Ubuntu 20.04 LTS / 22.04 LTSGCC 漏洞 (USN-7700-1)

medium Nessus 插件 ID 253509

语言：

简介

远程 Ubuntu 主机缺少安全更新。

描述

远程 Ubuntu 20.04 LTS/22.04 LTS 主机上安装的程序包受到 USN-7700-1 公告中提及的一个漏洞影响。

发现 AArch64 的 GCC 中的 -fstack-protector 强化功能未能正确保护动态大小的本地变量例如使用 C99 可变长度数组或 alloca 创建的变量。因此能够在此类情况下触发缓冲区溢出的攻击者可能会绕过预期的堆栈保护检查。 (CVE-2023-4039)

Tenable 已直接从 Ubuntu 安全公告中提取上述描述块。

请注意，Nessus 尚未测试此问题，而是只依据应用程序自我报告的版本号进行判断。

解决方案

更新受影响的程序包。

另见

https://ubuntu.com/security/notices/USN-7700-1

插件详情

严重性: Medium

ID: 253509

文件名: ubuntu_USN-7700-1.nasl

版本: 1.1

类型: local

代理: unix

系列: Ubuntu Local Security Checks

发布时间: 2025/8/21

最近更新时间: 2025/8/21

支持的传感器: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

风险信息

VPR

风险因素: Low

分数: 3.3

CVSS v2

风险因素: Medium

基本分数: 4

时间分数: 3.1

矢量: CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:N

CVSS 分数来源: CVE-2023-4039

CVSS v3

风险因素: Medium

基本分数: 4.8

时间分数: 4.3

矢量: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

时间矢量: CVSS:3.0/E:P/RL:O/RC:C

漏洞信息

CPE: p-cpe:/a:canonical:ubuntu_linux:gccgo-10-multilib, cpe:/o:canonical:ubuntu_linux:20.04:-:lts, p-cpe:/a:canonical:ubuntu_linux:lib32go21, p-cpe:/a:canonical:ubuntu_linux:lib32gfortran-11-dev, p-cpe:/a:canonical:ubuntu_linux:libx32gphobos3, p-cpe:/a:canonical:ubuntu_linux:libhsail-rt-11-dev, p-cpe:/a:canonical:ubuntu_linux:libhsail-rt0, p-cpe:/a:canonical:ubuntu_linux:libsfobjc-10-dev, p-cpe:/a:canonical:ubuntu_linux:g%2b%2b-11, p-cpe:/a:canonical:ubuntu_linux:gcc-10-test-results, p-cpe:/a:canonical:ubuntu_linux:libsfstdc%2b%2b-10-dev, p-cpe:/a:canonical:ubuntu_linux:gcc-12, p-cpe:/a:canonical:ubuntu_linux:gcc-10-source, p-cpe:/a:canonical:ubuntu_linux:libgcc-11-dev, p-cpe:/a:canonical:ubuntu_linux:libgccjit0, p-cpe:/a:canonical:ubuntu_linux:libx32gphobos1, p-cpe:/a:canonical:ubuntu_linux:gobjc-12, p-cpe:/a:canonical:ubuntu_linux:lib64gfortran-10-dev, p-cpe:/a:canonical:ubuntu_linux:libstdc%2b%2b-10-dev, p-cpe:/a:canonical:ubuntu_linux:g%2b%2b-10, p-cpe:/a:canonical:ubuntu_linux:gcc-12-plugin-dev, p-cpe:/a:canonical:ubuntu_linux:gfortran-10-multilib, p-cpe:/a:canonical:ubuntu_linux:liblsan0, p-cpe:/a:canonical:ubuntu_linux:g%2b%2b-12, p-cpe:/a:canonical:ubuntu_linux:lib64go-10-dev, p-cpe:/a:canonical:ubuntu_linux:libgcc1, p-cpe:/a:canonical:ubuntu_linux:libgphobos-11-dev, p-cpe:/a:canonical:ubuntu_linux:libgfortran-10-dev, p-cpe:/a:canonical:ubuntu_linux:libx32asan6, p-cpe:/a:canonical:ubuntu_linux:lib32go-12-dev, p-cpe:/a:canonical:ubuntu_linux:libsfobjc4, p-cpe:/a:canonical:ubuntu_linux:lib32gphobos3, p-cpe:/a:canonical:ubuntu_linux:libx32gomp1, p-cpe:/a:canonical:ubuntu_linux:libsfgphobos1, p-cpe:/a:canonical:ubuntu_linux:lib64gcc-10-dev, p-cpe:/a:canonical:ubuntu_linux:libgfortran-11-dev, p-cpe:/a:canonical:ubuntu_linux:g%2b%2b-10-multilib, p-cpe:/a:canonical:ubuntu_linux:libx32stdc%2b%2b-11-dev, p-cpe:/a:canonical:ubuntu_linux:libx32go-10-dev, p-cpe:/a:canonical:ubuntu_linux:lib64objc-11-dev, p-cpe:/a:canonical:ubuntu_linux:gobjc-11-multilib, p-cpe:/a:canonical:ubuntu_linux:g%2b%2b-12-multilib, p-cpe:/a:canonical:ubuntu_linux:libgcc-10-dev, p-cpe:/a:canonical:ubuntu_linux:gobjc-12-multilib, p-cpe:/a:canonical:ubuntu_linux:lib32atomic1, p-cpe:/a:canonical:ubuntu_linux:lib64gphobos-10-dev, p-cpe:/a:canonical:ubuntu_linux:libsfgfortran-10-dev, p-cpe:/a:canonical:ubuntu_linux:libx32gcc1, p-cpe:/a:canonical:ubuntu_linux:libx32gphobos2, p-cpe:/a:canonical:ubuntu_linux:lib32objc4, p-cpe:/a:canonical:ubuntu_linux:gcc-12-multilib, p-cpe:/a:canonical:ubuntu_linux:gcc-11-multilib, p-cpe:/a:canonical:ubuntu_linux:libsfstdc%2b%2b6, p-cpe:/a:canonical:ubuntu_linux:lib64go-12-dev, p-cpe:/a:canonical:ubuntu_linux:libgfortran-12-dev, p-cpe:/a:canonical:ubuntu_linux:libx32gphobos-11-dev, p-cpe:/a:canonical:ubuntu_linux:gobjc-11, p-cpe:/a:canonical:ubuntu_linux:lib64gfortran-12-dev, p-cpe:/a:canonical:ubuntu_linux:lib64gfortran5, p-cpe:/a:canonical:ubuntu_linux:libx32go21, p-cpe:/a:canonical:ubuntu_linux:gcc-12-base, p-cpe:/a:canonical:ubuntu_linux:lib64gcc-12-dev, p-cpe:/a:canonical:ubuntu_linux:libx32objc-12-dev, p-cpe:/a:canonical:ubuntu_linux:libgo19, p-cpe:/a:canonical:ubuntu_linux:libgccjit-12-dev, p-cpe:/a:canonical:ubuntu_linux:gcc-11-source, p-cpe:/a:canonical:ubuntu_linux:lib64gphobos-12-dev, p-cpe:/a:canonical:ubuntu_linux:libx32gfortran-12-dev, p-cpe:/a:canonical:ubuntu_linux:libx32lsan0, p-cpe:/a:canonical:ubuntu_linux:gcc-12-offload-amdgcn, p-cpe:/a:canonical:ubuntu_linux:libx32objc-10-dev, p-cpe:/a:canonical:ubuntu_linux:gfortran-11-multilib, p-cpe:/a:canonical:ubuntu_linux:libstdc%2b%2b-10-pic, p-cpe:/a:canonical:ubuntu_linux:lib32gfortran5, p-cpe:/a:canonical:ubuntu_linux:libx32gphobos-12-dev, p-cpe:/a:canonical:ubuntu_linux:gcc-12-locales, p-cpe:/a:canonical:ubuntu_linux:lib64atomic1, p-cpe:/a:canonical:ubuntu_linux:libx32stdc%2b%2b6, p-cpe:/a:canonical:ubuntu_linux:gobjc-10-multilib, p-cpe:/a:canonical:ubuntu_linux:lib32gcc-10-dev, p-cpe:/a:canonical:ubuntu_linux:gobjc%2b%2b-12-multilib, p-cpe:/a:canonical:ubuntu_linux:lib64gphobos2, p-cpe:/a:canonical:ubuntu_linux:lib32go-11-dev, p-cpe:/a:canonical:ubuntu_linux:lib64go19, p-cpe:/a:canonical:ubuntu_linux:gccgo-12, p-cpe:/a:canonical:ubuntu_linux:libhsail-rt-10-dev, p-cpe:/a:canonical:ubuntu_linux:gcc-12-source, p-cpe:/a:canonical:ubuntu_linux:libstdc%2b%2b-12-dev, p-cpe:/a:canonical:ubuntu_linux:libgccjit-10-dev, p-cpe:/a:canonical:ubuntu_linux:libx32gcc-10-dev, p-cpe:/a:canonical:ubuntu_linux:libx32stdc%2b%2b-12-dev, p-cpe:/a:canonical:ubuntu_linux:gnat-12, p-cpe:/a:canonical:ubuntu_linux:lib32stdc%2b%2b-12-dev, p-cpe:/a:canonical:ubuntu_linux:libgcc-12-dev, p-cpe:/a:canonical:ubuntu_linux:libubsan1, p-cpe:/a:canonical:ubuntu_linux:gccgo-10, p-cpe:/a:canonical:ubuntu_linux:gcc-11-plugin-dev, p-cpe:/a:canonical:ubuntu_linux:libgomp-plugin-nvptx1, p-cpe:/a:canonical:ubuntu_linux:gdc-12, p-cpe:/a:canonical:ubuntu_linux:lib32gomp1, p-cpe:/a:canonical:ubuntu_linux:libgnat-11, p-cpe:/a:canonical:ubuntu_linux:libx32gcc-s1, p-cpe:/a:canonical:ubuntu_linux:lib64stdc%2b%2b-11-dev, p-cpe:/a:canonical:ubuntu_linux:libgphobos3, p-cpe:/a:canonical:ubuntu_linux:gccbrig-11, p-cpe:/a:canonical:ubuntu_linux:lib64objc-10-dev, p-cpe:/a:canonical:ubuntu_linux:libx32go19, p-cpe:/a:canonical:ubuntu_linux:gccgo-11, p-cpe:/a:canonical:ubuntu_linux:lib32objc-11-dev, p-cpe:/a:canonical:ubuntu_linux:libx32stdc%2b%2b-10-dev, p-cpe:/a:canonical:ubuntu_linux:g%2b%2b-11-multilib, p-cpe:/a:canonical:ubuntu_linux:gm2-12, p-cpe:/a:canonical:ubuntu_linux:lib64quadmath0, p-cpe:/a:canonical:ubuntu_linux:libgo21, p-cpe:/a:canonical:ubuntu_linux:lib64gphobos3, p-cpe:/a:canonical:ubuntu_linux:lib32gfortran-10-dev, p-cpe:/a:canonical:ubuntu_linux:libquadmath0, cpe:/o:canonical:ubuntu_linux:22.04:-:lts, p-cpe:/a:canonical:ubuntu_linux:lib32go-10-dev, p-cpe:/a:canonical:ubuntu_linux:gcc-10-base, p-cpe:/a:canonical:ubuntu_linux:libgo-10-dev, p-cpe:/a:canonical:ubuntu_linux:libsfgcc-s1, p-cpe:/a:canonical:ubuntu_linux:libx32objc-11-dev, p-cpe:/a:canonical:ubuntu_linux:lib32gphobos-12-dev, p-cpe:/a:canonical:ubuntu_linux:gcc-11-base, p-cpe:/a:canonical:ubuntu_linux:libgm2-10-dev, p-cpe:/a:canonical:ubuntu_linux:libgnat-util10, p-cpe:/a:canonical:ubuntu_linux:lib32gcc-12-dev, p-cpe:/a:canonical:ubuntu_linux:lib64gcc-11-dev, p-cpe:/a:canonical:ubuntu_linux:gcc-10-offload-amdgcn, p-cpe:/a:canonical:ubuntu_linux:libgcc-s1, p-cpe:/a:canonical:ubuntu_linux:lib32stdc%2b%2b6, p-cpe:/a:canonical:ubuntu_linux:libobjc-10-dev, p-cpe:/a:canonical:ubuntu_linux:gcc-10-plugin-dev, p-cpe:/a:canonical:ubuntu_linux:libgo-11-dev, p-cpe:/a:canonical:ubuntu_linux:lib32objc-10-dev, p-cpe:/a:canonical:ubuntu_linux:libtsan2, p-cpe:/a:canonical:ubuntu_linux:libgm2-15, p-cpe:/a:canonical:ubuntu_linux:gcc-12-offload-nvptx, p-cpe:/a:canonical:ubuntu_linux:lib64objc4, p-cpe:/a:canonical:ubuntu_linux:lib32gcc-11-dev, p-cpe:/a:canonical:ubuntu_linux:libgphobos2, p-cpe:/a:canonical:ubuntu_linux:libx32ubsan1, p-cpe:/a:canonical:ubuntu_linux:gfortran-11, p-cpe:/a:canonical:ubuntu_linux:lib64gcc-s1, p-cpe:/a:canonical:ubuntu_linux:lib32stdc%2b%2b-11-dev, p-cpe:/a:canonical:ubuntu_linux:libobjc4, p-cpe:/a:canonical:ubuntu_linux:lib32quadmath0, p-cpe:/a:canonical:ubuntu_linux:gcc-10-locales, p-cpe:/a:canonical:ubuntu_linux:libobjc-11-dev, p-cpe:/a:canonical:ubuntu_linux:libstdc%2b%2b-11-pic, p-cpe:/a:canonical:ubuntu_linux:libgnat-10, p-cpe:/a:canonical:ubuntu_linux:lib32asan6, p-cpe:/a:canonical:ubuntu_linux:gdc-11, p-cpe:/a:canonical:ubuntu_linux:libsfgomp1, p-cpe:/a:canonical:ubuntu_linux:libx32gcc-11-dev, p-cpe:/a:canonical:ubuntu_linux:gm2-11, p-cpe:/a:canonical:ubuntu_linux:lib32gphobos-11-dev, p-cpe:/a:canonical:ubuntu_linux:lib64itm1, p-cpe:/a:canonical:ubuntu_linux:gcc-11, p-cpe:/a:canonical:ubuntu_linux:gccbrig-10, p-cpe:/a:canonical:ubuntu_linux:gnat-10, p-cpe:/a:canonical:ubuntu_linux:libx32itm1, p-cpe:/a:canonical:ubuntu_linux:gdc-10, p-cpe:/a:canonical:ubuntu_linux:lib32gphobos2, p-cpe:/a:canonical:ubuntu_linux:lib32objc-12-dev, p-cpe:/a:canonical:ubuntu_linux:libx32atomic1, p-cpe:/a:canonical:ubuntu_linux:libgo16, p-cpe:/a:canonical:ubuntu_linux:gccgo-11-multilib, p-cpe:/a:canonical:ubuntu_linux:libitm1, p-cpe:/a:canonical:ubuntu_linux:lib32go16, p-cpe:/a:canonical:ubuntu_linux:lib64gphobos1, p-cpe:/a:canonical:ubuntu_linux:libx32gfortran-10-dev, p-cpe:/a:canonical:ubuntu_linux:gccgo-12-multilib, p-cpe:/a:canonical:ubuntu_linux:lib32go19, p-cpe:/a:canonical:ubuntu_linux:libgomp-plugin-hsa1, p-cpe:/a:canonical:ubuntu_linux:libhwasan0, p-cpe:/a:canonical:ubuntu_linux:gobjc%2b%2b-11, p-cpe:/a:canonical:ubuntu_linux:libsfgphobos-10-dev, p-cpe:/a:canonical:ubuntu_linux:gfortran-12, p-cpe:/a:canonical:ubuntu_linux:gobjc%2b%2b-11-multilib, p-cpe:/a:canonical:ubuntu_linux:lib64stdc%2b%2b-12-dev, p-cpe:/a:canonical:ubuntu_linux:lib64stdc%2b%2b-10-dev, p-cpe:/a:canonical:ubuntu_linux:libcc1-0, p-cpe:/a:canonical:ubuntu_linux:libx32go-12-dev, p-cpe:/a:canonical:ubuntu_linux:gcc-11-offload-amdgcn, p-cpe:/a:canonical:ubuntu_linux:lib32asan8, p-cpe:/a:canonical:ubuntu_linux:lib32gfortran-12-dev, p-cpe:/a:canonical:ubuntu_linux:libgfortran5, p-cpe:/a:canonical:ubuntu_linux:libstdc%2b%2b-11-dev, p-cpe:/a:canonical:ubuntu_linux:libx32asan8, p-cpe:/a:canonical:ubuntu_linux:lib64objc-12-dev, p-cpe:/a:canonical:ubuntu_linux:lib64asan8, p-cpe:/a:canonical:ubuntu_linux:libgm2-12-dev, p-cpe:/a:canonical:ubuntu_linux:gfortran-12-multilib, p-cpe:/a:canonical:ubuntu_linux:libatomic1, p-cpe:/a:canonical:ubuntu_linux:gcc-10-multilib, p-cpe:/a:canonical:ubuntu_linux:libgnat-12, p-cpe:/a:canonical:ubuntu_linux:libx32gfortran-11-dev, p-cpe:/a:canonical:ubuntu_linux:gdc-12-multilib, p-cpe:/a:canonical:ubuntu_linux:gobjc%2b%2b-10, p-cpe:/a:canonical:ubuntu_linux:lib32gcc1, p-cpe:/a:canonical:ubuntu_linux:libsfatomic1, p-cpe:/a:canonical:ubuntu_linux:gfortran-10, p-cpe:/a:canonical:ubuntu_linux:libobjc-12-dev, p-cpe:/a:canonical:ubuntu_linux:libx32gphobos-10-dev, p-cpe:/a:canonical:ubuntu_linux:lib64go16, p-cpe:/a:canonical:ubuntu_linux:lib32gphobos1, p-cpe:/a:canonical:ubuntu_linux:gobjc-10, p-cpe:/a:canonical:ubuntu_linux:lib64go21, p-cpe:/a:canonical:ubuntu_linux:libsfubsan1, p-cpe:/a:canonical:ubuntu_linux:lib32gcc-s1, p-cpe:/a:canonical:ubuntu_linux:libtsan0, p-cpe:/a:canonical:ubuntu_linux:gm2-10, p-cpe:/a:canonical:ubuntu_linux:gobjc%2b%2b-12, p-cpe:/a:canonical:ubuntu_linux:lib32lsan0, p-cpe:/a:canonical:ubuntu_linux:gcc-11-test-results, p-cpe:/a:canonical:ubuntu_linux:lib64asan6, p-cpe:/a:canonical:ubuntu_linux:lib64gcc1, p-cpe:/a:canonical:ubuntu_linux:libsfgcc-10-dev, p-cpe:/a:canonical:ubuntu_linux:libsfasan6, p-cpe:/a:canonical:ubuntu_linux:lib64gphobos-11-dev, p-cpe:/a:canonical:ubuntu_linux:libgm2-11-dev, p-cpe:/a:canonical:ubuntu_linux:libgo-12-dev, p-cpe:/a:canonical:ubuntu_linux:libgomp-plugin-amdgcn1, p-cpe:/a:canonical:ubuntu_linux:libstdc%2b%2b6, p-cpe:/a:canonical:ubuntu_linux:gdc-10-multilib, p-cpe:/a:canonical:ubuntu_linux:libsfgfortran5, p-cpe:/a:canonical:ubuntu_linux:libstdc%2b%2b-12-pic, p-cpe:/a:canonical:ubuntu_linux:libx32objc4, p-cpe:/a:canonical:ubuntu_linux:cpp-12, p-cpe:/a:canonical:ubuntu_linux:lib32itm1, p-cpe:/a:canonical:ubuntu_linux:lib64gfortran-11-dev, p-cpe:/a:canonical:ubuntu_linux:libgphobos-10-dev, p-cpe:/a:canonical:ubuntu_linux:libx32gcc-12-dev, p-cpe:/a:canonical:ubuntu_linux:libgphobos1, p-cpe:/a:canonical:ubuntu_linux:libgomp1, p-cpe:/a:canonical:ubuntu_linux:libasan8, p-cpe:/a:canonical:ubuntu_linux:cpp-11, p-cpe:/a:canonical:ubuntu_linux:libx32go16, p-cpe:/a:canonical:ubuntu_linux:gcc-12-test-results, p-cpe:/a:canonical:ubuntu_linux:libasan6, p-cpe:/a:canonical:ubuntu_linux:gcc-10-offload-nvptx, p-cpe:/a:canonical:ubuntu_linux:libgnat-util10-dev, p-cpe:/a:canonical:ubuntu_linux:libx32quadmath0, p-cpe:/a:canonical:ubuntu_linux:lib32gphobos-10-dev, p-cpe:/a:canonical:ubuntu_linux:gcc-11-offload-nvptx, p-cpe:/a:canonical:ubuntu_linux:lib64go-11-dev, p-cpe:/a:canonical:ubuntu_linux:gdc-11-multilib, p-cpe:/a:canonical:ubuntu_linux:lib32stdc%2b%2b-10-dev, p-cpe:/a:canonical:ubuntu_linux:lib64ubsan1, p-cpe:/a:canonical:ubuntu_linux:libgccjit-11-dev, p-cpe:/a:canonical:ubuntu_linux:libsfgcc1, p-cpe:/a:canonical:ubuntu_linux:lib32ubsan1, p-cpe:/a:canonical:ubuntu_linux:cpp-10, p-cpe:/a:canonical:ubuntu_linux:gobjc%2b%2b-10-multilib, p-cpe:/a:canonical:ubuntu_linux:gnat-11, p-cpe:/a:canonical:ubuntu_linux:libx32gfortran5, p-cpe:/a:canonical:ubuntu_linux:gcc-10, p-cpe:/a:canonical:ubuntu_linux:lib64gomp1, p-cpe:/a:canonical:ubuntu_linux:gcc-11-locales, p-cpe:/a:canonical:ubuntu_linux:lib64stdc%2b%2b6, p-cpe:/a:canonical:ubuntu_linux:libgphobos-12-dev, p-cpe:/a:canonical:ubuntu_linux:libx32go-11-dev, p-cpe:/a:canonical:ubuntu_linux:libgm2-17

必需的 KB 项: Host/cpu, Host/Ubuntu, Host/Ubuntu/release, Host/Debian/dpkg-l

可利用: true

易利用性: Exploits are available

补丁发布日期: 2025/8/19

漏洞发布日期: 2023/9/8

参考资料信息

CVE: CVE-2023-4039

USN: 7700-1