Security update for gcc7 SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2023:3662-1 Final 1 1 2023-09-18T19:48:26Z current 2023-09-18T19:48:26Z 2023-09-18T19:48:26Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for gcc7 This update for gcc7 fixes the following issues: Security issues fixed: - CVE-2023-4039: Fixed incorrect stack protector for C99 VLAs on Aarch64 (bsc#1214052). - CVE-2019-15847: Fixed POWER9 DARN miscompilation. (bsc#1149145) - CVE-2019-14250: Includes fix for LTO linker plugin heap overflow. (bsc#1142649) Update to GCC 7.5.0 release. Other changes: - Fixed KASAN kernel compile. (bsc#1205145) - Fixed ICE with C++17 code. (bsc#1204505) - Fixed altivec.h redefining bool in C++ which makes bool unusable (bsc#1195517): - Adjust gnats idea of the target, fixing the build of gprbuild. [bsc#1196861] - Do not handle exceptions in std::thread (jsc#CAR-1182) - add -fpatchable-function-entry feature to gcc-7. - Fixed glibc namespace violation with getauxval. (bsc#1167939) - Backport aarch64 Straight Line Speculation mitigation [bsc#1172798, CVE-2020-13844] - Enable fortran for the nvptx offload compiler. - Update README.First-for.SuSE.packagers - Avoid assembler errors with AVX512 gather and scatter instructions when using -masm=intel. - Backport the aarch64 -moutline-atomics feature and accumulated fixes but not its default enabling. (jsc#SLE-12209, bsc#1167939) - Fixed memcpy miscompilation on aarch64. (bsc#1178624, bsc#1178577) - Fixed debug line info for try/catch. (bsc#1178614) - Fixed corruption of pass private ->aux via DF. (gcc#94148) - Fixed debug information issue with inlined functions and passed by reference arguments. [gcc#93888] - Fixed register allocation issue with exception handling code on s390x. (bsc#1161913) - Backport PR target/92692 to fix miscompilation of some atomic code on aarch64. (bsc#1150164) - Fixed miscompilation in vectorized code for s390x. (bsc#1160086) [gcc#92950] - Fixed miscompilation with thread-safe local static initialization. [gcc#85887] - Fixed debug info created for array definitions that complete an earlier declaration. [bsc#1146475] - Fixed vector shift miscompilation on s390. (bsc#1141897) - Add gcc7 -flive-patching patch. [bsc#1071995, fate#323487] - Strip -flto from $optflags. - Disables switch jump-tables when retpolines are used. (bsc#1131264, jsc#SLE-6738) - Fixed ICE compiling tensorflow on aarch64. (bsc#1129389) - Fixed for aarch64 FMA steering pass use-after-free. (bsc#1128794) - Fixed ICE compiling tensorflow. (bsc#1129389) - Fixed s390x FP load-and-test issue. (bsc#1124644) - Adjust gnat manual entries in the info directory. (bsc#1114592) - Fixed to no longer try linking -lieee with -mieee-fp. (bsc#1084842) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Image SLES12-SP5-SAP-Azure-LI-BYOS-Production-2023-3662,Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production-2023-3662,SUSE-2023-3662,SUSE-SLE-Module-Toolchain-12-2023-3662,SUSE-SLE-SERVER-12-SP5-2023-3662 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2023/suse-su-20233662-1/ Link for SUSE-SU-2023:3662-1 https://lists.suse.com/pipermail/sle-security-updates/2024-February/018047.html E-Mail link for SUSE-SU-2023:3662-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1071995 SUSE Bug 1071995 https://bugzilla.suse.com/1084842 SUSE Bug 1084842 https://bugzilla.suse.com/1114592 SUSE Bug 1114592 https://bugzilla.suse.com/1124644 SUSE Bug 1124644 https://bugzilla.suse.com/1128794 SUSE Bug 1128794 https://bugzilla.suse.com/1129389 SUSE Bug 1129389 https://bugzilla.suse.com/1131264 SUSE Bug 1131264 https://bugzilla.suse.com/1141897 SUSE Bug 1141897 https://bugzilla.suse.com/1142649 SUSE Bug 1142649 https://bugzilla.suse.com/1146475 SUSE Bug 1146475 https://bugzilla.suse.com/1148517 SUSE Bug 1148517 https://bugzilla.suse.com/1149145 SUSE Bug 1149145 https://bugzilla.suse.com/1150164 SUSE Bug 1150164 https://bugzilla.suse.com/1160086 SUSE Bug 1160086 https://bugzilla.suse.com/1161913 SUSE Bug 1161913 https://bugzilla.suse.com/1167939 SUSE Bug 1167939 https://bugzilla.suse.com/1172798 SUSE Bug 1172798 https://bugzilla.suse.com/1178577 SUSE Bug 1178577 https://bugzilla.suse.com/1178614 SUSE Bug 1178614 https://bugzilla.suse.com/1178624 SUSE Bug 1178624 https://bugzilla.suse.com/1178675 SUSE Bug 1178675 https://bugzilla.suse.com/1181618 SUSE Bug 1181618 https://bugzilla.suse.com/1195517 SUSE Bug 1195517 https://bugzilla.suse.com/1196861 SUSE Bug 1196861 https://bugzilla.suse.com/1204505 SUSE Bug 1204505 https://bugzilla.suse.com/1205145 SUSE Bug 1205145 https://bugzilla.suse.com/1214052 SUSE Bug 1214052 https://www.suse.com/security/cve/CVE-2019-14250/ SUSE CVE CVE-2019-14250 page https://www.suse.com/security/cve/CVE-2019-15847/ SUSE CVE CVE-2019-15847 page https://www.suse.com/security/cve/CVE-2020-13844/ SUSE CVE CVE-2020-13844 page https://www.suse.com/security/cve/CVE-2023-4039/ SUSE CVE CVE-2023-4039 page Image SLES12-SP5-SAP-Azure-LI-BYOS-Production Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production SUSE Linux Enterprise Module for Toolchain 12 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server for SAP Applications 12 SP5 cpp7-7.5.0+r278197-13.1 gcc7-7.5.0+r278197-13.1 libasan4-7.5.0+r278197-13.1 libcilkrts5-7.5.0+r278197-13.1 libubsan0-7.5.0+r278197-13.1 cross-aarch64-gcc7-7.5.0+r278197-13.1 cross-aarch64-gcc7-icecream-backend-7.5.0+r278197-13.1 cross-arm-gcc7-7.5.0+r278197-13.1 cross-arm-none-gcc7-bootstrap-7.5.0+r278197-13.1 cross-avr-gcc7-bootstrap-7.5.0+r278197-13.1 cross-hppa-gcc7-7.5.0+r278197-13.1 cross-hppa-gcc7-icecream-backend-7.5.0+r278197-13.1 cross-i386-gcc7-7.5.0+r278197-13.1 cross-i386-gcc7-icecream-backend-7.5.0+r278197-13.1 cross-m68k-gcc7-7.5.0+r278197-13.1 cross-m68k-gcc7-icecream-backend-7.5.0+r278197-13.1 cross-mips-gcc7-7.5.0+r278197-13.1 cross-mips-gcc7-icecream-backend-7.5.0+r278197-13.1 cross-nvptx-gcc7-7.5.0+r278197-13.1 cross-nvptx-newlib7-devel-7.5.0+r278197-13.1 cross-ppc64-gcc7-7.5.0+r278197-13.1 cross-ppc64-gcc7-icecream-backend-7.5.0+r278197-13.1 cross-ppc64le-gcc7-7.5.0+r278197-13.1 cross-ppc64le-gcc7-icecream-backend-7.5.0+r278197-13.1 cross-s390x-gcc7-7.5.0+r278197-13.1 cross-s390x-gcc7-icecream-backend-7.5.0+r278197-13.1 cross-sparc-gcc7-7.5.0+r278197-13.1 cross-sparc64-gcc7-7.5.0+r278197-13.1 cross-sparc64-gcc7-icecream-backend-7.5.0+r278197-13.1 cross-sparcv9-gcc7-icecream-backend-7.5.0+r278197-13.1 cross-x86_64-gcc7-7.5.0+r278197-13.1 cross-x86_64-gcc7-icecream-backend-7.5.0+r278197-13.1 gcc7-32bit-7.5.0+r278197-13.1 gcc7-ada-7.5.0+r278197-13.1 gcc7-ada-32bit-7.5.0+r278197-13.1 gcc7-c++-7.5.0+r278197-13.1 gcc7-c++-32bit-7.5.0+r278197-13.1 gcc7-fortran-7.5.0+r278197-13.1 gcc7-fortran-32bit-7.5.0+r278197-13.1 gcc7-go-7.5.0+r278197-13.1 gcc7-go-32bit-7.5.0+r278197-13.1 gcc7-info-7.5.0+r278197-13.1 gcc7-locale-7.5.0+r278197-13.1 gcc7-obj-c++-7.5.0+r278197-13.1 gcc7-obj-c++-32bit-7.5.0+r278197-13.1 gcc7-objc-7.5.0+r278197-13.1 gcc7-objc-32bit-7.5.0+r278197-13.1 gcc7-testresults-7.5.0+r278197-13.1 libada7-7.5.0+r278197-13.1 libada7-32bit-7.5.0+r278197-13.1 libasan4-32bit-7.5.0+r278197-13.1 libatomic1-gcc7-7.5.0+r278197-13.1 libatomic1-gcc7-32bit-7.5.0+r278197-13.1 libcilkrts5-32bit-7.5.0+r278197-13.1 libgcc_s1-gcc7-7.5.0+r278197-13.1 libgcc_s1-gcc7-32bit-7.5.0+r278197-13.1 libgfortran4-7.5.0+r278197-13.1 libgfortran4-32bit-7.5.0+r278197-13.1 libgo11-7.5.0+r278197-13.1 libgo11-32bit-7.5.0+r278197-13.1 libgomp1-gcc7-7.5.0+r278197-13.1 libgomp1-gcc7-32bit-7.5.0+r278197-13.1 libitm1-gcc7-7.5.0+r278197-13.1 libitm1-gcc7-32bit-7.5.0+r278197-13.1 liblsan0-gcc7-7.5.0+r278197-13.1 libmpx2-gcc7-7.5.0+r278197-13.1 libmpx2-gcc7-32bit-7.5.0+r278197-13.1 libmpxwrappers2-gcc7-7.5.0+r278197-13.1 libmpxwrappers2-gcc7-32bit-7.5.0+r278197-13.1 libobjc4-gcc7-7.5.0+r278197-13.1 libobjc4-gcc7-32bit-7.5.0+r278197-13.1 libquadmath0-gcc7-7.5.0+r278197-13.1 libquadmath0-gcc7-32bit-7.5.0+r278197-13.1 libstdc++6-devel-gcc7-7.5.0+r278197-13.1 libstdc++6-devel-gcc7-32bit-7.5.0+r278197-13.1 libstdc++6-gcc7-7.5.0+r278197-13.1 libstdc++6-gcc7-32bit-7.5.0+r278197-13.1 libstdc++6-gcc7-locale-7.5.0+r278197-13.1 libtsan0-gcc7-7.5.0+r278197-13.1 libubsan0-32bit-7.5.0+r278197-13.1 cpp7-7.5.0+r278197-13.1 as a component of Image SLES12-SP5-SAP-Azure-LI-BYOS-Production gcc7-7.5.0+r278197-13.1 as a component of Image SLES12-SP5-SAP-Azure-LI-BYOS-Production libasan4-7.5.0+r278197-13.1 as a component of Image SLES12-SP5-SAP-Azure-LI-BYOS-Production libcilkrts5-7.5.0+r278197-13.1 as a component of Image SLES12-SP5-SAP-Azure-LI-BYOS-Production libubsan0-7.5.0+r278197-13.1 as a component of Image SLES12-SP5-SAP-Azure-LI-BYOS-Production cpp7-7.5.0+r278197-13.1 as a component of Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production gcc7-7.5.0+r278197-13.1 as a component of Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production libasan4-7.5.0+r278197-13.1 as a component of Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production libcilkrts5-7.5.0+r278197-13.1 as a component of Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production libubsan0-7.5.0+r278197-13.1 as a component of Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production cpp7-7.5.0+r278197-13.1 as a component of SUSE Linux Enterprise Module for Toolchain 12 cross-nvptx-gcc7-7.5.0+r278197-13.1 as a component of SUSE Linux Enterprise Module for Toolchain 12 cross-nvptx-newlib7-devel-7.5.0+r278197-13.1 as a component of SUSE Linux Enterprise Module for Toolchain 12 gcc7-7.5.0+r278197-13.1 as a component of SUSE Linux Enterprise Module for Toolchain 12 gcc7-32bit-7.5.0+r278197-13.1 as a component of SUSE Linux Enterprise Module for Toolchain 12 gcc7-ada-7.5.0+r278197-13.1 as a component of SUSE Linux Enterprise Module for Toolchain 12 gcc7-ada-32bit-7.5.0+r278197-13.1 as a component of SUSE Linux Enterprise Module for Toolchain 12 gcc7-c++-7.5.0+r278197-13.1 as a component of SUSE Linux Enterprise Module for Toolchain 12 gcc7-c++-32bit-7.5.0+r278197-13.1 as a component of SUSE Linux Enterprise Module for Toolchain 12 gcc7-fortran-7.5.0+r278197-13.1 as a component of SUSE Linux Enterprise Module for Toolchain 12 gcc7-fortran-32bit-7.5.0+r278197-13.1 as a component of SUSE Linux Enterprise Module for Toolchain 12 gcc7-info-7.5.0+r278197-13.1 as a component of SUSE Linux Enterprise Module for Toolchain 12 gcc7-locale-7.5.0+r278197-13.1 as a component of SUSE Linux Enterprise Module for Toolchain 12 libada7-7.5.0+r278197-13.1 as a component of SUSE Linux Enterprise Module for Toolchain 12 libada7-32bit-7.5.0+r278197-13.1 as a component of SUSE Linux Enterprise Module for Toolchain 12 libstdc++6-devel-gcc7-7.5.0+r278197-13.1 as a component of SUSE Linux Enterprise Module for Toolchain 12 libstdc++6-devel-gcc7-32bit-7.5.0+r278197-13.1 as a component of SUSE Linux Enterprise Module for Toolchain 12 libasan4-7.5.0+r278197-13.1 as a component of SUSE Linux Enterprise Server 12 SP5 libasan4-32bit-7.5.0+r278197-13.1 as a component of SUSE Linux Enterprise Server 12 SP5 libcilkrts5-7.5.0+r278197-13.1 as a component of SUSE Linux Enterprise Server 12 SP5 libcilkrts5-32bit-7.5.0+r278197-13.1 as a component of SUSE Linux Enterprise Server 12 SP5 libgfortran4-7.5.0+r278197-13.1 as a component of SUSE Linux Enterprise Server 12 SP5 libgfortran4-32bit-7.5.0+r278197-13.1 as a component of SUSE Linux Enterprise Server 12 SP5 libubsan0-7.5.0+r278197-13.1 as a component of SUSE Linux Enterprise Server 12 SP5 libubsan0-32bit-7.5.0+r278197-13.1 as a component of SUSE Linux Enterprise Server 12 SP5 libasan4-7.5.0+r278197-13.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 libasan4-32bit-7.5.0+r278197-13.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 libcilkrts5-7.5.0+r278197-13.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 libcilkrts5-32bit-7.5.0+r278197-13.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 libgfortran4-7.5.0+r278197-13.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 libgfortran4-32bit-7.5.0+r278197-13.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 libubsan0-7.5.0+r278197-13.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 libubsan0-32bit-7.5.0+r278197-13.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow. CVE-2019-14250 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:cpp7-7.5.0+r278197-13.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:gcc7-7.5.0+r278197-13.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:libasan4-7.5.0+r278197-13.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:libcilkrts5-7.5.0+r278197-13.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:libubsan0-7.5.0+r278197-13.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:cpp7-7.5.0+r278197-13.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:gcc7-7.5.0+r278197-13.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:libasan4-7.5.0+r278197-13.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:libcilkrts5-7.5.0+r278197-13.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:libubsan0-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:cpp7-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:cross-nvptx-gcc7-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:cross-nvptx-newlib7-devel-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:gcc7-32bit-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:gcc7-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:gcc7-ada-32bit-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:gcc7-ada-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:gcc7-c++-32bit-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:gcc7-c++-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:gcc7-fortran-32bit-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:gcc7-fortran-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:gcc7-info-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:gcc7-locale-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:libada7-32bit-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:libada7-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:libstdc++6-devel-gcc7-32bit-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:libstdc++6-devel-gcc7-7.5.0+r278197-13.1 SUSE Linux Enterprise Server 12 SP5:libasan4-32bit-7.5.0+r278197-13.1 SUSE Linux Enterprise Server 12 SP5:libasan4-7.5.0+r278197-13.1 SUSE Linux Enterprise Server 12 SP5:libcilkrts5-32bit-7.5.0+r278197-13.1 SUSE Linux Enterprise Server 12 SP5:libcilkrts5-7.5.0+r278197-13.1 SUSE Linux Enterprise Server 12 SP5:libgfortran4-32bit-7.5.0+r278197-13.1 SUSE Linux Enterprise Server 12 SP5:libgfortran4-7.5.0+r278197-13.1 SUSE Linux Enterprise Server 12 SP5:libubsan0-32bit-7.5.0+r278197-13.1 SUSE Linux Enterprise Server 12 SP5:libubsan0-7.5.0+r278197-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libasan4-32bit-7.5.0+r278197-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libasan4-7.5.0+r278197-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libcilkrts5-32bit-7.5.0+r278197-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libcilkrts5-7.5.0+r278197-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libgfortran4-32bit-7.5.0+r278197-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libgfortran4-7.5.0+r278197-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libubsan0-32bit-7.5.0+r278197-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libubsan0-7.5.0+r278197-13.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P 5.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2023/suse-su-20233662-1/ https://www.suse.com/security/cve/CVE-2019-14250.html CVE-2019-14250 https://bugzilla.suse.com/1142649 SUSE Bug 1142649 The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same. CVE-2019-15847 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:cpp7-7.5.0+r278197-13.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:gcc7-7.5.0+r278197-13.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:libasan4-7.5.0+r278197-13.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:libcilkrts5-7.5.0+r278197-13.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:libubsan0-7.5.0+r278197-13.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:cpp7-7.5.0+r278197-13.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:gcc7-7.5.0+r278197-13.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:libasan4-7.5.0+r278197-13.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:libcilkrts5-7.5.0+r278197-13.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:libubsan0-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:cpp7-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:cross-nvptx-gcc7-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:cross-nvptx-newlib7-devel-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:gcc7-32bit-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:gcc7-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:gcc7-ada-32bit-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:gcc7-ada-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:gcc7-c++-32bit-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:gcc7-c++-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:gcc7-fortran-32bit-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:gcc7-fortran-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:gcc7-info-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:gcc7-locale-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:libada7-32bit-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:libada7-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:libstdc++6-devel-gcc7-32bit-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:libstdc++6-devel-gcc7-7.5.0+r278197-13.1 SUSE Linux Enterprise Server 12 SP5:libasan4-32bit-7.5.0+r278197-13.1 SUSE Linux Enterprise Server 12 SP5:libasan4-7.5.0+r278197-13.1 SUSE Linux Enterprise Server 12 SP5:libcilkrts5-32bit-7.5.0+r278197-13.1 SUSE Linux Enterprise Server 12 SP5:libcilkrts5-7.5.0+r278197-13.1 SUSE Linux Enterprise Server 12 SP5:libgfortran4-32bit-7.5.0+r278197-13.1 SUSE Linux Enterprise Server 12 SP5:libgfortran4-7.5.0+r278197-13.1 SUSE Linux Enterprise Server 12 SP5:libubsan0-32bit-7.5.0+r278197-13.1 SUSE Linux Enterprise Server 12 SP5:libubsan0-7.5.0+r278197-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libasan4-32bit-7.5.0+r278197-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libasan4-7.5.0+r278197-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libcilkrts5-32bit-7.5.0+r278197-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libcilkrts5-7.5.0+r278197-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libgfortran4-32bit-7.5.0+r278197-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libgfortran4-7.5.0+r278197-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libubsan0-32bit-7.5.0+r278197-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libubsan0-7.5.0+r278197-13.1 moderate 5 AV:N/AC:L/Au:N/C:P/I:N/A:N 6.2 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2023/suse-su-20233662-1/ https://www.suse.com/security/cve/CVE-2019-15847.html CVE-2019-15847 https://bugzilla.suse.com/1149145 SUSE Bug 1149145 Arm Armv8-A core implementations utilizing speculative execution past unconditional changes in control flow may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka "straight-line speculation." CVE-2020-13844 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:cpp7-7.5.0+r278197-13.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:gcc7-7.5.0+r278197-13.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:libasan4-7.5.0+r278197-13.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:libcilkrts5-7.5.0+r278197-13.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:libubsan0-7.5.0+r278197-13.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:cpp7-7.5.0+r278197-13.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:gcc7-7.5.0+r278197-13.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:libasan4-7.5.0+r278197-13.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:libcilkrts5-7.5.0+r278197-13.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:libubsan0-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:cpp7-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:cross-nvptx-gcc7-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:cross-nvptx-newlib7-devel-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:gcc7-32bit-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:gcc7-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:gcc7-ada-32bit-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:gcc7-ada-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:gcc7-c++-32bit-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:gcc7-c++-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:gcc7-fortran-32bit-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:gcc7-fortran-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:gcc7-info-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:gcc7-locale-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:libada7-32bit-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:libada7-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:libstdc++6-devel-gcc7-32bit-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:libstdc++6-devel-gcc7-7.5.0+r278197-13.1 SUSE Linux Enterprise Server 12 SP5:libasan4-32bit-7.5.0+r278197-13.1 SUSE Linux Enterprise Server 12 SP5:libasan4-7.5.0+r278197-13.1 SUSE Linux Enterprise Server 12 SP5:libcilkrts5-32bit-7.5.0+r278197-13.1 SUSE Linux Enterprise Server 12 SP5:libcilkrts5-7.5.0+r278197-13.1 SUSE Linux Enterprise Server 12 SP5:libgfortran4-32bit-7.5.0+r278197-13.1 SUSE Linux Enterprise Server 12 SP5:libgfortran4-7.5.0+r278197-13.1 SUSE Linux Enterprise Server 12 SP5:libubsan0-32bit-7.5.0+r278197-13.1 SUSE Linux Enterprise Server 12 SP5:libubsan0-7.5.0+r278197-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libasan4-32bit-7.5.0+r278197-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libasan4-7.5.0+r278197-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libcilkrts5-32bit-7.5.0+r278197-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libcilkrts5-7.5.0+r278197-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libgfortran4-32bit-7.5.0+r278197-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libgfortran4-7.5.0+r278197-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libubsan0-32bit-7.5.0+r278197-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libubsan0-7.5.0+r278197-13.1 moderate 2.1 AV:L/AC:L/Au:N/C:P/I:N/A:N 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2023/suse-su-20233662-1/ https://www.suse.com/security/cve/CVE-2020-13844.html CVE-2020-13844 https://bugzilla.suse.com/1172798 SUSE Bug 1172798 ** DISPUTED ** **DISPUTED**A failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an existing buffer overflow in dynamically-sized local variables in your application without this being detected. This stack-protector failure only applies to C99-style dynamically-sized local variables or those created using alloca(). The stack-protector operates as intended for statically-sized local variables. The default behavior when the stack-protector detects an overflow is to terminate your application, resulting in controlled loss of availability. An attacker who can exploit a buffer overflow without triggering the stack-protector might be able to change program flow control to cause an uncontrolled loss of availability or to go further and affect confidentiality or integrity. NOTE: The GCC project argues that this is a missed hardening bug and not a vulnerability by itself. CVE-2023-4039 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:cpp7-7.5.0+r278197-13.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:gcc7-7.5.0+r278197-13.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:libasan4-7.5.0+r278197-13.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:libcilkrts5-7.5.0+r278197-13.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:libubsan0-7.5.0+r278197-13.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:cpp7-7.5.0+r278197-13.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:gcc7-7.5.0+r278197-13.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:libasan4-7.5.0+r278197-13.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:libcilkrts5-7.5.0+r278197-13.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:libubsan0-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:cpp7-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:cross-nvptx-gcc7-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:cross-nvptx-newlib7-devel-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:gcc7-32bit-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:gcc7-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:gcc7-ada-32bit-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:gcc7-ada-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:gcc7-c++-32bit-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:gcc7-c++-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:gcc7-fortran-32bit-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:gcc7-fortran-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:gcc7-info-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:gcc7-locale-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:libada7-32bit-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:libada7-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:libstdc++6-devel-gcc7-32bit-7.5.0+r278197-13.1 SUSE Linux Enterprise Module for Toolchain 12:libstdc++6-devel-gcc7-7.5.0+r278197-13.1 SUSE Linux Enterprise Server 12 SP5:libasan4-32bit-7.5.0+r278197-13.1 SUSE Linux Enterprise Server 12 SP5:libasan4-7.5.0+r278197-13.1 SUSE Linux Enterprise Server 12 SP5:libcilkrts5-32bit-7.5.0+r278197-13.1 SUSE Linux Enterprise Server 12 SP5:libcilkrts5-7.5.0+r278197-13.1 SUSE Linux Enterprise Server 12 SP5:libgfortran4-32bit-7.5.0+r278197-13.1 SUSE Linux Enterprise Server 12 SP5:libgfortran4-7.5.0+r278197-13.1 SUSE Linux Enterprise Server 12 SP5:libubsan0-32bit-7.5.0+r278197-13.1 SUSE Linux Enterprise Server 12 SP5:libubsan0-7.5.0+r278197-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libasan4-32bit-7.5.0+r278197-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libasan4-7.5.0+r278197-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libcilkrts5-32bit-7.5.0+r278197-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libcilkrts5-7.5.0+r278197-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libgfortran4-32bit-7.5.0+r278197-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libgfortran4-7.5.0+r278197-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libubsan0-32bit-7.5.0+r278197-13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libubsan0-7.5.0+r278197-13.1 important 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2023/suse-su-20233662-1/ https://www.suse.com/security/cve/CVE-2023-4039.html CVE-2023-4039 https://bugzilla.suse.com/1214052 SUSE Bug 1214052 https://bugzilla.suse.com/1228298 SUSE Bug 1228298