Detections
Analytics

Oracle Linux 8 : gcc (ELSA-2025-1301)

medium Nessus Plugin ID 216223

Synopsis

The remote Oracle Linux host is missing a security update.

Description

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-1301 advisory.

 - Merge Oracle patches to 8.5.0-23.
 Oracle history:
 May-22-2024 Qing Zhao <[email protected]> 8.5.0-22.0.1
 - Merge Oracle patches to 8.5.0-22.
 Reviewed-by: Jose E. Marchesi <[email protected]> March-27-2024 Qing Zhao <[email protected]> 8.5.0-21.0.1
 - Merge Oracle patches to 8.5.0-21.
 January-19-2024 Qing Zhao <[email protected]> 8.5.0-20.0.3
 - Fix Orabug 35283123, i.e, the same bug as GCC PR111407.
 gcc14-pr111407.patch Reviewed-by: Jose E. Marchesi <[email protected]> January-5-2024 Jose E. Marchesi <[email protected]> 8.5.0-20.0.2
 - Restore support for -mpreserve-args in aarch64 targets, adapted to new AArch64 stack frame layout.
 Reviewed-by: Cupertino Miranda <[email protected]> October-4-2023 David Faust <[email protected]> 8.5.0-20.0.1
 - Forward-port Oracle patches Reviewed-by: Jose E. Marchesi <[email protected]> September-28-2023 David Faust <[email protected]> 8.5.0-18.0.6
 - Backport additional patches from gcc-9 to fix CVE-2023-4039 patches interaction with backported aarch64 -fstack-clash-protection support.
 [Orabug 35843962] Reviewed-by: Jose E. Marchesi <[email protected]> August-31-2023 Qing Zhao <[email protected]> 8.5.0-18.0.5
 - CVE-2023-4039 GCC mitigation.
 Orabug 35751743.
 Includes removal of aarch64-preserve-args.patch.
 - CVE-2022-40982 'Intel Downfall' mitigation.
 Orabug 35751810.
 Add two patches originally from GCC upstream releases/gcc-11 branch.
 with major adjustment.
 gcc11-downfall-disable-gather-in-vec.patch gcc11-downfall-support-mno-gather.patch Reviewed-by: Jose E. Marchesi <[email protected]> May-11-2023 Jose E. Marchesi <[email protected]> 8.5.0-18.0.2
 - Support for -mpreserve-args in aarch64.
 Orabug 35065765.
 Reviewed-by: Qing Zhao <[email protected]>.
 March-28-2023 Qing Zhao <[email protected]> 8.5.0-18.0.1
 - Merge Oracle patches with gcc-8.5.0-18.
 Reviewed-by: Jose E. Marchesi <[email protected]> January-12-2023 Qing Zhao <[email protected]> 8.5.0-16.0.1
 - Merge oracle patches with gcc-8.5.0-16.
 November-30-2022 Qing Zhao <[email protected]> 8.5.0-15.0.2
 - Fix Orabug 34679540 - PROFILE COLLECT BUILD AND WORK LOAD TEST ISSUES IN LINUX ARM64.
 Removing the buggy patch that has been removed from upstream gcc too:
 gcc10-pr91971.patch September-28-2022 Qing Zhao <[email protected]> 8.5.0-15.0.1
 - Merge oracle patches with gcc-8.5.0-15.
 June-29-2022 Qing Zhao <[email protected]> 8.5.0-10.1.0.1
 - Merge oracle patches with gcc-8.5.0-10.1.el8_6.
 Reviewed-by: Jose E. Marchesi <[email protected]> May-4-2022 Qing Zhao <[email protected]> 8.5.0-10.0.2
 - Fix Orabug 34066706 only in OL GCC.
 report error when there is no PROGRAM_SUMMARY section in .gcda file.
 Reviewed-by: Jose E. Marchesi <[email protected]> April-27-2022 Marek Polacek <[email protected]> 8.5.0-10.1
 - backport Default widths with -fdec-format-defaults patch (#2079578) March-22-2022 Qing Zhao <[email protected]> 8.5.0-10.0.1
 - Merge with oracle patches.
 January-5-2022 Qing Zhao <[email protected]> 8.5.0-4.0.2
 - Add patches to support marvell on Arm:
 gcc9-add-support-for-profile-extension.patch gcc10-add-initial-octeontx2-support.patch Reviewed-by: Jose E. Marchesi <[email protected]> November-16-2021 Qing Zhao <[email protected]> 8.5.0-4.0.1
 - Merge oracle patches to security errata 8.5.0-4.
 Reviewed-by: Jose E. Marchesi <[email protected]> October-14-2021 Indu Bhagat <[email protected]> 8.5.0-3.0.2
 - Fix Orabug 33451471 and backport CTF/BTF enhancements ctfc: Free CTF container elements in ctfc_delete_container () ctf: Do not warn for CTF not supported for GNU GIMPLE ICE in btf_finalize when compiling with -gbtf (PR debug/102507, Orabug 33451471) Reviewed-by: Jose E. Marchesi <[email protected]> October-5-2021 Qing Zhao <[email protected]> 8.5.0-3.0.1
 - Merge the following oracle patches to OL8.5 beta:
 - Fix an aarch64 compilation error triggered by the oracle patch gcc9-multiple-changes-align.patch on OL8U5 source base.
 gcc-fix-aarch64-tune-params.patch
 - Fix Orabug 33281392 Update CTF and BTF support in OL8 GCC This commit brings the support for CTF/BTF debug formats at par with upstream. GCC now generates the CTF/BTF debug information by using the internal DWARF representation.
 For backward compatibility reasons, OL8 GCC continues to support -gt command line option.
 (Indu Bhagat <[email protected]> 8.4.1-1.0.3)
 - Add complex divide improvement backport of upstream commit 54f0224d55a1b56dde092460ddf76913670e6efc (Patrick.McGehearty <[email protected]> 8.4.1-1.0.2)
 - Fix Orabug 32301371 - bug using gcov with preserve paths option This is the same bug as GCC bug PR gcov-profile/88994 gcc9-pr88994.patch (Qing Zhao <[email protected]> 8.3.1-5.1.0.2)
 - Fix generation of CTF type records for completed structs referred thru pointers.
 Orabug 31095790.
 (Jose E. Marchesi <[email protected]> 8.3.1-5.0.4)
 - Fix Orabug 29838827 - provide an option to adjust the maximum depth of nested #include This is the same bug as gcc upstream PR90581 from Gcc9:
 gcc9-pr90581.patch
 - Fix Orabug 29541051 - confusing error message when there is a problem with ASAN_OPTIONS 'ERROR: expected '='' This is the same bug as gcc upstream PR89832 from Gcc9:
 gcc9-pr89832.patch (Qing Zhao <[email protected]> 8.3.1-5.0.3)
 - Update support for CTF Fix Orabug 30833294 GCC generates incorrect CTF for single element arrays Fix Orabug 30808764 CTF generation fails when __attribute__ ((mode (XX))) is used (Indu Bhagat <[email protected]> 8.3.1-5.0.2)
 - Apply ares/neoverse support patches only ifarch aarch64.
 (Qing Zhao <[email protected]> 8.3.1-4.5.0.6)
 - Add 4 patches from gcc9 to support Arm Ares and Neoverse-N1 for Aarch64 gcc9-add-vec-reverse.patch gcc9-multiple-changes-align.patch gcc9-initial-mcpu-ares-tuning.patch gcc9-add-support-for-neoverse-n1.patch (Indu Bhagat <[email protected]> 8.3.1-4.5.0.5)
 - Update support for CTF Fix Orabug 30778534 gcc should generate CTF for functions at file-scope only Fix Orabug 30779193 CTF generation fails for some flavors of vla Fix Orabug 30784275 Fix issues wtih CTF generation for typedef constructs ctf-3-generation-and-emission-for-a-single-compilation.patch ctf-4-update-ctf-testsuite.patch (Indu Bhagat <[email protected]> 8.3.1-4.5.0.4)
 - Add support for CTF in GCC Fix Orabug 30102948 gcc: Add CTF generation to compiler Fix Orabug 30102949 gcc: Add CTF generation to compiler (aarch64) ctf-1-new-function-lang_GNU_GIMPLE.patch ctf-2-command-line-options-gtLEVEL.patch ctf-3-generation-and-emission-for-a-single-compilation.patch ctf-4-update-ctf-testsuite.patch ctf-5-handle-ctf-sections-when-lto-enabled.patch (Qing Zhao <[email protected]> 8.3.1-4.5.0.3)
 - CVE-2018-12207 / Intel SKX102 OL8 gcc: Intel Mitigation for CVE: CVE-2018-12207
 - Allow -flto -Wa,-mbranches-within-32B-boundaries to pass -mbranches-within-32B-boundaries to GNU assembler. Without -lfto, -Wa,-mbranches-within-32B-boundaries to pass
 -mbranches-within-32B-boundaries to GNU assembler using existing GCC binaries.
 - Mitigation patch:
 gcc8-Fix-Wa-with-flto.patch (Qing Zhao <[email protected]> 8.3.1-4.5.0.2)
 - Fix Orabug 29968294 - Heap corruption with fprofile-dir=%p prevents profiling parallel processes, needed for RDBMS:
 Add patch to fix PR86057 from Gcc9:
 gcc9-pr86057.patch
 - Fix Orabug 30044244 - Profile directory concatenated with object file path This is the same bug as gcc upstream PR91971:
 gcc9-pr85759.patch gcc10-pr91971.patch (Indu Bhagat <[email protected]> 8.3.1-4.5.0.1)
 - Fix Orabug 29599147 - Need -fprofile-dir=%q{VAR} backported to gcc8 This is the similar GCC PR47618, add the fix from GCC9:
 gcc9-pr47618.patch
 - Fix Orabug 29272977 - DB SUPPORT: Need way to dump inlining report from GCC Add -fopt-info-inline support from GCC9:
 gcc9-opt-info-inline.patch
 - Fix Orabug 29273006 - DB SUPPORT: need way to turn off inlining of global functions Add -flive-patching support from GCC9:
 gcc9-fipa-reference-addressable.patch gcc9-fipa-stack-alignment.patch gcc9-add-fomit-frame-pointer-to-test.patch gcc9-extend-live-patching-option-handling.patch gcc9-ipa-stack-alignment-386-test.patch
 - Introduce 'oracle_release' into .spec file. Echo it to gcc/DEV-PHASE.
 - Backport 17 ampere patches from https://git.theobroma-systems.com/ampere-computing/gcc.git/log/?h=gcc-8_2_0-amp3-branch e18301133ea622f6d6796ded1d15466e70475cf8: Retpoline (Spectre-V2 mitigation) for aarch64.
 d735f3ae4712f66362326d179b4d7e9332c79677: Revert 2017-10-24 Richard Biener 271e2811e59c0c77fc022fa86a7030f20b4cac8e: Correct the maximum shift amount for shifted 0512749950d927de3dd695f2f2aacdfd30cf32fd: Add CPU support for Ampere Computing's eMAG.
 c8b87078f9e0714cb9cab602e12a18ceb12df05a: eMAG/Xgene: Procedural cost-model for X-Gene 74610471b3577c5d465c3fd095a65b796b1e074c: Updating cost table for xgene1.
 ddba1553ac412be5596e6e2962c148032c4cf231: [AArch64] Add Xgene1 prefetch tunings.
 b7ebb0a10a8900324074070188a0936ed81b28a4: [AArch64] Fix in xgene1_addrcost_table 393dc5c50d55d069f91627bf0be5bab812978850: X-Gene: Adapt tuning struct for GCC 8.
 b9136d58824af2118c4969c3edb42cad3318b08f: tree-ssa-list-find-pipeline:
 Add pipelining loads for list finds.
 095496dd8a9491a17a9caec173281ad02e559df5: uncse: Added pass to undo common subexpression elimination.
 a7c8dc238e3656e9d2f9256ee76f933c8d7956fb: loop-prefetcher: Adapt defaults for X-Gene cores.
 256307f293f1750851576e14c8a42b696eced2da: tree-ssa-cpp: Don't crash on SSA names without definition stmts.
 6e32f53be4f6733f6bfe267ad2337aecaf4047f6: Introduce new option -funroll-more.
 1ac2485a2fced091a5cce6343fe6a6337f850e73: New option to bypass aliasing-checks.
 66d7d833bece61e58998ad53a609cd32e3ee4fad: cfgloopmanip: Allow forced creation of loop preheaders.
 c4f89d50e200538b1ac8889801705300e0b27ef2: Add new pass to optimise loops.

Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://linux.oracle.com/errata/ELSA-2025-1301.html

Plugin Details

Severity: Medium

ID: 216223

File Name: oraclelinux_ELSA-2025-1301.nasl

Version: 1.1

Type: local

Agent: unix

Published: 2/13/2025

Updated: 2/13/2025

Supported Sensors: Continuous Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.7

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.6

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS Score Source: CVE-2020-11023

CVSS v3

Risk Factor: Medium

Base Score: 6.1

Temporal Score: 5.7

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:oracle:linux:libquadmath, cpe:/o:oracle:linux:8::baseos_latest, p-cpe:/a:oracle:linux:libgfortran-static, p-cpe:/a:oracle:linux:gcc-gfortran, cpe:/o:oracle:linux:8, p-cpe:/a:oracle:linux:gcc-plugin-devel, p-cpe:/a:oracle:linux:libgcc, p-cpe:/a:oracle:linux:cpp, p-cpe:/a:oracle:linux:gcc-gdb-plugin, p-cpe:/a:oracle:linux:gcc-plugin-annobin, p-cpe:/a:oracle:linux:libstdc%2b%2b-static, p-cpe:/a:oracle:linux:libgfortran, p-cpe:/a:oracle:linux:gcc, p-cpe:/a:oracle:linux:libstdc%2b%2b, p-cpe:/a:oracle:linux:liblsan, p-cpe:/a:oracle:linux:libstdc%2b%2b-docs, p-cpe:/a:oracle:linux:libitm-devel, p-cpe:/a:oracle:linux:libstdc%2b%2b-devel, p-cpe:/a:oracle:linux:gcc-c%2b%2b, cpe:/a:oracle:linux:8::appstream, cpe:/a:oracle:linux:8::codeready_builder, p-cpe:/a:oracle:linux:libatomic-static, p-cpe:/a:oracle:linux:libubsan, p-cpe:/a:oracle:linux:libquadmath-devel, p-cpe:/a:oracle:linux:gcc-offload-nvptx, p-cpe:/a:oracle:linux:libtsan, p-cpe:/a:oracle:linux:libitm, p-cpe:/a:oracle:linux:libasan, p-cpe:/a:oracle:linux:libgomp, cpe:/o:oracle:linux:8:10:baseos_patch, p-cpe:/a:oracle:linux:libquadmath-static, p-cpe:/a:oracle:linux:libatomic, p-cpe:/a:oracle:linux:libgomp-offload-nvptx

Required KB Items: Host/OracleLinux, Host/RedHat/release, Host/RedHat/rpm-list, Host/local_checks_enabled

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2/12/2025

Vulnerability Publication Date: 4/29/2020

CISA Known Exploited Vulnerability Due Dates: 2/13/2025

Reference Information

CVE: CVE-2020-11023