Ubuntu 20.04 LTS / 22.04 LTSGCC 弱點 (USN-7700-1)

medium Nessus Plugin ID 253509

語言:

概要

遠端 Ubuntu 主機缺少安全性更新。

說明

遠端 Ubuntu 20.04 LTS/22.04 LTS 主機上安裝的套件受到 USN-7700-1 公告中所提及的一個弱點影響。

據發現GCC 中適用於 AArch64 的 -fstack-protector 強化功能未正確保護動態大小的本機變數例如使用 C99 變數長度陣列或 alloca 建立的本機變數。因此能夠在這種情況下觸發緩衝區溢位的攻擊者可繞過預定的堆疊保護檢查。 (CVE-2023-4039)

Tenable 已直接從 Ubuntu 安全公告擷取前置描述區塊。

請注意，Nessus 並未測試此問題，而是僅依據應用程式自我報告的版本號碼作出判斷。

解決方案

更新受影響的套件。

另請參閱

https://ubuntu.com/security/notices/USN-7700-1

Plugin 詳細資訊

嚴重性: Medium

ID: 253509

檔案名稱: ubuntu_USN-7700-1.nasl

版本: 1.1

類型: local

代理程式: unix

系列: Ubuntu Local Security Checks

已發布: 2025/8/21

已更新: 2025/8/21

支援的感應器: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

風險資訊

VPR

風險因素: Low

分數: 3.3

CVSS v2

風險因素: Medium

基本分數: 4

時間性分數: 3.1

媒介: CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:N

CVSS 評分資料來源: CVE-2023-4039

CVSS v3

風險因素: Medium

基本分數: 4.8

時間性分數: 4.3

媒介: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

時間媒介: CVSS:3.0/E:P/RL:O/RC:C

弱點資訊

CPE: p-cpe:/a:canonical:ubuntu_linux:gccgo-10-multilib, cpe:/o:canonical:ubuntu_linux:20.04:-:lts, p-cpe:/a:canonical:ubuntu_linux:lib32go21, p-cpe:/a:canonical:ubuntu_linux:lib32gfortran-11-dev, p-cpe:/a:canonical:ubuntu_linux:libx32gphobos3, p-cpe:/a:canonical:ubuntu_linux:libhsail-rt-11-dev, p-cpe:/a:canonical:ubuntu_linux:libhsail-rt0, p-cpe:/a:canonical:ubuntu_linux:libsfobjc-10-dev, p-cpe:/a:canonical:ubuntu_linux:g%2b%2b-11, p-cpe:/a:canonical:ubuntu_linux:gcc-10-test-results, p-cpe:/a:canonical:ubuntu_linux:libsfstdc%2b%2b-10-dev, p-cpe:/a:canonical:ubuntu_linux:gcc-12, p-cpe:/a:canonical:ubuntu_linux:gcc-10-source, p-cpe:/a:canonical:ubuntu_linux:libgcc-11-dev, p-cpe:/a:canonical:ubuntu_linux:libgccjit0, p-cpe:/a:canonical:ubuntu_linux:libx32gphobos1, p-cpe:/a:canonical:ubuntu_linux:gobjc-12, p-cpe:/a:canonical:ubuntu_linux:lib64gfortran-10-dev, p-cpe:/a:canonical:ubuntu_linux:libstdc%2b%2b-10-dev, p-cpe:/a:canonical:ubuntu_linux:g%2b%2b-10, p-cpe:/a:canonical:ubuntu_linux:gcc-12-plugin-dev, p-cpe:/a:canonical:ubuntu_linux:gfortran-10-multilib, p-cpe:/a:canonical:ubuntu_linux:liblsan0, p-cpe:/a:canonical:ubuntu_linux:g%2b%2b-12, p-cpe:/a:canonical:ubuntu_linux:lib64go-10-dev, p-cpe:/a:canonical:ubuntu_linux:libgcc1, p-cpe:/a:canonical:ubuntu_linux:libgphobos-11-dev, p-cpe:/a:canonical:ubuntu_linux:libgfortran-10-dev, p-cpe:/a:canonical:ubuntu_linux:libx32asan6, p-cpe:/a:canonical:ubuntu_linux:lib32go-12-dev, p-cpe:/a:canonical:ubuntu_linux:libsfobjc4, p-cpe:/a:canonical:ubuntu_linux:lib32gphobos3, p-cpe:/a:canonical:ubuntu_linux:libx32gomp1, p-cpe:/a:canonical:ubuntu_linux:libsfgphobos1, p-cpe:/a:canonical:ubuntu_linux:lib64gcc-10-dev, p-cpe:/a:canonical:ubuntu_linux:libgfortran-11-dev, p-cpe:/a:canonical:ubuntu_linux:g%2b%2b-10-multilib, p-cpe:/a:canonical:ubuntu_linux:libx32stdc%2b%2b-11-dev, p-cpe:/a:canonical:ubuntu_linux:libx32go-10-dev, p-cpe:/a:canonical:ubuntu_linux:lib64objc-11-dev, p-cpe:/a:canonical:ubuntu_linux:gobjc-11-multilib, p-cpe:/a:canonical:ubuntu_linux:g%2b%2b-12-multilib, p-cpe:/a:canonical:ubuntu_linux:libgcc-10-dev, p-cpe:/a:canonical:ubuntu_linux:gobjc-12-multilib, p-cpe:/a:canonical:ubuntu_linux:lib32atomic1, p-cpe:/a:canonical:ubuntu_linux:lib64gphobos-10-dev, p-cpe:/a:canonical:ubuntu_linux:libsfgfortran-10-dev, p-cpe:/a:canonical:ubuntu_linux:libx32gcc1, p-cpe:/a:canonical:ubuntu_linux:libx32gphobos2, p-cpe:/a:canonical:ubuntu_linux:lib32objc4, p-cpe:/a:canonical:ubuntu_linux:gcc-12-multilib, p-cpe:/a:canonical:ubuntu_linux:gcc-11-multilib, p-cpe:/a:canonical:ubuntu_linux:libsfstdc%2b%2b6, p-cpe:/a:canonical:ubuntu_linux:lib64go-12-dev, p-cpe:/a:canonical:ubuntu_linux:libgfortran-12-dev, p-cpe:/a:canonical:ubuntu_linux:libx32gphobos-11-dev, p-cpe:/a:canonical:ubuntu_linux:gobjc-11, p-cpe:/a:canonical:ubuntu_linux:lib64gfortran-12-dev, p-cpe:/a:canonical:ubuntu_linux:lib64gfortran5, p-cpe:/a:canonical:ubuntu_linux:libx32go21, p-cpe:/a:canonical:ubuntu_linux:gcc-12-base, p-cpe:/a:canonical:ubuntu_linux:lib64gcc-12-dev, p-cpe:/a:canonical:ubuntu_linux:libx32objc-12-dev, p-cpe:/a:canonical:ubuntu_linux:libgo19, p-cpe:/a:canonical:ubuntu_linux:libgccjit-12-dev, p-cpe:/a:canonical:ubuntu_linux:gcc-11-source, p-cpe:/a:canonical:ubuntu_linux:lib64gphobos-12-dev, p-cpe:/a:canonical:ubuntu_linux:libx32gfortran-12-dev, p-cpe:/a:canonical:ubuntu_linux:libx32lsan0, p-cpe:/a:canonical:ubuntu_linux:gcc-12-offload-amdgcn, p-cpe:/a:canonical:ubuntu_linux:libx32objc-10-dev, p-cpe:/a:canonical:ubuntu_linux:gfortran-11-multilib, p-cpe:/a:canonical:ubuntu_linux:libstdc%2b%2b-10-pic, p-cpe:/a:canonical:ubuntu_linux:lib32gfortran5, p-cpe:/a:canonical:ubuntu_linux:libx32gphobos-12-dev, p-cpe:/a:canonical:ubuntu_linux:gcc-12-locales, p-cpe:/a:canonical:ubuntu_linux:lib64atomic1, p-cpe:/a:canonical:ubuntu_linux:libx32stdc%2b%2b6, p-cpe:/a:canonical:ubuntu_linux:gobjc-10-multilib, p-cpe:/a:canonical:ubuntu_linux:lib32gcc-10-dev, p-cpe:/a:canonical:ubuntu_linux:gobjc%2b%2b-12-multilib, p-cpe:/a:canonical:ubuntu_linux:lib64gphobos2, p-cpe:/a:canonical:ubuntu_linux:lib32go-11-dev, p-cpe:/a:canonical:ubuntu_linux:lib64go19, p-cpe:/a:canonical:ubuntu_linux:gccgo-12, p-cpe:/a:canonical:ubuntu_linux:libhsail-rt-10-dev, p-cpe:/a:canonical:ubuntu_linux:gcc-12-source, p-cpe:/a:canonical:ubuntu_linux:libstdc%2b%2b-12-dev, p-cpe:/a:canonical:ubuntu_linux:libgccjit-10-dev, p-cpe:/a:canonical:ubuntu_linux:libx32gcc-10-dev, p-cpe:/a:canonical:ubuntu_linux:libx32stdc%2b%2b-12-dev, p-cpe:/a:canonical:ubuntu_linux:gnat-12, p-cpe:/a:canonical:ubuntu_linux:lib32stdc%2b%2b-12-dev, p-cpe:/a:canonical:ubuntu_linux:libgcc-12-dev, p-cpe:/a:canonical:ubuntu_linux:libubsan1, p-cpe:/a:canonical:ubuntu_linux:gccgo-10, p-cpe:/a:canonical:ubuntu_linux:gcc-11-plugin-dev, p-cpe:/a:canonical:ubuntu_linux:libgomp-plugin-nvptx1, p-cpe:/a:canonical:ubuntu_linux:gdc-12, p-cpe:/a:canonical:ubuntu_linux:lib32gomp1, p-cpe:/a:canonical:ubuntu_linux:libgnat-11, p-cpe:/a:canonical:ubuntu_linux:libx32gcc-s1, p-cpe:/a:canonical:ubuntu_linux:lib64stdc%2b%2b-11-dev, p-cpe:/a:canonical:ubuntu_linux:libgphobos3, p-cpe:/a:canonical:ubuntu_linux:gccbrig-11, p-cpe:/a:canonical:ubuntu_linux:lib64objc-10-dev, p-cpe:/a:canonical:ubuntu_linux:libx32go19, p-cpe:/a:canonical:ubuntu_linux:gccgo-11, p-cpe:/a:canonical:ubuntu_linux:lib32objc-11-dev, p-cpe:/a:canonical:ubuntu_linux:libx32stdc%2b%2b-10-dev, p-cpe:/a:canonical:ubuntu_linux:g%2b%2b-11-multilib, p-cpe:/a:canonical:ubuntu_linux:gm2-12, p-cpe:/a:canonical:ubuntu_linux:lib64quadmath0, p-cpe:/a:canonical:ubuntu_linux:libgo21, p-cpe:/a:canonical:ubuntu_linux:lib64gphobos3, p-cpe:/a:canonical:ubuntu_linux:lib32gfortran-10-dev, p-cpe:/a:canonical:ubuntu_linux:libquadmath0, cpe:/o:canonical:ubuntu_linux:22.04:-:lts, p-cpe:/a:canonical:ubuntu_linux:lib32go-10-dev, p-cpe:/a:canonical:ubuntu_linux:gcc-10-base, p-cpe:/a:canonical:ubuntu_linux:libgo-10-dev, p-cpe:/a:canonical:ubuntu_linux:libsfgcc-s1, p-cpe:/a:canonical:ubuntu_linux:libx32objc-11-dev, p-cpe:/a:canonical:ubuntu_linux:lib32gphobos-12-dev, p-cpe:/a:canonical:ubuntu_linux:gcc-11-base, p-cpe:/a:canonical:ubuntu_linux:libgm2-10-dev, p-cpe:/a:canonical:ubuntu_linux:libgnat-util10, p-cpe:/a:canonical:ubuntu_linux:lib32gcc-12-dev, p-cpe:/a:canonical:ubuntu_linux:lib64gcc-11-dev, p-cpe:/a:canonical:ubuntu_linux:gcc-10-offload-amdgcn, p-cpe:/a:canonical:ubuntu_linux:libgcc-s1, p-cpe:/a:canonical:ubuntu_linux:lib32stdc%2b%2b6, p-cpe:/a:canonical:ubuntu_linux:libobjc-10-dev, p-cpe:/a:canonical:ubuntu_linux:gcc-10-plugin-dev, p-cpe:/a:canonical:ubuntu_linux:libgo-11-dev, p-cpe:/a:canonical:ubuntu_linux:lib32objc-10-dev, p-cpe:/a:canonical:ubuntu_linux:libtsan2, p-cpe:/a:canonical:ubuntu_linux:libgm2-15, p-cpe:/a:canonical:ubuntu_linux:gcc-12-offload-nvptx, p-cpe:/a:canonical:ubuntu_linux:lib64objc4, p-cpe:/a:canonical:ubuntu_linux:lib32gcc-11-dev, p-cpe:/a:canonical:ubuntu_linux:libgphobos2, p-cpe:/a:canonical:ubuntu_linux:libx32ubsan1, p-cpe:/a:canonical:ubuntu_linux:gfortran-11, p-cpe:/a:canonical:ubuntu_linux:lib64gcc-s1, p-cpe:/a:canonical:ubuntu_linux:lib32stdc%2b%2b-11-dev, p-cpe:/a:canonical:ubuntu_linux:libobjc4, p-cpe:/a:canonical:ubuntu_linux:lib32quadmath0, p-cpe:/a:canonical:ubuntu_linux:gcc-10-locales, p-cpe:/a:canonical:ubuntu_linux:libobjc-11-dev, p-cpe:/a:canonical:ubuntu_linux:libstdc%2b%2b-11-pic, p-cpe:/a:canonical:ubuntu_linux:libgnat-10, p-cpe:/a:canonical:ubuntu_linux:lib32asan6, p-cpe:/a:canonical:ubuntu_linux:gdc-11, p-cpe:/a:canonical:ubuntu_linux:libsfgomp1, p-cpe:/a:canonical:ubuntu_linux:libx32gcc-11-dev, p-cpe:/a:canonical:ubuntu_linux:gm2-11, p-cpe:/a:canonical:ubuntu_linux:lib32gphobos-11-dev, p-cpe:/a:canonical:ubuntu_linux:lib64itm1, p-cpe:/a:canonical:ubuntu_linux:gcc-11, p-cpe:/a:canonical:ubuntu_linux:gccbrig-10, p-cpe:/a:canonical:ubuntu_linux:gnat-10, p-cpe:/a:canonical:ubuntu_linux:libx32itm1, p-cpe:/a:canonical:ubuntu_linux:gdc-10, p-cpe:/a:canonical:ubuntu_linux:lib32gphobos2, p-cpe:/a:canonical:ubuntu_linux:lib32objc-12-dev, p-cpe:/a:canonical:ubuntu_linux:libx32atomic1, p-cpe:/a:canonical:ubuntu_linux:libgo16, p-cpe:/a:canonical:ubuntu_linux:gccgo-11-multilib, p-cpe:/a:canonical:ubuntu_linux:libitm1, p-cpe:/a:canonical:ubuntu_linux:lib32go16, p-cpe:/a:canonical:ubuntu_linux:lib64gphobos1, p-cpe:/a:canonical:ubuntu_linux:libx32gfortran-10-dev, p-cpe:/a:canonical:ubuntu_linux:gccgo-12-multilib, p-cpe:/a:canonical:ubuntu_linux:lib32go19, p-cpe:/a:canonical:ubuntu_linux:libgomp-plugin-hsa1, p-cpe:/a:canonical:ubuntu_linux:libhwasan0, p-cpe:/a:canonical:ubuntu_linux:gobjc%2b%2b-11, p-cpe:/a:canonical:ubuntu_linux:libsfgphobos-10-dev, p-cpe:/a:canonical:ubuntu_linux:gfortran-12, p-cpe:/a:canonical:ubuntu_linux:gobjc%2b%2b-11-multilib, p-cpe:/a:canonical:ubuntu_linux:lib64stdc%2b%2b-12-dev, p-cpe:/a:canonical:ubuntu_linux:lib64stdc%2b%2b-10-dev, p-cpe:/a:canonical:ubuntu_linux:libcc1-0, p-cpe:/a:canonical:ubuntu_linux:libx32go-12-dev, p-cpe:/a:canonical:ubuntu_linux:gcc-11-offload-amdgcn, p-cpe:/a:canonical:ubuntu_linux:lib32asan8, p-cpe:/a:canonical:ubuntu_linux:lib32gfortran-12-dev, p-cpe:/a:canonical:ubuntu_linux:libgfortran5, p-cpe:/a:canonical:ubuntu_linux:libstdc%2b%2b-11-dev, p-cpe:/a:canonical:ubuntu_linux:libx32asan8, p-cpe:/a:canonical:ubuntu_linux:lib64objc-12-dev, p-cpe:/a:canonical:ubuntu_linux:lib64asan8, p-cpe:/a:canonical:ubuntu_linux:libgm2-12-dev, p-cpe:/a:canonical:ubuntu_linux:gfortran-12-multilib, p-cpe:/a:canonical:ubuntu_linux:libatomic1, p-cpe:/a:canonical:ubuntu_linux:gcc-10-multilib, p-cpe:/a:canonical:ubuntu_linux:libgnat-12, p-cpe:/a:canonical:ubuntu_linux:libx32gfortran-11-dev, p-cpe:/a:canonical:ubuntu_linux:gdc-12-multilib, p-cpe:/a:canonical:ubuntu_linux:gobjc%2b%2b-10, p-cpe:/a:canonical:ubuntu_linux:lib32gcc1, p-cpe:/a:canonical:ubuntu_linux:libsfatomic1, p-cpe:/a:canonical:ubuntu_linux:gfortran-10, p-cpe:/a:canonical:ubuntu_linux:libobjc-12-dev, p-cpe:/a:canonical:ubuntu_linux:libx32gphobos-10-dev, p-cpe:/a:canonical:ubuntu_linux:lib64go16, p-cpe:/a:canonical:ubuntu_linux:lib32gphobos1, p-cpe:/a:canonical:ubuntu_linux:gobjc-10, p-cpe:/a:canonical:ubuntu_linux:lib64go21, p-cpe:/a:canonical:ubuntu_linux:libsfubsan1, p-cpe:/a:canonical:ubuntu_linux:lib32gcc-s1, p-cpe:/a:canonical:ubuntu_linux:libtsan0, p-cpe:/a:canonical:ubuntu_linux:gm2-10, p-cpe:/a:canonical:ubuntu_linux:gobjc%2b%2b-12, p-cpe:/a:canonical:ubuntu_linux:lib32lsan0, p-cpe:/a:canonical:ubuntu_linux:gcc-11-test-results, p-cpe:/a:canonical:ubuntu_linux:lib64asan6, p-cpe:/a:canonical:ubuntu_linux:lib64gcc1, p-cpe:/a:canonical:ubuntu_linux:libsfgcc-10-dev, p-cpe:/a:canonical:ubuntu_linux:libsfasan6, p-cpe:/a:canonical:ubuntu_linux:lib64gphobos-11-dev, p-cpe:/a:canonical:ubuntu_linux:libgm2-11-dev, p-cpe:/a:canonical:ubuntu_linux:libgo-12-dev, p-cpe:/a:canonical:ubuntu_linux:libgomp-plugin-amdgcn1, p-cpe:/a:canonical:ubuntu_linux:libstdc%2b%2b6, p-cpe:/a:canonical:ubuntu_linux:gdc-10-multilib, p-cpe:/a:canonical:ubuntu_linux:libsfgfortran5, p-cpe:/a:canonical:ubuntu_linux:libstdc%2b%2b-12-pic, p-cpe:/a:canonical:ubuntu_linux:libx32objc4, p-cpe:/a:canonical:ubuntu_linux:cpp-12, p-cpe:/a:canonical:ubuntu_linux:lib32itm1, p-cpe:/a:canonical:ubuntu_linux:lib64gfortran-11-dev, p-cpe:/a:canonical:ubuntu_linux:libgphobos-10-dev, p-cpe:/a:canonical:ubuntu_linux:libx32gcc-12-dev, p-cpe:/a:canonical:ubuntu_linux:libgphobos1, p-cpe:/a:canonical:ubuntu_linux:libgomp1, p-cpe:/a:canonical:ubuntu_linux:libasan8, p-cpe:/a:canonical:ubuntu_linux:cpp-11, p-cpe:/a:canonical:ubuntu_linux:libx32go16, p-cpe:/a:canonical:ubuntu_linux:gcc-12-test-results, p-cpe:/a:canonical:ubuntu_linux:libasan6, p-cpe:/a:canonical:ubuntu_linux:gcc-10-offload-nvptx, p-cpe:/a:canonical:ubuntu_linux:libgnat-util10-dev, p-cpe:/a:canonical:ubuntu_linux:libx32quadmath0, p-cpe:/a:canonical:ubuntu_linux:lib32gphobos-10-dev, p-cpe:/a:canonical:ubuntu_linux:gcc-11-offload-nvptx, p-cpe:/a:canonical:ubuntu_linux:lib64go-11-dev, p-cpe:/a:canonical:ubuntu_linux:gdc-11-multilib, p-cpe:/a:canonical:ubuntu_linux:lib32stdc%2b%2b-10-dev, p-cpe:/a:canonical:ubuntu_linux:lib64ubsan1, p-cpe:/a:canonical:ubuntu_linux:libgccjit-11-dev, p-cpe:/a:canonical:ubuntu_linux:libsfgcc1, p-cpe:/a:canonical:ubuntu_linux:lib32ubsan1, p-cpe:/a:canonical:ubuntu_linux:cpp-10, p-cpe:/a:canonical:ubuntu_linux:gobjc%2b%2b-10-multilib, p-cpe:/a:canonical:ubuntu_linux:gnat-11, p-cpe:/a:canonical:ubuntu_linux:libx32gfortran5, p-cpe:/a:canonical:ubuntu_linux:gcc-10, p-cpe:/a:canonical:ubuntu_linux:lib64gomp1, p-cpe:/a:canonical:ubuntu_linux:gcc-11-locales, p-cpe:/a:canonical:ubuntu_linux:lib64stdc%2b%2b6, p-cpe:/a:canonical:ubuntu_linux:libgphobos-12-dev, p-cpe:/a:canonical:ubuntu_linux:libx32go-11-dev, p-cpe:/a:canonical:ubuntu_linux:libgm2-17

必要的 KB 項目: Host/cpu, Host/Ubuntu, Host/Ubuntu/release, Host/Debian/dpkg-l

可被惡意程式利用: true

可輕鬆利用: Exploits are available

修補程式發佈日期: 2025/8/19

弱點發布日期: 2023/9/8

參考資訊

CVE: CVE-2023-4039

USN: 7700-1