Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 687114 (CVE-2019-12495, CVE-2019-9754) - <dev-lang/tcc-0.9.27_p20211022: Multiple vulnerabilities (CVE-2019-{9754,12495})
Summary: <dev-lang/tcc-0.9.27_p20211022: Multiple vulnerabilities (CVE-2019-{9754,12495})
Status: IN_PROGRESS
Alias: CVE-2019-12495, CVE-2019-9754
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal trivial (vote)
Assignee: Gentoo Security
URL: https://lists.nongnu.org/archive/html...
Whiteboard: ~3 [cleanup cve]
Keywords: PATCH
Depends on:
Blocks:
 
Reported: 2019-06-01 04:34 UTC by D'juan McDonald (domhnall)
Modified: 2021-10-25 12:35 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description D'juan McDonald (domhnall) 2019-06-01 04:34:13 UTC
(https://nvd.nist.gov/vuln/detail/CVE-2019-12495):

An issue was discovered in Tiny C Compiler (aka TinyCC or TCC) 0.9.27. Compiling a crafted source file leads to a one-byte out-of-bounds write in the gsym_addr function in x86_64-gen.c. This occurs because tccasm.c mishandles section switches.

Upstream Patch: https://repo.or.cz/tinycc.git/commit/d04ce7772c2bc2781ab2502e0b1f1964488814b5


Gentoo Security Padawan
(domhnall)
Comment 1 GLSAMaker/CVETool Bot gentoo-dev 2020-04-16 14:23:01 UTC
CVE-2019-9754 (https://nvd.nist.gov/vuln/detail/CVE-2019-9754):
  An issue was discovered in Tiny C Compiler (aka TinyCC or TCC) 0.9.27.
  Compiling a crafted source file leads to an 1 byte out of bounds write in
  the end_macro function in tccpp.c.
Comment 2 Sam James archtester gentoo-dev Security 2020-06-20 02:02:00 UTC
ping(In reply to GLSAMaker/CVETool Bot from comment #1)
> CVE-2019-9754 (https://nvd.nist.gov/vuln/detail/CVE-2019-9754):
>   An issue was discovered in Tiny C Compiler (aka TinyCC or TCC) 0.9.27.
>   Compiling a crafted source file leads to an 1 byte out of bounds write in
>   the end_macro function in tccpp.c.

"Fixed in mob" (https://lists.nongnu.org/archive/html/tinycc-devel/2019-03/msg00042.html).

So any snapshot of git would work.
Comment 3 John Helmert III gentoo-dev Security 2020-08-02 22:52:08 UTC
Ping
Comment 4 Larry the Git Cow gentoo-dev 2021-10-25 12:35:31 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=717eba5b5cfb78b1438c348882b34c88b3dc173a

commit 717eba5b5cfb78b1438c348882b34c88b3dc173a
Author:     Sam James <sam@gentoo.org>
AuthorDate: 2021-10-25 12:34:24 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2021-10-25 12:35:11 +0000

    dev-lang/tcc: add 0.9.27_p20211022 (glibc-2.34, security fixes)
    
    Upstream development seems to just be rolling now too.
    
    Closes: https://bugs.gentoo.org/806511
    Bug: https://bugs.gentoo.org/737092
    Bug: https://bugs.gentoo.org/715428
    Bug: https://bugs.gentoo.org/765652
    Bug: https://bugs.gentoo.org/687114
    Signed-off-by: Sam James <sam@gentoo.org>

 dev-lang/tcc/Manifest                    |  1 +
 dev-lang/tcc/tcc-0.9.27_p20211022.ebuild | 80 ++++++++++++++++++++++++++++++++
 dev-lang/tcc/tcc-9999.ebuild             | 43 ++++++++++-------
 3 files changed, 106 insertions(+), 18 deletions(-)