DISPUTEDA failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an existing buffer overflow in dynamically-sized local variables in your application without this being detected. This stack-protector failure only applies to C99-style dynamically-sized local variables or those created using alloca(). The stack-protector operates as intended for statically-sized local variables.
The default behavior when the stack-protector detects an overflow is to terminate your application, resulting in controlled loss of availability. An attacker who can exploit a buffer overflow without triggering the stack-protector might be able to change program flow control to cause an uncontrolled loss of availability or to go further and affect confidentiality or integrity. NOTE: The GCC project argues that this is a missed hardening bug and not a vulnerability by itself.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Gcc | Gnu | * | 2023-09-12 (excluding) |
| Gcc-10 | Ubuntu | lunar | * |
| Gcc-10 | Ubuntu | mantic | * |
| Gcc-10 | Ubuntu | noble | * |
| Gcc-10 | Ubuntu | upstream | * |
| Gcc-10-cross | Ubuntu | lunar | * |
| Gcc-10-cross | Ubuntu | mantic | * |
| Gcc-10-cross | Ubuntu | noble | * |
| Gcc-10-cross-mipsen | Ubuntu | lunar | * |
| Gcc-10-cross-mipsen | Ubuntu | mantic | * |
| Gcc-10-cross-ports | Ubuntu | lunar | * |
| Gcc-10-cross-ports | Ubuntu | mantic | * |
| Gcc-11 | Ubuntu | devel | * |
| Gcc-11 | Ubuntu | lunar | * |
| Gcc-11 | Ubuntu | mantic | * |
| Gcc-11 | Ubuntu | noble | * |
| Gcc-11 | Ubuntu | upstream | * |
| Gcc-11-cross | Ubuntu | devel | * |
| Gcc-11-cross | Ubuntu | lunar | * |
| Gcc-11-cross | Ubuntu | mantic | * |
| Gcc-11-cross | Ubuntu | noble | * |
| Gcc-11-cross-mipsen | Ubuntu | lunar | * |
| Gcc-11-cross-mipsen | Ubuntu | mantic | * |
| Gcc-11-cross-ports | Ubuntu | lunar | * |
| Gcc-11-cross-ports | Ubuntu | mantic | * |
| Gcc-12 | Ubuntu | devel | * |
| Gcc-12 | Ubuntu | lunar | * |
| Gcc-12 | Ubuntu | mantic | * |
| Gcc-12 | Ubuntu | noble | * |
| Gcc-12 | Ubuntu | upstream | * |
| Gcc-12-cross | Ubuntu | devel | * |
| Gcc-12-cross | Ubuntu | lunar | * |
| Gcc-12-cross | Ubuntu | mantic | * |
| Gcc-12-cross | Ubuntu | noble | * |
| Gcc-12-cross-mipsen | Ubuntu | lunar | * |
| Gcc-12-cross-mipsen | Ubuntu | mantic | * |
| Gcc-12-cross-ports | Ubuntu | lunar | * |
| Gcc-12-cross-ports | Ubuntu | mantic | * |
| Gcc-13 | Ubuntu | devel | * |
| Gcc-13 | Ubuntu | lunar | * |
| Gcc-13 | Ubuntu | mantic | * |
| Gcc-13 | Ubuntu | noble | * |
| Gcc-13 | Ubuntu | upstream | * |
| Gcc-13-cross | Ubuntu | lunar | * |
| Gcc-13-cross | Ubuntu | mantic | * |
| Gcc-13-cross-ports | Ubuntu | devel | * |
| Gcc-13-cross-ports | Ubuntu | lunar | * |
| Gcc-13-cross-ports | Ubuntu | mantic | * |
| Gcc-13-cross-ports | Ubuntu | noble | * |
| Gcc-4.4 | Ubuntu | trusty | * |
| Gcc-4.6 | Ubuntu | trusty | * |
| Gcc-4.7 | Ubuntu | esm-apps/xenial | * |
| Gcc-4.7 | Ubuntu | esm-infra-legacy/trusty | * |
| Gcc-4.7 | Ubuntu | trusty | * |
| Gcc-4.7 | Ubuntu | trusty/esm | * |
| Gcc-4.7 | Ubuntu | xenial | * |
| Gcc-4.7-armel-cross | Ubuntu | trusty | * |
| Gcc-4.7-armel-cross | Ubuntu | xenial | * |
| Gcc-4.7-armhf-cross | Ubuntu | trusty | * |
| Gcc-4.7-armhf-cross | Ubuntu | xenial | * |
| Gcc-4.8 | Ubuntu | bionic | * |
| Gcc-4.8 | Ubuntu | esm-apps/xenial | * |
| Gcc-4.8 | Ubuntu | esm-infra-legacy/trusty | * |
| Gcc-4.8 | Ubuntu | trusty | * |
| Gcc-4.8 | Ubuntu | trusty/esm | * |
| Gcc-4.8 | Ubuntu | xenial | * |
| Gcc-4.8-arm64-cross | Ubuntu | trusty | * |
| Gcc-4.8-arm64-cross | Ubuntu | xenial | * |
| Gcc-4.8-armhf-cross | Ubuntu | trusty | * |
| Gcc-4.8-armhf-cross | Ubuntu | xenial | * |
| Gcc-4.8-powerpc-cross | Ubuntu | trusty | * |
| Gcc-4.8-powerpc-cross | Ubuntu | xenial | * |
| Gcc-4.8-ppc64el-cross | Ubuntu | trusty | * |
| Gcc-4.8-ppc64el-cross | Ubuntu | xenial | * |
| Gcc-4.9 | Ubuntu | esm-apps/xenial | * |
| Gcc-4.9 | Ubuntu | xenial | * |
| Gcc-4.9-cross | Ubuntu | bionic | * |
| Gcc-4.9-cross | Ubuntu | xenial | * |
| Gcc-5 | Ubuntu | bionic | * |
| Gcc-5 | Ubuntu | esm-infra/xenial | * |
| Gcc-5 | Ubuntu | xenial | * |
| Gcc-5-cross | Ubuntu | bionic | * |
| Gcc-5-cross | Ubuntu | xenial | * |
| Gcc-5-cross-ports | Ubuntu | bionic | * |
| Gcc-5-cross-ports | Ubuntu | xenial | * |
| Gcc-6 | Ubuntu | bionic | * |
| Gcc-6-cross | Ubuntu | bionic | * |
| Gcc-6-cross-ports | Ubuntu | bionic | * |
| Gcc-7 | Ubuntu | bionic | * |
| Gcc-7-cross | Ubuntu | bionic | * |
| Gcc-7-cross-ports | Ubuntu | bionic | * |
| Gcc-8 | Ubuntu | bionic | * |
| Gcc-8-cross | Ubuntu | bionic | * |
| Gcc-8-cross-ports | Ubuntu | bionic | * |
| Gcc-9 | Ubuntu | lunar | * |
| Gcc-9 | Ubuntu | mantic | * |
| Gcc-9 | Ubuntu | noble | * |
| Gcc-9 | Ubuntu | upstream | * |
| Gcc-9-cross | Ubuntu | lunar | * |
| Gcc-9-cross | Ubuntu | mantic | * |
| Gcc-9-cross | Ubuntu | noble | * |
| Gcc-9-cross-mipsen | Ubuntu | lunar | * |
| Gcc-9-cross-mipsen | Ubuntu | mantic | * |
| Gcc-9-cross-ports | Ubuntu | lunar | * |
| Gcc-9-cross-ports | Ubuntu | mantic | * |
| Gcc-arm-linux-androideabi | Ubuntu | trusty | * |
| Gcc-arm-linux-androideabi | Ubuntu | xenial | * |
| Gcc-arm-none-eabi | Ubuntu | bionic | * |
| Gcc-arm-none-eabi | Ubuntu | lunar | * |
| Gcc-arm-none-eabi | Ubuntu | mantic | * |
| Gcc-arm-none-eabi | Ubuntu | trusty | * |
| Gcc-arm-none-eabi | Ubuntu | xenial | * |
| Gcc-avr | Ubuntu | bionic | * |
| Gcc-avr | Ubuntu | lunar | * |
| Gcc-avr | Ubuntu | mantic | * |
| Gcc-avr | Ubuntu | trusty | * |
| Gcc-avr | Ubuntu | xenial | * |
| Gcc-defaults | Ubuntu | bionic | * |
| Gcc-defaults | Ubuntu | lunar | * |
| Gcc-defaults | Ubuntu | mantic | * |
| Gcc-defaults | Ubuntu | trusty | * |
| Gcc-defaults | Ubuntu | xenial | * |
| Gcc-defaults-arm64-cross | Ubuntu | trusty | * |
| Gcc-defaults-armel-cross | Ubuntu | trusty | * |
| Gcc-defaults-armhf-cross | Ubuntu | trusty | * |
| Gcc-defaults-powerpc-cross | Ubuntu | trusty | * |
| Gcc-defaults-ppc64el-cross | Ubuntu | trusty | * |
| Gcc-h8300-hms | Ubuntu | bionic | * |
| Gcc-h8300-hms | Ubuntu | lunar | * |
| Gcc-h8300-hms | Ubuntu | mantic | * |
| Gcc-h8300-hms | Ubuntu | trusty | * |
| Gcc-h8300-hms | Ubuntu | xenial | * |
| Gcc-i686-linux-android | Ubuntu | trusty | * |
| Gcc-i686-linux-android | Ubuntu | xenial | * |
| Gcc-m68hc1x | Ubuntu | bionic | * |
| Gcc-m68hc1x | Ubuntu | trusty | * |
| Gcc-m68hc1x | Ubuntu | xenial | * |
| Gcc-mingw-w64 | Ubuntu | bionic | * |
| Gcc-mingw-w64 | Ubuntu | lunar | * |
| Gcc-mingw-w64 | Ubuntu | mantic | * |
| Gcc-mingw-w64 | Ubuntu | trusty | * |
| Gcc-mingw-w64 | Ubuntu | xenial | * |
| Gcc-msp430 | Ubuntu | bionic | * |
| Gcc-msp430 | Ubuntu | lunar | * |
| Gcc-msp430 | Ubuntu | mantic | * |
| Gcc-msp430 | Ubuntu | trusty | * |
| Gcc-msp430 | Ubuntu | xenial | * |
| Gcc-opt | Ubuntu | bionic | * |
| Gcc-opt | Ubuntu | lunar | * |
| Gcc-opt | Ubuntu | mantic | * |
| Gcc-opt | Ubuntu | trusty | * |
| Gcc-opt | Ubuntu | xenial | * |
| Gcc-or1k-elf | Ubuntu | bionic | * |
| Gcc-or1k-elf | Ubuntu | lunar | * |
| Gcc-or1k-elf | Ubuntu | mantic | * |
| Gcc-or1k-elf | Ubuntu | trusty | * |
| Gcc-or1k-elf | Ubuntu | xenial | * |
| Gcc-riscv64-unknown-elf | Ubuntu | bionic | * |
| Gcc-riscv64-unknown-elf | Ubuntu | lunar | * |
| Gcc-riscv64-unknown-elf | Ubuntu | mantic | * |
| Gcc-riscv64-unknown-elf | Ubuntu | trusty | * |
| Gcc-riscv64-unknown-elf | Ubuntu | xenial | * |
| Gcc-snapshot | Ubuntu | bionic | * |
| Gcc-snapshot | Ubuntu | lunar | * |
| Gcc-snapshot | Ubuntu | mantic | * |
| Gcc-snapshot | Ubuntu | trusty | * |
| Gcc-snapshot | Ubuntu | xenial | * |
| Gcc-xtensa-lx106 | Ubuntu | bionic | * |
| Gcc-xtensa-lx106 | Ubuntu | lunar | * |
| Gcc-xtensa-lx106 | Ubuntu | mantic | * |
| Gcc-xtensa-lx106 | Ubuntu | trusty | * |
| Gcc-xtensa-lx106 | Ubuntu | xenial | * |
| Gccgo-4.9 | Ubuntu | trusty | * |
| Gccgo-6 | Ubuntu | xenial | * |