stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under…
mitre·CWE-209·Published 2019-05-22
stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.
stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.
stack_protect_prologue en cfgexpand.c y stack_protect_epilogue en function.c en GNU Compiler Collection (GCC) 4.1 a 8 (bajo ciertas circunstancias) genera secuencias de instrucciones al apuntar a objetivos ARM que derraman la dirección del protector de pila, que permite al atacante eludir el la protección de -fstack-protector, -fstack-protector-all, -fstack-protector-strong y -fstack-protector-explicit contra el desbordamiento de pila controlando contra qué se compara la pila Canary.
| Version | Type | Source | Base | Exp | Impact | Vector |
|---|---|---|---|---|---|---|
| 2.0 | Primary | NVD | 6.8 | 8.6 | 6.4 | AV:N/AC:M/Au:N/C:P/I:P/A:P |
| 3.0 | Primary | NVD | 8.1 | 2.2 | 5.9 | CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |