc-i686-linux-android | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
gcc-m68hc1x | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
gcc-mingw-w64 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
gcc-msp430 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
gcc-opt | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
gcc-snapshot | Not affected | Ignored | Ignored | Not affected | Not affected |
gccgo-4.9 | Not in release | Not in release | Not in release | Not in release | Not in release |
gccgo-6 | Not in release | Not in release | Not in release | Not in release | Not affected |
gdb | Not affected | Vulnerable | Not affected | Not affected | Not affected |
libiberty | Not affected | Vulnerable | Not affected | Not affected | Not affected |
CVE-2021-46195
Low priorityGCC v12.0 was discovered to contain an uncontrolled recursion via the component libiberty/rust-demangle.c. This vulnerability allows attackers to cause a Denial of Service (DoS) by consuming excessive CPU and memory resources.
48 affected packages
gcc-10, gcc-11, gcc-12, gcc-13, gcc-3.3...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gcc-10 | Not affected | Not affected | Not affected | Not in release | Not in release |
gcc-11 | Vulnerable | Vulnerable | Not in release | Not in release | Not in release |
gcc-12 | Not affected | Not affected | Not in release | Ignored | Ignored |
gcc-13 | Not affected | Not in release | Not in release | Ignored | Ignored |
gcc-3.3 | Not affected | Not affected | Not affected | Not affected | Not affected |
gcc-4.4 | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-4.6 | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-4.7 | Not in release | Not in release | Not in release | Not in release | Not affected |
gcc-4.7-armel-cross | Not in release | Not in release | Not in release | Not in release | Not affected |
gcc-4.7-armhf-cross | Not in release | Not in release | Not in release | Not in release | Not affected |
gcc-4.8 | Not in release | Not in release | Not in release | Not affected | Not affected |
gcc-4.8-arm64-cross | Not in release | Not in release | Not in release | Not in release | Not affected |
gcc-4.8-armhf-cross | Not in release | Not in release | Not in release | Not in release | Not affected |
gcc-4.8-powerpc-cross | Not in release | Not in release | Not in release | Not in release | Not affected |
gcc-4.8-ppc64el-cross | Not in release | Not in release | Not in release | Not in release | Not affected |
gcc-4.9 | Not in release | Not in release | Not in release | Not in release | Not affected |
gcc-5 | Not in release | Not in release | Not in release | Not affected | Not affected |
gcc-5-cross | Not in release | Not in release | Not in release | Not affected | Not affected |
gcc-6 | Not in release | Not in release | Not in release | Not affected | Not in release |
gcc-6-cross | Not in release | Not in release | Not in release | Not affected | Not in release |
gcc-6-cross-ports | Not in release | Not in release | Not in release | Not affected | Not in release |
gcc-7 | Not in release | Not in release | Not affected | Not affected | Not in release |
gcc-7-cross | Not in release | Not in release | Not in release | Not affected | Not in release |
gcc-7-cross-ports | Not in release | Not in release | Not in release | Not affected | Not in release |
gcc-8 | Not in release | Not in release | Not affected | Not affected | Not in release |
gcc-8-cross | Not in release | Not in release | Not affected | Not affected | Not in release |
gcc-8-cross-ports | Not in release | Not in release | Not affected | Not affected | Not in release |
gcc-9 | Not affected | Not affected | Not affected | Not in release | Not in release |
gcc-9-cross | Not affected | Not affected | Not affected | Not in release | Not in release |
gcc-9-cross-ports | Not affected | Not affected | Not affected | Not in release | Not in release |
gcc-arm-linux-androideabi | Not in release | Not in release | Not in release | Not in release | Not affected |
gcc-arm-none-eabi | Not affected | Not affected | Not affected | Not affected | Not affected |
gcc-avr | Not affected | Not affected | Not affected | Not affected | Not affected |
gcc-defaults | Not affected | Not affected | Not affected | Not affected | Not affected |
gcc-defaults-arm64-cross | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-defaults-armel-cross | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-defaults-armhf-cross | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-defaults-powerpc-cross | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-defaults-ppc64el-cross | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-h8300-hms | Not affected | Not affected | Not affected | Not affected | Not affected |
gcc-i686-linux-android | Not in release | Not in release | Not in release | Not in release | Not affected |
gcc-m68hc1x | Not in release | Not affected | Not affected | Not affected | Not affected |
gcc-mingw-w64 | Not affected | Ignored | Not affected | Not affected | Not affected |
gcc-msp430 | Not in release | Not affected | Not affected | Not affected | Not affected |
gcc-opt | Not affected | Not affected | Not affected | Not affected | Not affected |
gcc-snapshot | Not affected | Not affected | Not affected | Not affected | Not affected |
gccgo-4.9 | Not in release | Not in release | Not in release | Not in release | Not in release |
gccgo-6 | Not in release | Not in release | Not in release | Not in release | Not affected |
CVE-2020-23026
Low priorityA NULL pointer dereference in the main() function dhry_1.c of dhrystone 2.1 causes a denial of service (DoS).
45 affected packages
gcc-3.3, gcc-4.4, gcc-4.6, gcc-4.7, gcc-4.7-armel-cross...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gcc-3.3 | — | Ignored | Ignored | Ignored | Ignored |
gcc-4.4 | — | Not in release | Not in release | Not in release | Not in release |
gcc-4.6 | — | Not in release | Not in release | Not in release | Not in release |
gcc-4.7 | — | Not in release | Not in release | Not in release | Ignored |
gcc-4.7-armel-cross | — | Not in release | Not in release | Not in release | Ignored |
gcc-4.7-armhf-cross | — | Not in release | Not in release | Not in release | Ignored |
gcc-4.8 | — | Not in release | Not in release | Ignored | Ignored |
gcc-4.8-arm64-cross | — | Not in release | Not in release | Not in release | Ignored |
gcc-4.8-armhf-cross | — | Not in release | Not in release | Not in release | Ignored |
gcc-4.8-powerpc-cross | — | Not in release | Not in release | Not in release | Ignored |
gcc-4.8-ppc64el-cross | — | Not in release | Not in release | Not in release | Ignored |
gcc-4.9 | — | Not in release | Not in release | Not in release | Ignored |
gcc-5 | — | Not in release | Not in release | Ignored | Ignored |
gcc-5-cross | — | Not in release | Not in release | Ignored | Ignored |
gcc-6 | — | Not in release | Not in release | Ignored | Not in release |
gcc-6-cross | — | Not in release | Not in release | Ignored | Not in release |
gcc-6-cross-ports | — | Not in release | Not in release | Ignored | Not in release |
gcc-7 | — | Not in release | Ignored | Ignored | Not in release |
gcc-7-cross | — | Not in release | Not in release | Ignored | Not in release |
gcc-7-cross-ports | — | Not in release | Not in release | Ignored | Not in release |
gcc-8 | — | Not in release | Ignored | Ignored | Not in release |
gcc-8-cross | — | Not in release | Ignored | Ignored | Not in release |
gcc-8-cross-ports | — | Not in release | Ignored | Ignored | Not in release |
gcc-9 | — | Ignored | Ignored | Not in release | Not in release |
gcc-9-cross | — | Ignored | Ignored | Not in release | Not in release |
gcc-9-cross-ports | — | Ignored | Ignored | Not in release | Not in release |
gcc-arm-linux-androideabi | — | Not in release | Not in release | Not in release | Ignored |
gcc-arm-none-eabi | — | Ignored | Ignored | Ignored | Ignored |
gcc-avr | — | Ignored | Ignored | Ignored | Ignored |
gcc-defaults | — | Ignored | Ignored | Ignored | Ignored |
gcc-defaults-arm64-cross | — | Not in release | Not in release | Not in release | Not in release |
gcc-defaults-armel-cross | — | Not in release | Not in release | Not in release | Not in release |
gcc-defaults-armhf-cross | — | Not in release | Not in release | Not in release | Not in release |
gcc-defaults-powerpc-cross | — | Not in release | Not in release | Not in release | Not in release |
gcc-defaults-ppc64el-cross | — | Not in release | Not in release | Not in release | Not in release |
gcc-h8300-hms | — | Ignored | Ignored | Ignored | Ignored |
gcc-i686-linux-android | — | Not in release | Not in release | Not in release | Ignored |
gcc-m68hc1x | — | Ignored | Ignored | Ignored | Ignored |
gcc-mingw-w64 | — | Ignored | Ignored | Ignored | Ignored |
gcc-msp430 | — | Ignored | Ignored | Ignored | Ignored |
gcc-opt | — | Ignored | Ignored | Ignored | Ignored |
gcc-snapshot | — | Ignored | Ignored | Ignored | Ignored |
gccgo-4.9 | — | Not in release | Not in release | Not in release | Not in release |
gccgo-6 | — | Not in release | Not in release | Not in release | Ignored |
u-boot | — | Not affected | Not affected | Not affected | Not affected |
CVE-2020-13844
Medium prioritySome fixes available 3 of 199
Arm Armv8-A core implementations utilizing speculative execution past unconditional changes in control flow may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka...
54 affected packages
gcc-10, gcc-3.3, gcc-4.4, gcc-4.6, gcc-4.7...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gcc-10 | Not affected | Not affected | Fixed | Not in release | Not in release |
gcc-3.3 | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
gcc-4.4 | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-4.6 | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-4.7 | Not in release | Not in release | Not in release | Not in release | Vulnerable |
gcc-4.7-armel-cross | Not in release | Not in release | Not in release | Not in release | Vulnerable |
gcc-4.7-armhf-cross | Not in release | Not in release | Not in release | Not in release | Vulnerable |
gcc-4.8 | Not in release | Not in release | Not in release | Vulnerable | Vulnerable |
gcc-4.8-arm64-cross | Not in release | Not in release | Not in release | Not in release | Vulnerable |
gcc-4.8-armhf-cross | Not in release | Not in release | Not in release | Not in release | Vulnerable |
gcc-4.8-powerpc-cross | Not in release | Not in release | Not in release | Not in release | Vulnerable |
gcc-4.8-ppc64el-cross | Not in release | Not in release | Not in release | Not in release | Vulnerable |
gcc-4.9 | Not in release | Not in release | Not in release | Not in release | Vulnerable |
gcc-5 | Not in release | Not in release | Not in release | Not affected | Not affected |
gcc-5-cross | Not in release | Not in release | Not in release | Vulnerable | Vulnerable |
gcc-6 | Not in release | Not in release | Not in release | Vulnerable | Not in release |
gcc-6-cross | Not in release | Not in release | Not in release | Vulnerable | Not in release |
gcc-6-cross-ports | Not in release | Not in release | Not in release | Vulnerable | Not in release |
gcc-7 | Not in release | Not in release | Vulnerable | Vulnerable | Not in release |
gcc-7-cross | Not in release | Not in release | Not in release | Vulnerable | Not in release |
gcc-7-cross-ports | Not in release | Not in release | Not in release | Vulnerable | Not in release |
gcc-8 | Not in release | Not in release | Vulnerable | Vulnerable | Not in release |
gcc-8-cross | Not in release | Not in release | Vulnerable | Vulnerable | Not in release |
gcc-8-cross-ports | Not in release | Not in release | Vulnerable | Vulnerable | Not in release |
gcc-9 | Not affected | Not affected | Fixed | Not in release | Not in release |
gcc-9-cross | Not affected | Not affected | Fixed | Not in release | Not in release |
gcc-9-cross-ports | Vulnerable | Vulnerable | Vulnerable | Not in release | Not in release |
gcc-arm-linux-androideabi | Not in release | Not in release | Not in release | Not in release | Vulnerable |
gcc-arm-none-eabi | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
gcc-avr | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
gcc-defaults | Not affected | Not affected | Not affected | Not affected | Not affected |
gcc-defaults-arm64-cross | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-defaults-armel-cross | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-defaults-armhf-cross | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-defaults-powerpc-cross | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-defaults-ppc64el-cross | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-h8300-hms | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
gcc-i686-linux-android | Not in release | Not in release | Not in release | Not in release | Vulnerable |
gcc-m68hc1x | Not in release | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
gcc-mingw-w64 | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
gcc-msp430 | Not in release | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
gcc-opt | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
gcc-snapshot | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
gccgo-4.9 | Not in release | Not in release | Not in release | Not in release | Not in release |
gccgo-6 | Not in release | Not in release | Not in release | Not in release | Not affected |
llvm-toolchain-3.3 | Not in release | Not in release | Not in release | Not in release | Not in release |
llvm-toolchain-3.4 | Not in release | Not in release | Not in release | Not in release | Not in release |
llvm-toolchain-3.5 | Not in release | Not in release | Not in release | Not in release | Vulnerable |
llvm-toolchain-3.6 | Not in release | Not in release | Not in release | Not in release | Vulnerable |
llvm-toolchain-3.7 | Not in release | Not in release | Not in release | Vulnerable | Vulnerable |
llvm-toolchain-3.8 | Not in release | Not in release | Not in release | Not in release | Vulnerable |
llvm-toolchain-3.9 | Not in release | Not in release | Not in release | Vulnerable | Vulnerable |
llvm-toolchain-4.0 | Not in release | Not in release | Not in release | Vulnerable | Vulnerable |
llvm-toolchain-snapshot | Not in release | Not in release | Not in release | Not in release | Not in release |
CVE-2015-5741
Low priorityThe net/http library in net/http/transfer.go in Go before 1.4.3 does not properly parse HTTP headers, which allows remote attackers to conduct HTTP request smuggling attacks via a request that contains Content-Length...
6 affected packages
gcc-5, gccgo-4.7, gccgo-4.8, gccgo-4.9, gccgo-5, golang
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gcc-5 | Not in release | Not in release | Not in release | Needs evaluation | Needs evaluation |
gccgo-4.7 | Not in release | Not in release | Not in release | Not in release | Not in release |
gccgo-4.8 | Not in release | Not in release | Not in release | Not in release | Not in release |
gccgo-4.9 | Not in release | Not in release | Not in release | Not in release | Not in release |
gccgo-5 | Not in release | Not in release | Not in release | Not in release | Not in release |
golang | Not in release | Not in release | Not in release | Not in release | Not in release |
CVE-2019-15847
Negligible prioritySome fixes available 4 of 68
The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This...
45 affected packages
gcc-10, gcc-3.3, gcc-4.4, gcc-4.6, gcc-4.7...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gcc-10 | Not affected | Not affected | Fixed | Not in release | Not in release |
gcc-3.3 | Not affected | Not affected | Not affected | Not affected | Not affected |
gcc-4.4 | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-4.6 | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-4.7 | Not in release | Not in release | Not in release | Not in release | Not affected |
gcc-4.7-armel-cross | Not in release | Not in release | Not in release | Not in release | Not affected |
gcc-4.7-armhf-cross | Not in release | Not in release | Not in release | Not in release | Not affected |
gcc-4.8 | Not in release | Not in release | Not in release | Not affected | Not affected |
gcc-4.8-arm64-cross | Not in release | Not in release | Not in release | Not in release | Not affected |
gcc-4.8-armhf-cross | Not in release | Not in release | Not in release | Not in release | Not affected |
gcc-4.8-powerpc-cross | Not in release | Not in release | Not in release | Not in release | Not affected |
gcc-4.8-ppc64el-cross | Not in release | Not in release | Not in release | Not in release | Not affected |
gcc-4.9 | Not in release | Not in release | Not in release | Not in release | Not affected |
gcc-5 | Not in release | Not in release | Not in release | Not affected | Not affected |
gcc-5-cross | Not in release | Not in release | Not in release | Not affected | Not affected |
gcc-6 | Not in release | Not in release | Not in release | Needs evaluation | Not in release |
gcc-6-cross | Not in release | Not in release | Not in release | Needs evaluation | Not in release |
gcc-6-cross-ports | Not in release | Not in release | Not in release | Needs evaluation | Not in release |
gcc-7 | Not in release | Not in release | Not affected | Fixed | Not in release |
gcc-7-cross | Not in release | Not in release | Not in release | Needs evaluation | Not in release |
gcc-7-cross-ports | Not in release | Not in release | Not in release | Needs evaluation | Not in release |
gcc-8 | Not in release | Not in release | Not affected | Fixed | Not in release |
gcc-8-cross | Not in release | Not in release | Needs evaluation | Needs evaluation | Not in release |
gcc-8-cross-ports | Not in release | Not in release | Needs evaluation | Needs evaluation | Not in release |
gcc-9 | Not affected | Not affected | Not affected | Not in release | Not in release |
gcc-9-cross | Not affected | Not affected | Not affected | Not in release | Not in release |
gcc-9-cross-ports | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Not in release |
gcc-arm-linux-androideabi | Not in release | Not in release | Not in release | Not in release | Not affected |
gcc-arm-none-eabi | Not affected | Not affected | Not affected | Not affected | Not affected |
gcc-avr | Not affected | Not affected | Not affected | Not affected | Not affected |
gcc-defaults | Not affected | Not affected | Not affected | Not affected | Not affected |
gcc-defaults-arm64-cross | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-defaults-armel-cross | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-defaults-armhf-cross | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-defaults-powerpc-cross | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-defaults-ppc64el-cross | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-h8300-hms | Not affected | Not affected | Not affected | Not affected | Not affected |
gcc-i686-linux-android | Not in release | Not in release | Not in release | Not in release | Not affected |
gcc-m68hc1x | Not in release | Not affected | Not affected | Not affected | Not affected |
gcc-mingw-w64 | Not affected | Not affected | Not affected | Not affected | Not affected |
gcc-msp430 | Not in release | Not affected | Not affected | Not affected | Not affected |
gcc-opt | Not affected | Not affected | Not affected | Not affected | Not affected |
gcc-snapshot | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
gccgo-4.9 | Not in release | Not in release | Not in release | Not in release | Not in release |
gccgo-6 | Not in release | Not in release | Not in release | Not in release | Not affected |
CVE-2015-5740
Low priorityThe net/http library in net/http/transfer.go in Go before 1.4.3 does not properly parse HTTP headers, which allows remote attackers to conduct HTTP request smuggling attacks via a request with two Content-length headers.
6 affected packages
gcc-5, gccgo-4.7, gccgo-4.8, gccgo-4.9, gccgo-5, golang
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gcc-5 | Not in release | Not in release | Not in release | Needs evaluation | Needs evaluation |
gccgo-4.7 | Not in release | Not in release | Not in release | Not in release | Not in release |
gccgo-4.8 | Not in release | Not in release | Not in release | Not in release | Not in release |
gccgo-4.9 | Not in release | Not in release | Not in release | Not in release | Not in release |
gccgo-5 | Not in release | Not in release | Not in release | Not in release | Not in release |
golang | Not in release | Not in release | Not in release | Not in release | Not in release |
CVE-2015-5739
Low priorityThe net/http library in net/textproto/reader.go in Go before 1.4.3 does not properly parse HTTP header keys, which allows remote attackers to conduct HTTP request smuggling attacks via a space instead of a hyphen, as demonstrated...
6 affected packages
gcc-5, gccgo-4.7, gccgo-4.8, gccgo-4.9, gccgo-5, golang
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gcc-5 | Not in release | Not in release | Not in release | Needs evaluation | Needs evaluation |
gccgo-4.7 | Not in release | Not in release | Not in release | Not in release | Not in release |
gccgo-4.8 | Not in release | Not in release | Not in release | Not in release | Not in release |
gccgo-4.9 | Not in release | Not in release | Not in release | Not in release | Not in release |
gccgo-5 | Not in release | Not in release | Not in release | Not in release | Not in release |
golang | Not in release | Not in release | Not in release | Not in release | Not in release |