Bug 1202918 - (CVE-2020-35536) VUL-1: CVE-2020-35536: gcc10,gcc48,gcc11,gcc43,gcc,gcc9,gcc7,gcc8,gcc33: Internal compiler error in match_reload function at lra-constraints.c
(CVE-2020-35536)
VUL-1: CVE-2020-35536: gcc10,gcc48,gcc11,gcc43,gcc,gcc9,gcc7,gcc8,gcc33: Inte...
Status: RESOLVED WONTFIX
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P4 - Low : Minor
: ---
Assigned To: Richard Biener
Security Team bot
https://smash.suse.de/issue/341086/
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2022-08-30 12:20 UTC by Thomas Leroy
Modified: 2022-08-31 07:58 UTC (History)
2 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Comment 1 Thomas Leroy 2022-08-30 12:23:28 UTC
Fixed have been included in v10.1.0, and the commit introducing the bug is likely this one [0] introduced in v4.8.0. So I would say that the following codestreams are affected:

- SUSE:SLE-11-SP1:Update:Teradata/gcc48
- SUSE:SLE-12:Update/gcc48
- SUSE:SLE-15:Update/gcc7
- SUSE:SLE-15:Update/gcc8
- SUSE:SLE-15:Update/gcc9

[0] https://github.com/gcc-mirror/gcc/commit/55a2c3226a3e90a6d65f19710bab1ac377054234
Comment 2 Michael Matz 2022-08-30 12:40:57 UTC
This is no security problem.  If a CVE was assigned then that's nonsense, but was
it actually? :

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35536
  has no info, and
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35536
  says "CVE ID Not Found".

If it were a CVE it would need to be disputed, this is a normal compiler bug
on invalid input.

(How did we become aware of this one?  Is someone scraping bullshit CVE entries
for busy work?)
Comment 5 Michael Matz 2022-08-30 13:43:09 UTC
Just to be very clear, at least once: we are not going to touch any gcc package
for an internal compiler error.  It's basically the fancy form of an abort(3).  It's not a crash as the confused original bug report claims or anything similar.
This all works exactly as designed.  And if it were a crash (which it is not)
we still wouldn't touch anything, as it again wouldn't have any security
implications.

If you want you can close them all with WONTFIX right away.
Comment 6 Thomas Leroy 2022-08-31 07:58:39 UTC
As seen with the team and with Michael, this is not a security issue. Closing