gcc: Fix -fstack-protector issue on aarch64

This series of patches fixes deficiencies in GCC's -fstack-protector implementation for AArch64 when using dynamically allocated stack space. This is CVE-2023-4039. See: https://developer.arm.com/Arm%20Security%20Center/GCC%20Stack%20Protector%20Vulnerability%20AArch64 https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-x7ch-h5rf-w2mf for more details. (From OE-Core rev: 750396ca55e9f165a77dc94f841a953b9a6520d5) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2026-01-29 21:08:42 +01:00 · 2023-09-12 18:24:17 +01:00
parent 843c6c2e05
commit 8dfb19926e
2 changed files with 3094 additions and 0 deletions
--- a/meta/recipes-devtools/gcc/gcc-13.2.inc
+++ b/meta/recipes-devtools/gcc/gcc-13.2.inc
@@ -65,6 +65,7 @@ SRC_URI = "${BASEURI} \
           file://0023-Fix-install-path-of-linux64.h.patch \
           file://0024-Avoid-hardcoded-build-paths-into-ppc-libgcc.patch \
           file://0025-gcc-testsuite-mips.patch \
+           file://CVE-2023-4039.patch \
 "
 SRC_URI[sha256sum] = "e275e76442a6067341a27f04c5c6b83d8613144004c0413528863dc6b5c743da"

--- a/meta/recipes-devtools/gcc/gcc/CVE-2023-4039.patch
+++ b/meta/recipes-devtools/gcc/gcc/CVE-2023-4039.patch