VYPR
Unrated severityOSV Advisory· Published Oct 27, 2018· Updated Aug 5, 2024

CVE-2018-18701

CVE-2018-18701

Description

An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions next_is_type_qual() and cplus_demangle_type() in cp-demangle.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via an ELF file, as demonstrated by nm.

Affected products

3
  • GNU/BinutilsOSV2 versions
    binutils-2_31, gdb-4_18-branchpoint, gdb-7.10-branchpoint, …+ 1 more
    • (no CPE)range: binutils-2_31, gdb-4_18-branchpoint, gdb-7.10-branchpoint, …
    • (no CPE)range: 2.31
  • GNU/Libibertyllm-fuzzy
    Range: in Binutils 2.31

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.