Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 10 of 13 results


CVE-2023-4039

Medium priority

Some fixes available 21 of 200

**DISPUTED**A failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an existing buffer overflow in dynamically-sized local variables in your application without this...

65 affected packages

gcc-10, gcc-10-cross, gcc-10-cross-mipsen, gcc-10-cross-ports, gcc-11...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gcc-10 Fixed Needs evaluation Needs evaluation Not in release Not in release
gcc-10-cross Fixed Needs evaluation Needs evaluation Not in release Not in release
gcc-10-cross-mipsen Needs evaluation Needs evaluation Needs evaluation Not in release Not in release
gcc-10-cross-ports Needs evaluation Needs evaluation Needs evaluation Not in release Not in release
gcc-11 Fixed Vulnerable Not in release Not in release Not in release
gcc-11-cross Fixed Vulnerable Not in release Not in release Not in release
gcc-11-cross-mipsen Needs evaluation Not in release Not in release Not in release Not in release
gcc-11-cross-ports Needs evaluation Needs evaluation Not in release Not in release Not in release
gcc-12 Fixed Vulnerable Not in release Not in release Not in release
gcc-12-cross Fixed Vulnerable Not in release Not in release Not in release
gcc-12-cross-mipsen Needs evaluation Not in release Not in release Not in release Not in release
gcc-12-cross-ports Needs evaluation Needs evaluation Not in release Not in release Not in release
gcc-13 Fixed Not in release Not in release Not in release Not in release
gcc-13-cross Not affected Not in release Not in release Not in release Not in release
gcc-13-cross-ports Fixed Not in release Not in release Not in release Not in release
gcc-3.3 Not affected Not affected Not affected Not affected Not affected
gcc-4.4 Not in release Not in release Not in release Not in release Not in release
gcc-4.6 Not in release Not in release Not in release Not in release Not in release
gcc-4.7 Not in release Not in release Not in release Not in release Ignored
gcc-4.7-armel-cross Not in release Not in release Not in release Not in release Needs evaluation
gcc-4.7-armhf-cross Not in release Not in release Not in release Not in release Needs evaluation
gcc-4.8 Not in release Not in release Not in release Needs evaluation Ignored
gcc-4.8-arm64-cross Not in release Not in release Not in release Not in release Needs evaluation
gcc-4.8-armhf-cross Not in release Not in release Not in release Not in release Needs evaluation
gcc-4.8-powerpc-cross Not in release Not in release Not in release Not in release Needs evaluation
gcc-4.8-ppc64el-cross Not in release Not in release Not in release Not in release Needs evaluation
gcc-4.9 Not in release Not in release Not in release Not in release Ignored
gcc-4.9-cross Not in release Not in release Not in release Ignored Needs evaluation
gcc-5 Not in release Not in release Not in release Needs evaluation Ignored
gcc-5-cross Not in release Not in release Not in release Needs evaluation Needs evaluation
gcc-5-cross-ports Not in release Not in release Not in release Needs evaluation Needs evaluation
gcc-6 Not in release Not in release Not in release Needs evaluation Not in release
gcc-6-cross Not in release Not in release Not in release Needs evaluation Not in release
gcc-6-cross-ports Not in release Not in release Not in release Needs evaluation Not in release
gcc-7 Not in release Not in release Needs evaluation Needs evaluation Not in release
gcc-7-cross Not in release Not in release Not in release Needs evaluation Not in release
gcc-7-cross-ports Not in release Not in release Not in release Needs evaluation Not in release
gcc-8 Not in release Not in release Needs evaluation Needs evaluation Not in release
gcc-8-cross Not in release Not in release Needs evaluation Needs evaluation Not in release
gcc-8-cross-ports Not in release Not in release Needs evaluation Needs evaluation Not in release
gcc-9 Fixed Needs evaluation Needs evaluation Not in release Not in release
gcc-9-cross Fixed Needs evaluation Needs evaluation Not in release Not in release
gcc-9-cross-mipsen Needs evaluation Needs evaluation Needs evaluation Not in release Not in release
gcc-9-cross-ports Needs evaluation Needs evaluation Needs evaluation Not in release Not in release
gcc-arm-linux-androideabi Not in release Not in release Not in release Not in release Needs evaluation
gcc-arm-none-eabi Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
gcc-avr Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
gcc-defaults Not affected Not affected Not affected Not affected Not affected
gcc-defaults-arm64-cross Not in release Not in release Not in release Not in release Not in release
gcc-defaults-armel-cross Not in release Not in release Not in release Not in release Not in release
gcc-defaults-armhf-cross Not in release Not in release Not in release Not in release Not in release
gcc-defaults-powerpc-cross Not in release Not in release Not in release Not in release Not in release
gcc-defaults-ppc64el-cross Not in release Not in release Not in release Not in release Not in release
gcc-h8300-hms Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
gcc-i686-linux-android Not in release Not in release Not in release Not in release Needs evaluation
gcc-m68hc1x Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
gcc-mingw-w64 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
gcc-msp430 Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
gcc-opt Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
gcc-or1k-elf Needs evaluation Needs evaluation Not in release Ignored Ignored
gcc-riscv64-unknown-elf Needs evaluation Needs evaluation Needs evaluation Ignored Ignored
gcc-snapshot Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
gcc-xtensa-lx106 Not in release Needs evaluation Needs evaluation Ignored Ignored
gccgo-4.9 Not in release Not in release Not in release Not in release Not in release
gccgo-6 Not in release Not in release Not in release Not in release Needs evaluation
Show all 65 packages Show less packages

CVE-2021-3826

Low priority
Vulnerable

Heap/stack buffer overflow in the dlang_lname function in d-demangle.c in libiberty allows attackers to potentially cause a denial of service (segmentation fault and crash) via a crafted mangled symbol.

51 affected packages

binutils, gcc-10, gcc-11, gcc-12, gcc-13...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
binutils Not affected Not affected Not affected Not affected Not affected
gcc-10 Not affected Not affected Not affected Not in release Not in release
gcc-11 Vulnerable Vulnerable Not in release Not in release Not in release
gcc-12 Not affected Not affected Not in release Ignored Ignored
gcc-13 Not affected Not in release Not in release Ignored Ignored
gcc-3.3 Not affected Not affected Not affected Not affected Not affected
gcc-4.4 Not in release Not in release Not in release Not in release Not in release
gcc-4.6 Not in release Not in release Not in release Not in release Not in release
gcc-4.7 Not in release Not in release Not in release Not in release Not affected
gcc-4.7-armel-cross Not in release Not in release Not in release Not in release Not affected
gcc-4.7-armhf-cross Not in release Not in release Not in release Not in release Not affected
gcc-4.8 Not in release Not in release Not in release Not affected Not affected
gcc-4.8-arm64-cross Not in release Not in release Not in release Not in release Not affected
gcc-4.8-armhf-cross Not in release Not in release Not in release Not in release Not affected
gcc-4.8-powerpc-cross Not in release Not in release Not in release Not in release Not affected
gcc-4.8-ppc64el-cross Not in release Not in release Not in release Not in release Not affected
gcc-4.9 Not in release Not in release Not in release Not in release Not affected
gcc-5 Not in release Not in release Not in release Not affected Not affected
gcc-5-cross Not in release Not in release Not in release Not affected Not affected
gcc-6 Not in release Not in release Not in release Not affected Not in release
gcc-6-cross Not in release Not in release Not in release Not affected Not in release
gcc-6-cross-ports Not in release Not in release Not in release Not affected Not in release
gcc-7 Not in release Not in release Not affected Not affected Not in release
gcc-7-cross Not in release Not in release Not in release Not affected Not in release
gcc-7-cross-ports Not in release Not in release Not in release Not affected Not in release
gcc-8 Not in release Not in release Not affected Not affected Not in release
gcc-8-cross Not in release Not in release Not affected Not affected Not in release
gcc-8-cross-ports Not in release Not in release Not affected Not affected Not in release
gcc-9 Not affected Not affected Not affected Not in release Not in release
gcc-9-cross Not affected Not affected Not affected Not in release Not in release
gcc-9-cross-ports Not affected Not affected Not affected Not in release Not in release
gcc-arm-linux-androideabi Not in release Not in release Not in release Not in release Not affected
gcc-arm-none-eabi Not affected Not affected Not affected Not affected Not affected
gcc-avr Not affected Not affected Not affected Not affected Not affected
gcc-defaults Not affected Not affected Not affected Not affected Not affected
gcc-defaults-arm64-cross Not in release Not in release Not in release Not in release Not in release
gcc-defaults-armel-cross Not in release Not in release Not in release Not in release Not in release
gcc-defaults-armhf-cross Not in release Not in release Not in release Not in release Not in release
gcc-defaults-powerpc-cross Not in release Not in release Not in release Not in release Not in release
gcc-defaults-ppc64el-cross Not in release Not in release Not in release Not in release Not in release
gcc-h8300-hms Not affected Not affected Not affected Not affected Not affected
gcc-i686-linux-android Not in release Not in release Not in release Not in release Not affected
gcc-m68hc1x Not in release Not affected Not affected Not affected Not affected
gcc-mingw-w64 Not affected Not affected Not affected Not affected Not affected
gcc-msp430 Not in release Not affected Not affected Not affected Not affected
gcc-opt Not affected Not affected Not affected Not affected Not affected
gcc-snapshot Not affected Not affected Not affected Not affected Not affected
gccgo-4.9 Not in release Not in release Not in release Not in release Not in release
gccgo-6 Not in release Not in release Not in release Not in release Not affected
gdb Not affected Not affected Not affected Needs evaluation Needs evaluation
libiberty Not affected Vulnerable Not affected Not affected Not affected
Show all 51 packages Show less packages

CVE-2022-27943

Low priority
Vulnerable

libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangle_const, as demonstrated by nm-new.

52 affected packages

binutils, crash, gcc-10, gcc-11, gcc-12...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
binutils Not affected Vulnerable Not affected Not affected Not affected
crash Not affected Not affected Not affected Not affected Not affected
gcc-10 Not affected Not affected Not affected Not in release Not in release
gcc-11 Vulnerable Vulnerable Not in release Not in release Not in release
gcc-12 Vulnerable Vulnerable Not in release Not in release Not in release
gcc-13 Not affected Not in release Not in release Not in release Not in release
gcc-3.3 Not affected Not affected Not affected Not affected Needs evaluation
gcc-4.4 Not in release Not in release Not in release Not in release Not in release
gcc-4.6 Not in release Not in release Not in release Not in release Not in release
gcc-4.7 Not in release Not in release Not in release Not in release Needs evaluation
gcc-4.7-armel-cross Not in release Not in release Not in release Not in release Needs evaluation
gcc-4.7-armhf-cross Not in release Not in release Not in release Not in release Needs evaluation
gcc-4.8 Not in release Not in release Not in release Not affected Not affected
gcc-4.8-arm64-cross Not in release Not in release Not in release Not in release Needs evaluation
gcc-4.8-armhf-cross Not in release Not in release Not in release Not in release Needs evaluation
gcc-4.8-powerpc-cross Not in release Not in release Not in release Not in release Needs evaluation
gcc-4.8-ppc64el-cross Not in release Not in release Not in release Not in release Needs evaluation
gcc-4.9 Not in release Not in release Not in release Not in release Not affected
gcc-5 Not in release Not in release Not in release Not affected Not affected
gcc-5-cross Not in release Not in release Not in release Not affected Not affected
gcc-6 Not in release Not in release Not in release Not affected Not in release
gcc-6-cross Not in release Not in release Not in release Not affected Not in release
gcc-6-cross-ports Not in release Not in release Not in release Not affected Not in release
gcc-7 Not in release Not in release Not affected Not affected Not in release
gcc-7-cross Not in release Not in release Not in release Needs evaluation Not in release
gcc-7-cross-ports Not in release Not in release Not in release Needs evaluation Not in release
gcc-8 Not in release Not in release Not affected Not affected Not in release
gcc-8-cross Not in release Not in release Needs evaluation Needs evaluation Not in release
gcc-8-cross-ports Not in release Not in release Not affected Not affected Not in release
gcc-9 Not affected Not affected Not affected Not in release Not in release
gcc-9-cross Not affected Not affected Not affected Not in release Not in release
gcc-9-cross-ports Not affected Not affected Not affected Not in release Not in release
gcc-arm-linux-androideabi Not in release Not in release Not in release Not in release Needs evaluation
gcc-arm-none-eabi Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
gcc-avr Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
gcc-defaults Not affected Not affected Not affected Not affected Not affected
gcc-defaults-arm64-cross Not in release Not in release Not in release Not in release Not in release
gcc-defaults-armel-cross Not in release Not in release Not in release Not in release Not in release
gcc-defaults-armhf-cross Not in release Not in release Not in release Not in release Not in release
gcc-defaults-powerpc-cross Not in release Not in release Not in release Not in release Not in release
gcc-defaults-ppc64el-cross Not in release Not in release Not in release Not in release Not in release
gcc-h8300-hms Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
gcc-i686-linux-android Not in release Not in release Not in release Not in release Needs evaluation
gcc-m68hc1x Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
gcc-mingw-w64 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
gcc-msp430 Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
gcc-opt Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
gcc-snapshot Not affected Ignored Ignored Not affected Not affected
gccgo-4.9 Not in release Not in release Not in release Not in release Not in release
gccgo-6 Not in release Not in release Not in release Not in release Not affected
gdb Not affected Vulnerable Not affected Not affected Not affected
libiberty Not affected Vulnerable Not affected Not affected Not affected
Show all 52 packages Show less packages

CVE-2021-46195

Low priority
Vulnerable

GCC v12.0 was discovered to contain an uncontrolled recursion via the component libiberty/rust-demangle.c. This vulnerability allows attackers to cause a Denial of Service (DoS) by consuming excessive CPU and memory resources.

48 affected packages

gcc-10, gcc-11, gcc-12, gcc-13, gcc-3.3...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gcc-10 Not affected Not affected Not affected Not in release Not in release
gcc-11 Vulnerable Vulnerable Not in release Not in release Not in release
gcc-12 Not affected Not affected Not in release Ignored Ignored
gcc-13 Not affected Not in release Not in release Ignored Ignored
gcc-3.3 Not affected Not affected Not affected Not affected Not affected
gcc-4.4 Not in release Not in release Not in release Not in release Not in release
gcc-4.6 Not in release Not in release Not in release Not in release Not in release
gcc-4.7 Not in release Not in release Not in release Not in release Not affected
gcc-4.7-armel-cross Not in release Not in release Not in release Not in release Not affected
gcc-4.7-armhf-cross Not in release Not in release Not in release Not in release Not affected
gcc-4.8 Not in release Not in release Not in release Not affected Not affected
gcc-4.8-arm64-cross Not in release Not in release Not in release Not in release Not affected
gcc-4.8-armhf-cross Not in release Not in release Not in release Not in release Not affected
gcc-4.8-powerpc-cross Not in release Not in release Not in release Not in release Not affected
gcc-4.8-ppc64el-cross Not in release Not in release Not in release Not in release Not affected
gcc-4.9 Not in release Not in release Not in release Not in release Not affected
gcc-5 Not in release Not in release Not in release Not affected Not affected
gcc-5-cross Not in release Not in release Not in release Not affected Not affected
gcc-6 Not in release Not in release Not in release Not affected Not in release
gcc-6-cross Not in release Not in release Not in release Not affected Not in release
gcc-6-cross-ports Not in release Not in release Not in release Not affected Not in release
gcc-7 Not in release Not in release Not affected Not affected Not in release
gcc-7-cross Not in release Not in release Not in release Not affected Not in release
gcc-7-cross-ports Not in release Not in release Not in release Not affected Not in release
gcc-8 Not in release Not in release Not affected Not affected Not in release
gcc-8-cross Not in release Not in release Not affected Not affected Not in release
gcc-8-cross-ports Not in release Not in release Not affected Not affected Not in release
gcc-9 Not affected Not affected Not affected Not in release Not in release
gcc-9-cross Not affected Not affected Not affected Not in release Not in release
gcc-9-cross-ports Not affected Not affected Not affected Not in release Not in release
gcc-arm-linux-androideabi Not in release Not in release Not in release Not in release Not affected
gcc-arm-none-eabi Not affected Not affected Not affected Not affected Not affected
gcc-avr Not affected Not affected Not affected Not affected Not affected
gcc-defaults Not affected Not affected Not affected Not affected Not affected
gcc-defaults-arm64-cross Not in release Not in release Not in release Not in release Not in release
gcc-defaults-armel-cross Not in release Not in release Not in release Not in release Not in release
gcc-defaults-armhf-cross Not in release Not in release Not in release Not in release Not in release
gcc-defaults-powerpc-cross Not in release Not in release Not in release Not in release Not in release
gcc-defaults-ppc64el-cross Not in release Not in release Not in release Not in release Not in release
gcc-h8300-hms Not affected Not affected Not affected Not affected Not affected
gcc-i686-linux-android Not in release Not in release Not in release Not in release Not affected
gcc-m68hc1x Not in release Not affected Not affected Not affected Not affected
gcc-mingw-w64 Not affected Ignored Not affected Not affected Not affected
gcc-msp430 Not in release Not affected Not affected Not affected Not affected
gcc-opt Not affected Not affected Not affected Not affected Not affected
gcc-snapshot Not affected Not affected Not affected Not affected Not affected
gccgo-4.9 Not in release Not in release Not in release Not in release Not in release
gccgo-6 Not in release Not in release Not in release Not in release Not affected
Show all 48 packages Show less packages

CVE-2020-23026

Low priority
Ignored

A NULL pointer dereference in the main() function dhry_1.c of dhrystone 2.1 causes a denial of service (DoS).

45 affected packages

gcc-3.3, gcc-4.4, gcc-4.6, gcc-4.7, gcc-4.7-armel-cross...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gcc-3.3 Ignored Ignored Ignored Ignored
gcc-4.4 Not in release Not in release Not in release Not in release
gcc-4.6 Not in release Not in release Not in release Not in release
gcc-4.7 Not in release Not in release Not in release Ignored
gcc-4.7-armel-cross Not in release Not in release Not in release Ignored
gcc-4.7-armhf-cross Not in release Not in release Not in release Ignored
gcc-4.8 Not in release Not in release Ignored Ignored
gcc-4.8-arm64-cross Not in release Not in release Not in release Ignored
gcc-4.8-armhf-cross Not in release Not in release Not in release Ignored
gcc-4.8-powerpc-cross Not in release Not in release Not in release Ignored
gcc-4.8-ppc64el-cross Not in release Not in release Not in release Ignored
gcc-4.9 Not in release Not in release Not in release Ignored
gcc-5 Not in release Not in release Ignored Ignored
gcc-5-cross Not in release Not in release Ignored Ignored
gcc-6 Not in release Not in release Ignored Not in release
gcc-6-cross Not in release Not in release Ignored Not in release
gcc-6-cross-ports Not in release Not in release Ignored Not in release
gcc-7 Not in release Ignored Ignored Not in release
gcc-7-cross Not in release Not in release Ignored Not in release
gcc-7-cross-ports Not in release Not in release Ignored Not in release
gcc-8 Not in release Ignored Ignored Not in release
gcc-8-cross Not in release Ignored Ignored Not in release
gcc-8-cross-ports Not in release Ignored Ignored Not in release
gcc-9 Ignored Ignored Not in release Not in release
gcc-9-cross Ignored Ignored Not in release Not in release
gcc-9-cross-ports Ignored Ignored Not in release Not in release
gcc-arm-linux-androideabi Not in release Not in release Not in release Ignored
gcc-arm-none-eabi Ignored Ignored Ignored Ignored
gcc-avr Ignored Ignored Ignored Ignored
gcc-defaults Ignored Ignored Ignored Ignored
gcc-defaults-arm64-cross Not in release Not in release Not in release Not in release
gcc-defaults-armel-cross Not in release Not in release Not in release Not in release
gcc-defaults-armhf-cross Not in release Not in release Not in release Not in release
gcc-defaults-powerpc-cross Not in release Not in release Not in release Not in release
gcc-defaults-ppc64el-cross Not in release Not in release Not in release Not in release
gcc-h8300-hms Ignored Ignored Ignored Ignored
gcc-i686-linux-android Not in release Not in release Not in release Ignored
gcc-m68hc1x Ignored Ignored Ignored Ignored
gcc-mingw-w64 Ignored Ignored Ignored Ignored
gcc-msp430 Ignored Ignored Ignored Ignored
gcc-opt Ignored Ignored Ignored Ignored
gcc-snapshot Ignored Ignored Ignored Ignored
gccgo-4.9 Not in release Not in release Not in release Not in release
gccgo-6 Not in release Not in release Not in release Ignored
u-boot Not affected Not affected Not affected Not affected
Show all 45 packages Show less packages

CVE-2020-13844

Medium priority

Some fixes available 3 of 199

Arm Armv8-A core implementations utilizing speculative execution past unconditional changes in control flow may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka...

54 affected packages

gcc-10, gcc-3.3, gcc-4.4, gcc-4.6, gcc-4.7...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gcc-10 Not affected Not affected Fixed Not in release Not in release
gcc-3.3 Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
gcc-4.4 Not in release Not in release Not in release Not in release Not in release
gcc-4.6 Not in release Not in release Not in release Not in release Not in release
gcc-4.7 Not in release Not in release Not in release Not in release Vulnerable
gcc-4.7-armel-cross Not in release Not in release Not in release Not in release Vulnerable
gcc-4.7-armhf-cross Not in release Not in release Not in release Not in release Vulnerable
gcc-4.8 Not in release Not in release Not in release Vulnerable Vulnerable
gcc-4.8-arm64-cross Not in release Not in release Not in release Not in release Vulnerable
gcc-4.8-armhf-cross Not in release Not in release Not in release Not in release Vulnerable
gcc-4.8-powerpc-cross Not in release Not in release Not in release Not in release Vulnerable
gcc-4.8-ppc64el-cross Not in release Not in release Not in release Not in release Vulnerable
gcc-4.9 Not in release Not in release Not in release Not in release Vulnerable
gcc-5 Not in release Not in release Not in release Not affected Not affected
gcc-5-cross Not in release Not in release Not in release Vulnerable Vulnerable
gcc-6 Not in release Not in release Not in release Vulnerable Not in release
gcc-6-cross Not in release Not in release Not in release Vulnerable Not in release
gcc-6-cross-ports Not in release Not in release Not in release Vulnerable Not in release
gcc-7 Not in release Not in release Vulnerable Vulnerable Not in release
gcc-7-cross Not in release Not in release Not in release Vulnerable Not in release
gcc-7-cross-ports Not in release Not in release Not in release Vulnerable Not in release
gcc-8 Not in release Not in release Vulnerable Vulnerable Not in release
gcc-8-cross Not in release Not in release Vulnerable Vulnerable Not in release
gcc-8-cross-ports Not in release Not in release Vulnerable Vulnerable Not in release
gcc-9 Not affected Not affected Fixed Not in release Not in release
gcc-9-cross Not affected Not affected Fixed Not in release Not in release
gcc-9-cross-ports Vulnerable Vulnerable Vulnerable Not in release Not in release
gcc-arm-linux-androideabi Not in release Not in release Not in release Not in release Vulnerable
gcc-arm-none-eabi Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
gcc-avr Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
gcc-defaults Not affected Not affected Not affected Not affected Not affected
gcc-defaults-arm64-cross Not in release Not in release Not in release Not in release Not in release
gcc-defaults-armel-cross Not in release Not in release Not in release Not in release Not in release
gcc-defaults-armhf-cross Not in release Not in release Not in release Not in release Not in release
gcc-defaults-powerpc-cross Not in release Not in release Not in release Not in release Not in release
gcc-defaults-ppc64el-cross Not in release Not in release Not in release Not in release Not in release
gcc-h8300-hms Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
gcc-i686-linux-android Not in release Not in release Not in release Not in release Vulnerable
gcc-m68hc1x Not in release Vulnerable Vulnerable Vulnerable Vulnerable
gcc-mingw-w64 Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
gcc-msp430 Not in release Vulnerable Vulnerable Vulnerable Vulnerable
gcc-opt Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
gcc-snapshot Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
gccgo-4.9 Not in release Not in release Not in release Not in release Not in release
gccgo-6 Not in release Not in release Not in release Not in release Not affected
llvm-toolchain-3.3 Not in release Not in release Not in release Not in release Not in release
llvm-toolchain-3.4 Not in release Not in release Not in release Not in release Not in release
llvm-toolchain-3.5 Not in release Not in release Not in release Not in release Vulnerable
llvm-toolchain-3.6 Not in release Not in release Not in release Not in release Vulnerable
llvm-toolchain-3.7 Not in release Not in release Not in release Vulnerable Vulnerable
llvm-toolchain-3.8 Not in release Not in release Not in release Not in release Vulnerable
llvm-toolchain-3.9 Not in release Not in release Not in release Vulnerable Vulnerable
llvm-toolchain-4.0 Not in release Not in release Not in release Vulnerable Vulnerable
llvm-toolchain-snapshot Not in release Not in release Not in release Not in release Not in release
Show all 54 packages Show less packages

CVE-2015-5741

Low priority
Needs evaluation

The net/http library in net/http/transfer.go in Go before 1.4.3 does not properly parse HTTP headers, which allows remote attackers to conduct HTTP request smuggling attacks via a request that contains Content-Length...

6 affected packages

gcc-5, gccgo-4.7, gccgo-4.8, gccgo-4.9, gccgo-5, golang

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gcc-5 Not in release Not in release Not in release Needs evaluation Needs evaluation
gccgo-4.7 Not in release Not in release Not in release Not in release Not in release
gccgo-4.8 Not in release Not in release Not in release Not in release Not in release
gccgo-4.9 Not in release Not in release Not in release Not in release Not in release
gccgo-5 Not in release Not in release Not in release Not in release Not in release
golang Not in release Not in release Not in release Not in release Not in release
Show less packages

CVE-2019-15847

Negligible priority

Some fixes available 4 of 68

The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This...

45 affected packages

gcc-10, gcc-3.3, gcc-4.4, gcc-4.6, gcc-4.7...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gcc-10 Not affected Not affected Fixed Not in release Not in release
gcc-3.3 Not affected Not affected Not affected Not affected Not affected
gcc-4.4 Not in release Not in release Not in release Not in release Not in release
gcc-4.6 Not in release Not in release Not in release Not in release Not in release
gcc-4.7 Not in release Not in release Not in release Not in release Not affected
gcc-4.7-armel-cross Not in release Not in release Not in release Not in release Not affected
gcc-4.7-armhf-cross Not in release Not in release Not in release Not in release Not affected
gcc-4.8 Not in release Not in release Not in release Not affected Not affected
gcc-4.8-arm64-cross Not in release Not in release Not in release Not in release Not affected
gcc-4.8-armhf-cross Not in release Not in release Not in release Not in release Not affected
gcc-4.8-powerpc-cross Not in release Not in release Not in release Not in release Not affected
gcc-4.8-ppc64el-cross Not in release Not in release Not in release Not in release Not affected
gcc-4.9 Not in release Not in release Not in release Not in release Not affected
gcc-5 Not in release Not in release Not in release Not affected Not affected
gcc-5-cross Not in release Not in release Not in release Not affected Not affected
gcc-6 Not in release Not in release Not in release Needs evaluation Not in release
gcc-6-cross Not in release Not in release Not in release Needs evaluation Not in release
gcc-6-cross-ports Not in release Not in release Not in release Needs evaluation Not in release
gcc-7 Not in release Not in release Not affected Fixed Not in release
gcc-7-cross Not in release Not in release Not in release Needs evaluation Not in release
gcc-7-cross-ports Not in release Not in release Not in release Needs evaluation Not in release
gcc-8 Not in release Not in release Not affected Fixed Not in release
gcc-8-cross Not in release Not in release Needs evaluation Needs evaluation Not in release
gcc-8-cross-ports Not in release Not in release Needs evaluation Needs evaluation Not in release
gcc-9 Not affected Not affected Not affected Not in release Not in release
gcc-9-cross Not affected Not affected Not affected Not in release Not in release
gcc-9-cross-ports Needs evaluation Needs evaluation Needs evaluation Not in release Not in release
gcc-arm-linux-androideabi Not in release Not in release Not in release Not in release Not affected
gcc-arm-none-eabi Not affected Not affected Not affected Not affected Not affected
gcc-avr Not affected Not affected Not affected Not affected Not affected
gcc-defaults Not affected Not affected Not affected Not affected Not affected
gcc-defaults-arm64-cross Not in release Not in release Not in release Not in release Not in release
gcc-defaults-armel-cross Not in release Not in release Not in release Not in release Not in release
gcc-defaults-armhf-cross Not in release Not in release Not in release Not in release Not in release
gcc-defaults-powerpc-cross Not in release Not in release Not in release Not in release Not in release
gcc-defaults-ppc64el-cross Not in release Not in release Not in release Not in release Not in release
gcc-h8300-hms Not affected Not affected Not affected Not affected Not affected
gcc-i686-linux-android Not in release Not in release Not in release Not in release Not affected
gcc-m68hc1x Not in release Not affected Not affected Not affected Not affected
gcc-mingw-w64 Not affected Not affected Not affected Not affected Not affected
gcc-msp430 Not in release Not affected Not affected Not affected Not affected
gcc-opt Not affected Not affected Not affected Not affected Not affected
gcc-snapshot Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
gccgo-4.9 Not in release Not in release Not in release Not in release Not in release
gccgo-6 Not in release Not in release Not in release Not in release Not affected
Show all 45 packages Show less packages

CVE-2015-5740

Low priority
Needs evaluation

The net/http library in net/http/transfer.go in Go before 1.4.3 does not properly parse HTTP headers, which allows remote attackers to conduct HTTP request smuggling attacks via a request with two Content-length headers.

6 affected packages

gcc-5, gccgo-4.7, gccgo-4.8, gccgo-4.9, gccgo-5, golang

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gcc-5 Not in release Not in release Not in release Needs evaluation Needs evaluation
gccgo-4.7 Not in release Not in release Not in release Not in release Not in release
gccgo-4.8 Not in release Not in release Not in release Not in release Not in release
gccgo-4.9 Not in release Not in release Not in release Not in release Not in release
gccgo-5 Not in release Not in release Not in release Not in release Not in release
golang Not in release Not in release Not in release Not in release Not in release
Show less packages

CVE-2015-5739

Low priority
Needs evaluation

The net/http library in net/textproto/reader.go in Go before 1.4.3 does not properly parse HTTP header keys, which allows remote attackers to conduct HTTP request smuggling attacks via a space instead of a hyphen, as demonstrated...

6 affected packages

gcc-5, gccgo-4.7, gccgo-4.8, gccgo-4.9, gccgo-5, golang

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gcc-5 Not in release Not in release Not in release Needs evaluation Needs evaluation
gccgo-4.7 Not in release Not in release Not in release Not in release Not in release
gccgo-4.8 Not in release Not in release Not in release Not in release Not in release
gccgo-4.9 Not in release Not in release Not in release Not in release Not in release
gccgo-5 Not in release Not in release Not in release Not in release Not in release
golang Not in release Not in release Not in release Not in release Not in release
Show less packages