VEOS GCC 5.2

Problem Description 

The installation of VEOS includes the GNU Compiler Collection library in version 5.2. There are potential security vulnerabilities in this version. 

Connected CVE's 

The following vulnerabilities are associated with the components. 

A detailed description of the CVE's can be found here.

GNU Compiler Collection 5.2 

Database 
CVE 
Score 
Classification 

NVD 

CVE-2018-12886 

8.1 

High 

NVD 

CVE-2021-37322 

7.8 

High 

NVD 

CVE-2019-15847 

7.5 

High 

NVD 

CVE-2023-4039 

4.8 

Medium 

NVD 

CVE-2017-11671 

Medium 

GNU Binutils 2.25 

Database 
CVE 
Score 
Classification 

NVD 

CVE-2014-9939 

9.8 

Critical 

NVD 

CVE-2021-45078 

7.8 

High 

NVD 

CVE-2022-47696 

7.8 

High 

NVD 

CVE-2022-45703 

7.8 

High 

NVD 

CVE-2017-12449 

7.8 

High 

NVD 

CVE-2022-44840 

7.8 

High 

NVD 

CVE-2021-37322 

7.8 

High 

NVD 

CVE-2018-19931 

7.8 

High 

NVD 

CVE-2017-12456 

7.8 

High 

NVD 

CVE-2017-12454 

7.8 

High 

NVD 

CVE-2017-12450 

7.8 

High 

NVD 

CVE-2017-12457 

7.8 

High 

NVD 

CVE-2017-12459 

7.8 

High 

NVD 

CVE-2018-1000876 

7.8 

High 

NVD 

CVE-2017-12451 

7.8 

High 

NVD 

CVE-2022-47673 

7.8 

High 

NVD 

CVE-2017-12455 

7.8 

High 

NVD 

CVE-2017-12458 

7.8 

High 

NVD 

CVE-2017-12448 

7.8 

High 

NVD 

CVE-2017-12453 

7.8 

High 

NVD 

CVE-2022-47695 

7.8 

High 

NVD 

CVE-2017-12452 

7.8 

High 

NVD 

CVE-2021-46174 

7.5 

High 

NVD 

CVE-2020-35342 

7.5 

High 

NVD 

CVE-2021-20197 

6.3 

Medium 

NVD 

CVE-2020-35494 

6.1 

Medium 

NVD 

CVE-2019-1010204 

5.5 

Medium 

NVD 

CVE-2018-20671 

5.5 

Medium 

NVD 

CVE-2020-35496 

5.5 

Medium 

NVD 

CVE-2022-48064 

5.5 

Medium 

NVD 

CVE-2022-38533 

5.5 

Medium 

NVD 

CVE-2018-19932 

5.5 

Medium 

NVD 

CVE-2022-48065 

5.5 

Medium 

NVD 

CVE-2022-48063 

5.5 

Medium 

NVD 

CVE-2020-35507 

5.5 

Medium 

NVD 

CVE-2020-35493 

5.5 

Medium 

NVD 

CVE-2020-21490 

5.5 

Medium 

NVD 

CVE-2020-35495 

5.5 

Medium 

NVD 

CVE-2020-19724 

5.5 

Medium 

Python 2.7.9 

Database 
CVE 
Score 
Classification 

NVD 

CVE-2016-5636 

9.8 

Critical 

NVD 

CVE-2018-1000802 

9.8 

Critical 

NVD 

CVE-2019-9636 

9.8 

Critical 

NVD 

CVE-2019-10160 

9.8 

Critical 

NVD 

CVE-2022-48565 

9.8 

Critical 

NVD 

CVE-2016-9063 

9.8 

Critical 

NVD 

CVE-2017-1000158 

9.8 

Critical 

NVD 

CVE-2016-0718 

9.8 

Critical 

NVD 

CVE-2019-9948 

9.1 

Critical 

NVD 

CVE-2017-17522 

8.8 

High 

NVD 

CVE-2016-4472 

8.1 

High 

NVD 

CVE-2019-13404 

7.8 

High 

NVD 

CVE-2023-36632 

7.5 

High 

NVD 

CVE-2022-48560 

7.5 

High 

NVD 

CVE-2019-5010 

7.5 

High 

NVD 

CVE-2019-16056 

7.5 

High 

NVD 

CVE-2022-45061 

7.5 

High 

NVD 

CVE-2016-2183 

7.5 

High 

NVD 

CVE-2019-15903 

7.5 

High 

NVD 

CVE-2019-9674 

7.5 

High 

NVD 

CVE-2023-24329 

7.5 

High 

NVD 

CVE-2018-1061 

7.5 

High 

NVD 

CVE-2022-0391 

7.5 

High 

NVD 

CVE-2018-14647 

7.5 

High 

NVD 

CVE-2017-9233 

7.5 

High 

NVD 

CVE-2018-1060 

7.5 

High 

NVD 

CVE-2022-26488 

High 

NVD 

CVE-2015-1283 

6.8 

Medium 

NVD 

CVE-2017-18207 

6.5 

Medium 

NVD 

CVE-2020-8492 

6.5 

Medium 

NVD 

CVE-2016-0772 

6.5 

Medium 

NVD 

CVE-2022-48564 

6.5 

Medium 

NVD 

CVE-2021-3733 

6.5 

Medium 

NVD 

CVE-2016-5699 

6.1 

Medium 

NVD 

CVE-2016-1000110 

6.1 

Medium 

NVD 

CVE-2019-16935 

6.1 

Medium 

NVD 

CVE-2019-18348 

6.1 

Medium 

NVD 

CVE-2019-9740 

6.1 

Medium 

NVD 

CVE-2019-9947 

6.1 

Medium 

NVD 

CVE-2022-48566 

5.9 

Medium 

NVD 

CVE-2021-23336 

5.9 

Medium 

NVD 

CVE-2021-3426 

5.7 

Medium 

NVD 

CVE-2018-20852 

5.3 

Medium 

NVD 

CVE-2023-40217 

5.3 

Medium 

NVD 

CVE-2023-27043 

5.3 

Medium 

NVD 

CVE-2018-1000030 

3.6 

Low 

  

Affected Products / Affected Versions 

VEOS from 2019-B up to 2023-B 

Solution 

The provided script will uninstall the GCC 5.2 compiler from the system. 

The script must be executed after the installation of the basic software and after the installation of service packs and patches. If a recovery/repair is carried out, the components are automatically restored and the script must be executed again. 

Limitations 

By uninstalling the GNU Compiler Collection, it is no longer possible to create compilations for VEOS. In order to continue compiling code for VEOS, a newer version of the GNU Compiler Collection must be available on the system. 

  • veos_remove_gcc5.2.ps1.zip ZIP, 0.5 KB
Tags
Date 2024-01-09
Product VEOS
Information Type Notifications
Information Category Product Security, Troubleshooting
dSPACE Release 2023-B, 2023-A, 2022-B, 2022-A, 2021-B, 2021-A, 2020-B, 2020-A, 2019-B

Drive innovation forward. Always on the pulse of technology development.

Subscribe to our expert knowledge. Learn from our successful project examples. Keep up to date on simulation and validation. Subscribe to/manage dSPACE direct and aerospace & defense now.

Enable form call

At this point, an input form from Click Dimensions is integrated. This enables us to process your newsletter subscription. The form is currently hidden due to your privacy settings for our website.

External input form

By activating the input form, you consent to personal data being transmitted to Click Dimensions within the EU, in the USA, Canada or Australia. More on this in our privacy policy.