Unrated severityNVD Advisory· Published Mar 26, 2022· Updated Aug 3, 2024
CVE-2022-27943
CVE-2022-27943
Description
GNU GCC 11.2 libiberty's rust-demangle.c has a stack consumption vulnerability in demangle_const, exploitable via crafted input leading to denial of service.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
GNU GCC 11.2 libiberty's rust-demangle.c has a stack consumption vulnerability in demangle_const, exploitable via crafted input leading to denial of service.
Vulnerability
In GNU GCC 11.2, the file libiberty/rust-demangle.c contains a stack consumption vulnerability in the demangle_const function. This can be triggered by processing a crafted input, as demonstrated by the nm-new utility.
Exploitation
An attacker can exploit this vulnerability by providing a specially crafted binary or symbol name that causes demangle_const to consume excessive stack space. The nm-new tool, which uses libiberty's demangling routines, is a known vector. No authentication is required if the attacker can supply the input to the tool.
Impact
Successful exploitation leads to stack exhaustion, resulting in a denial of service (DoS) condition. The tool may crash or become unresponsive.
Mitigation
No patch or fixed version has been disclosed in the available references. Users should monitor GNU GCC updates for a fix. As a workaround, avoid processing untrusted input with tools that rely on the vulnerable demangling code.
AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
79- osv-coords77 versionspkg:rpm/opensuse/binutils&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/binutils&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/binutils&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/cross-aarch64-binutils&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/cross-aarch64-binutils&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/cross-arm-binutils&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/cross-arm-binutils&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/cross-avr-binutils&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/cross-avr-binutils&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/cross-epiphany-binutils&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/cross-epiphany-binutils&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/cross-hppa64-binutils&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/cross-hppa64-binutils&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/cross-hppa-binutils&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/cross-hppa-binutils&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/cross-i386-binutils&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/cross-i386-binutils&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/cross-ia64-binutils&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/cross-ia64-binutils&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/cross-m68k-binutils&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/cross-m68k-binutils&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/cross-mips-binutils&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/cross-mips-binutils&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/cross-ppc64-binutils&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/cross-ppc64-binutils&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/cross-ppc64le-binutils&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/cross-ppc64le-binutils&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/cross-ppc-binutils&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/cross-ppc-binutils&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/cross-riscv64-binutils&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/cross-riscv64-binutils&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/cross-rx-binutils&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/cross-rx-binutils&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/cross-s390-binutils&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/cross-s390-binutils&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/cross-s390x-binutils&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/cross-s390x-binutils&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/cross-sparc64-binutils&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/cross-sparc64-binutils&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/cross-sparc-binutils&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/cross-sparc-binutils&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/cross-spu-binutils&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/cross-spu-binutils&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/cross-x86_64-binutils&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/cross-x86_64-binutils&distro=openSUSE%20Leap%2015.4pkg:rpm/suse/binutils&distro=SUSE%20Enterprise%20Storage%206pkg:rpm/suse/binutils&distro=SUSE%20Enterprise%20Storage%207pkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-ESPOSpkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSSpkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-ESPOSpkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3pkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP4pkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP3pkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP4pkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP3pkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP4pkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCLpkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-BCLpkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-LTSSpkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-BCLpkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSSpkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-BCLpkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSSpkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4pkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1pkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2pkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/binutils&distro=SUSE%20Manager%20Proxy%204.1pkg:rpm/suse/binutils&distro=SUSE%20Manager%20Retail%20Branch%20Server%204.1pkg:rpm/suse/binutils&distro=SUSE%20Manager%20Server%204.1pkg:rpm/suse/binutils&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/binutils&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/cross-ppc-binutils&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/cross-spu-binutils&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5
< 2.39-150100.7.40.1+ 76 more
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-2.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-9.50.1
- (no CPE)range: < 2.39-9.50.1
- (no CPE)range: < 2.39-9.50.1
- (no CPE)range: < 2.39-9.50.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-9.50.1
- (no CPE)range: < 2.39-9.50.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-9.50.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-150100.7.40.1
- (no CPE)range: < 2.39-9.50.1
- (no CPE)range: < 2.39-9.50.1
- (no CPE)range: < 2.39-9.50.1
- (no CPE)range: < 2.39-9.50.1
Patches
0No patches discovered yet.
Vulnerability mechanics
No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.
References
3News mentions
0No linked articles in our index yet.