CVE-2002-2439

NameCVE-2002-2439
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
Debian Bugs710830

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
gcc-4.8 (PTS)jessie4.8.4-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
gcc-4.1source(unstable)(unfixed)
gcc-4.3source(unstable)(unfixed)
gcc-4.4source(unstable)(unfixed)low
gcc-4.6source(unstable)(unfixed)low
gcc-4.7source(unstable)(unfixed)low710830
gcc-4.8source(unstable)4.8.0-1low

Notes

[squeeze] - gcc-4.1 <no-dsa> (Potentially affected apps need to be recompiled, if such issues are spotted in apps, these cases can be fixed on a case-by-case basis)
[squeeze] - gcc-4.3 <no-dsa> (Potentially affected apps need to be recompiled, if such issues are spotted in apps, these cases can be fixed on a case-by-case basis)
[squeeze] - gcc-4.4 <no-dsa> (Potentially affected apps need to be recompiled, if such issues are spotted in apps, these cases can be fixed on a case-by-case basis)
[wheezy] - gcc-4.4 <no-dsa> (Potentially affected apps need to be recompiled, if such issues are spotted in apps, these cases can be fixed on a case-by-case basis)
[wheezy] - gcc-4.6 <no-dsa> (Potentially affected apps need to be recompiled, if such issues are spotted in apps, these cases can be fixed on a case-by-case basis)
[wheezy] - gcc-4.7 <no-dsa> (Potentially affected apps need to be recompiled, if such issues are spotted in apps, these cases can be fixed on a case-by-case basis)
Are there apps known to be exploitable through this?
Any application using unguarded memory allocation would be susceptible to DoS anyway?
This should be addressed in jessie by getting this fixed in gcc 4.7, so that the archive is
properly rebuild with a fixed version from the start
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2002-2439

Search for package or bug name: Reporting problems