QwikSec

Security Database

CVE

CWE

Training

CVE-2006-1902

Published: Apr 20, 2006

Modified: Aug 7, 2024

PUBLISHED

Description

fold_binary in fold-const.c in GNU Compiler Collection (gcc) 4.1 improperly handles pointer overflow when folding a certain expr comparison to a corresponding offset comparison in cases other than EQ_EXPR and NE_EXPR, which might introduce buffer overflow vulnerabilities into applications that could be exploited by context-dependent attackers.NOTE: the vendor states that the essence of the issue is "not correctly interpreting an offset to a pointer as a signed value."

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

20060418 Re: gcc 4.1 bug miscompiles pointer range checks, may place you at risk

mailing-list

x_refsource_BUGTRAQ

http://gcc.gnu.org/bugzilla/show_bug.cgi?id=26763

x_refsource_CONFIRM

20060418 RE: gcc 4.1 bug miscompiles pointer range checks, may place you at risk

mailing-list

x_refsource_BUGTRAQ

20060418 Re: gcc 4.1 bug miscompiles pointer range checks, may place you at risk

mailing-list

x_refsource_BUGTRAQ

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=356896

x_refsource_MISC

20060417 gcc 4.1 bug miscompiles pointer range checks, may place you at risk

mailing-list

x_refsource_BUGTRAQ

[gcc-bugs] 20060417 [Bug c/27180] New: pointer arithmetic overflow handling broken

mailing-list

x_refsource_MLIST

http://gcc.gnu.org/viewcvs/branches/gcc-4_1-branch/gcc/fold-const.c?r1=110549&r2=112698&pathrev=112698&diff_format=h

x_refsource_CONFIRM

[gcc-bugs] 20060417 [Bug middle-end/27180] New: pointer arithmetic overflow handling broken

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.