Patches for gcc-12
$ git log --oneline --before 2023-09-12 --after 2023-09-11 --author
'Richard Sandiford' origin/releases/gcc-12 --
75c37e031408 aarch64: Make stack smash canary protect saved registers
8254e1b9cd50 aarch64: Remove below_hard_fp_saved_regs_size
6f0ab0a9f46a aarch64: Explicitly record probe registers in frame info
c4f0e121faa3 aarch64: Simplify probe of final frame allocation
15e18831bf98 aarch64: Put LR save probe in first 16 bytes
f22315d5c19e aarch64: Tweak stack clash boundary condition
08f71b4bb28f aarch64: Minor initial adjustment tweak
b47766614df3 aarch64: Simplify top of frame allocation
8d5506a8aeb8 aarch64: Measure reg_offset from the bottom of the frame
aac8b31379ac aarch64: Tweak frame_size comment
3fbf0789202b aarch64: Rename hard_fp_offset to bytes_above_hard_fp
0a0a824808d1 aarch64: Rename locals_offset to bytes_above_locals
2b983f9064d8 aarch64: Only calculate chain_offset if there is a chain
187861af7c51 aarch64: Tweak aarch64_save/restore_callee_saves
34081079ea4d aarch64: Add bytes_below_hard_fp to frame info
49c2eb761675 aarch64: Add bytes_below_saved_regs to frame info
03d5e89e7f3b aarch64: Explicitly handle frames with no saved registers
12a8889de169 aarch64: Avoid a use of callee_offset
62fbb215cc81 aarch64: Use local frame vars in shrink-wrapping code
Gitweb:
https://gcc.gnu.org/git/?p=gcc.git;a=shortlog;h=75c37e031408262263442f5b4cdb83d3777b6422&hp=ac0773956cef18cd4903365fb675447ee301d725
Generated a single .patch file just like src:gcc-12's d/p/git-
updates.diff
LANG=C git diff --no-renames --src-prefix=a/src/ --dst-prefix=b/src/ \
62fbb215cc817e9f2c1ca80282a64f4ee30806bc^
75c37e031408262263442f5b4cdb83d3777b6422 \
| awk '/^diff .*\.texi/ {skip=1; next} /^diff / { skip=0 }
skip==0' \
| grep -v -E '^(diff|index)' \
> cve-2023-4039.diff
For verification purposes, this patch can be cleanly reverted
from the gcc-12 package that introduced its changes in Mantic:
gcc-12 (12.3.0-9) unstable; urgency=medium
- Address stack protector and stack clash protection weaknesses
on AArch64. CVE-2023-4039.
$ pull-lp-source gcc-12 mantic 12.3.0-9ubuntu1
$ cd gcc-12-12.3.0/
$ debian/rules patch
$ patch -R -p1 -F0 --dry-run < /tmp/gcc-12/cve-2023-4039.diff
checking file src/gcc/config/aarch64/aarch64.cc
checking file src/gcc/config/aarch64/aarch64.h
checking file
src/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-17.c
checking file
src/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-18.c
checking file
src/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-19.c
checking file
src/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-20.c
checking file src/gcc/testsuite/gcc.target/aarch64/stack-protector-8.c
checking file src/gcc/testsuite/gcc.target/aarch64/stack-protector-9.c
checking file
src/gcc/testsuite/gcc.target/aarch64/sve/pcs/stack_clash_3.c
$ echo $?
0
Changelog entry:
'd/p/cve-2023-4039.diff: Address stack protector and stack clash
protection weaknesses on AArch64. CVE-2023-4039. (LP: #2054343) Taken
from the gcc-12 branch.'
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2054343
Title:
CVE-2023-4039: ARM64 GCC
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gcc-10/+bug/2054343/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
