Unrated severityOSV Advisory· Published Jan 4, 2019· Updated Aug 5, 2024
CVE-2018-20673
CVE-2018-20673
Description
The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, contains an integer overflow vulnerability (for "Create an array for saving the template argument values") that can trigger a heap-based buffer overflow, as demonstrated by nm.
Affected products
15- osv-coords12 versionspkg:rpm/almalinux/cpppkg:rpm/almalinux/gccpkg:rpm/almalinux/gcc-c%2B%2Bpkg:rpm/almalinux/gcc-gdb-pluginpkg:rpm/almalinux/gcc-gfortranpkg:rpm/almalinux/gcc-offload-nvptxpkg:rpm/almalinux/gcc-plugin-develpkg:rpm/almalinux/libitm-develpkg:rpm/almalinux/libquadmath-develpkg:rpm/almalinux/libstdc%2B%2B-develpkg:rpm/almalinux/libstdc%2B%2B-docspkg:rpm/almalinux/libstdc%2B%2B-static
< 8.5.0-3.el8.alma+ 11 more
- (no CPE)range: < 8.5.0-3.el8.alma
- (no CPE)range: < 8.5.0-3.el8.alma
- (no CPE)range: < 8.5.0-3.el8.alma
- (no CPE)range: < 8.5.0-3.el8.alma
- (no CPE)range: < 8.5.0-3.el8.alma
- (no CPE)range: < 8.5.0-3.el8.alma
- (no CPE)range: < 8.5.0-3.el8.alma
- (no CPE)range: < 8.5.0-3.el8.alma
- (no CPE)range: < 8.5.0-3.el8.alma
- (no CPE)range: < 8.5.0-3.el8.alma
- (no CPE)range: < 8.5.0-3.el8.alma
- (no CPE)range: < 8.5.0-3.el8.alma
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- www.securityfocus.com/bid/106454mitrevdb-entryx_refsource_BID
- sourceware.org/bugzilla/show_bug.cgimitrex_refsource_MISC
News mentions
0No linked articles in our index yet.