Launchpad.net

CVE 2006-1902

fold_binary in fold-const.c in GNU Compiler Collection (gcc) 4.1 improperly handles pointer overflow when folding a certain expr comparison to a corresponding offset comparison in cases other than EQ_EXPR and NE_EXPR, which might introduce buffer overflow vulnerabilities into applications that could be exploited by context-dependent attackers.NOTE: the vendor states that the essence of the issue is "not correctly interpreting an offset to a pointer as a signed value."

Related bugs and status

CVE-2006-1902 (Candidate) is related to these bugs:

Bug #121834: wrong package name (x86_64) when cross compiling make ftbfs

Summary				In	Importance	Status
	121834	wrong package name (x86_64) when cross compiling make ftbfs		gcc-4.1 (Ubuntu)	Undecided	Fix Released
	121834	wrong package name (x86_64) when cross compiling make ftbfs		gcc-4.2 (Ubuntu)	Undecided	Fix Released

Bug #1351227: libwebp ftbfs on arm64

		In	Importance	Status
1351227	libwebp ftbfs on arm64	libwebp (Ubuntu)	High	Fix Released
1351227	libwebp ftbfs on arm64	gcc-4.9 (Ubuntu)	High	Fix Released
1351227	libwebp ftbfs on arm64	gcc	Wishlist	Invalid

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2006-1902

Related bugs and status

Related bugs

References