Gnu Gcc
14 CVEs affecting Gnu Gcc. Latest disclosed: 2023-09-13. Critical: 0, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2018-12886 | High | 8.1 | 2019-05-22 | stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) gen… |
CVE-2021-37322 | High | 7.8 | 2021-11-18 | GCC c++filt v2.26 was discovered to contain a use-after-free vulnerability via the component cplus-dem.c. |
CVE-2002-2439 | High | 7.8 | 2019-10-23 | Integer overflow in the new[] operator in gcc before 4.8.0 allows attackers to have unspecified impacts. |
CVE-2019-15847 | High | 7.5 | 2019-09-02 | The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus re… |
CVE-2021-3826 | Medium | 6.5 | 2022-09-01 | Heap/stack buffer overflow in the dlang_lname function in d-demangle.c in libiberty allows attackers to potentially cause a denial of service (segmentation fau… |
CVE-2022-27943 | Medium | 5.5 | 2022-03-26 | libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangle_const, as demonstrated by nm-new. |
CVE-2021-46195 | Medium | 5.5 | 2022-01-14 | GCC v12.0 was discovered to contain an uncontrolled recursion via the component libiberty/rust-demangle.c. This vulnerability allows attackers to cause a Denia… |
CVE-2023-4039 | Medium | 4.8 | 2023-09-13 | **DISPUTED**A failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an existing buffer overflow… |
CVE-2017-11671 | Medium | 4.0 | 2017-07-26 | Under certain circumstances, the ix86_expand_builtin function in i386.c in GNU Compiler Collection (GCC) version 4.6, 4.7, 4.8, 4.9, 5 before 5.5, and 6 before… |
CVE-2015-5276 | | 2015-11-17 | The std::random_device class in libstdc++ in the GNU Compiler Collection (aka GCC) before 4.9.4 does not properly handle short reads from blocking sources, whi… | |
CVE-2008-1685 | | 2008-04-06 | gcc 4.2.0 through 4.3.0 in GNU Compiler Collection, when casts are not used, considers the sum of a pointer and an int to be greater than or equal to the point… | |
CVE-2008-1367 | | 2008-03-17 | gcc 4.3.x does not generate a cld instruction while compiling functions used for string manipulation such as memcpy and memmove on x86 and i386, which can prev… | |
CVE-2006-1902 | | 2006-04-20 | fold_binary in fold-const.c in GNU Compiler Collection (gcc) 4.1 improperly handles pointer overflow when folding a certain expr comparison to a corresponding… | |
CVE-2000-1219 | | 2000-11-01 | The -ftrapv compiler option in gcc and g++ 3.3.3 and earlier does not handle all types of integer overflows, which may leave applications vulnerable to vulnera… |