Libiberty
by GNU
CVEs (27)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-2226 | Hig | 0.54 | 7.8 | 0.07 | Feb 24, 2017 | Integer overflow in the string_appends function in cplus-dem.c in libiberty allows remote attackers to execute arbitrary code via a crafted executable, which triggers a buffer overflow. | ||
| CVE-2018-12698 | Hig | 0.49 | 7.5 | 0.07 | Jun 23, 2018 | demangle_template in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM) during the "Create an array for saving the template argument values" XNEWVEC call. This can occur during execution of… | ||
| CVE-2018-12697 | Hig | 0.49 | 7.5 | 0.05 | Jun 23, 2018 | A NULL pointer dereference (aka SEGV on unknown address 0x000000000000) was discovered in work_stuff_copy_to_from in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. This can occur during execution of objdump. | ||
| CVE-2016-6131 | Hig | 0.49 | 7.5 | 0.05 | Feb 7, 2017 | The demangler in GNU Libiberty allows remote attackers to cause a denial of service (infinite loop, stack overflow, and crash) via a cycle in the references of remembered mangled types. | ||
| CVE-2018-9996 | Med | 0.36 | 5.5 | 0.01 | Apr 10, 2018 | An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_template_value_parm, demangle_integral_value, and… | ||
| CVE-2018-9138 | Med | 0.36 | 5.5 | 0.01 | Mar 30, 2018 | An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.29 and 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_nested_args, demangle_args, do_arg, and do_type. | ||
| CVE-2017-13716 | Med | 0.36 | 5.5 | 0.01 | Aug 28, 2017 | The C++ symbol demangler routine in cplus-dem.c in libiberty, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted file, as demonstrated by a call from the Binary File… | ||
| CVE-2016-4493 | Med | 0.36 | 5.5 | 0.02 | Feb 24, 2017 | The demangle_template_value_parm and do_hpacc_template_literal functions in cplus-dem.c in libiberty allow remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted binary. | ||
| CVE-2016-4491 | Med | 0.36 | 5.5 | 0.02 | Feb 24, 2017 | The d_print_comp function in cp-demangle.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, which triggers infinite recursion and a buffer overflow, related to a node having "itself as ancestor more than once." | ||
| CVE-2016-4490 | Med | 0.36 | 5.5 | 0.02 | Feb 24, 2017 | Integer overflow in cp-demangle.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to inconsistent use of the long and int types for lengths. | ||
| CVE-2016-4489 | Med | 0.36 | 5.5 | 0.02 | Feb 24, 2017 | Integer overflow in the gnu_special function in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to the "demangling of virtual tables." | ||
| CVE-2016-4488 | Med | 0.36 | 5.5 | 0.02 | Feb 24, 2017 | Use-after-free vulnerability in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to "ktypevec." | ||
| CVE-2016-4487 | Med | 0.36 | 5.5 | 0.02 | Feb 24, 2017 | Use-after-free vulnerability in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to "btypevec." | ||
| CVE-2016-4492 | Med | 0.29 | 4.4 | 0.02 | Feb 24, 2017 | Buffer overflow in the do_type function in cplus-dem.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary. | ||
| CVE-2021-32256 | 0.00 | — | 0.01 | Jul 18, 2023 | An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.36. It is a stack-overflow issue in demangle_type in rust-demangle.c. | |||
| CVE-2021-3826 | 0.00 | — | 0.01 | Sep 1, 2022 | Heap/stack buffer overflow in the dlang_lname function in d-demangle.c in libiberty allows attackers to potentially cause a denial of service (segmentation fault and crash) via a crafted mangled symbol. | |||
| CVE-2021-3530 | 0.00 | — | 0.02 | Jun 2, 2021 | A flaw was discovered in GNU libiberty within demangle_path() in rust-demangle.c, as distributed in GNU Binutils version 2.36. A crafted symbol can cause stack memory to be exhausted leading to a crash. | |||
| CVE-2019-14250 | 0.00 | — | 0.02 | Jul 24, 2019 | An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow. | |||
| CVE-2019-9070 | 0.00 | — | 0.02 | Feb 24, 2019 | An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a heap-based buffer over-read in d_expression_1 in cp-demangle.c after many recursive calls. | |||
| CVE-2018-20712 | 0.00 | — | 0.03 | Jan 15, 2019 | A heap-based buffer over-read exists in the function d_expression_1 in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.1. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by c++filt. |
- risk 0.54cvss 7.8epss 0.07
Integer overflow in the string_appends function in cplus-dem.c in libiberty allows remote attackers to execute arbitrary code via a crafted executable, which triggers a buffer overflow.
- risk 0.49cvss 7.5epss 0.07
demangle_template in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM) during the "Create an array for saving the template argument values" XNEWVEC call. This can occur during execution of…
- risk 0.49cvss 7.5epss 0.05
A NULL pointer dereference (aka SEGV on unknown address 0x000000000000) was discovered in work_stuff_copy_to_from in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. This can occur during execution of objdump.
- risk 0.49cvss 7.5epss 0.05
The demangler in GNU Libiberty allows remote attackers to cause a denial of service (infinite loop, stack overflow, and crash) via a cycle in the references of remembered mangled types.
- risk 0.36cvss 5.5epss 0.01
An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_template_value_parm, demangle_integral_value, and…
- risk 0.36cvss 5.5epss 0.01
An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.29 and 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_nested_args, demangle_args, do_arg, and do_type.
- risk 0.36cvss 5.5epss 0.01
The C++ symbol demangler routine in cplus-dem.c in libiberty, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted file, as demonstrated by a call from the Binary File…
- risk 0.36cvss 5.5epss 0.02
The demangle_template_value_parm and do_hpacc_template_literal functions in cplus-dem.c in libiberty allow remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted binary.
- risk 0.36cvss 5.5epss 0.02
The d_print_comp function in cp-demangle.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, which triggers infinite recursion and a buffer overflow, related to a node having "itself as ancestor more than once."
- risk 0.36cvss 5.5epss 0.02
Integer overflow in cp-demangle.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to inconsistent use of the long and int types for lengths.
- risk 0.36cvss 5.5epss 0.02
Integer overflow in the gnu_special function in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to the "demangling of virtual tables."
- risk 0.36cvss 5.5epss 0.02
Use-after-free vulnerability in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to "ktypevec."
- risk 0.36cvss 5.5epss 0.02
Use-after-free vulnerability in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to "btypevec."
- risk 0.29cvss 4.4epss 0.02
Buffer overflow in the do_type function in cplus-dem.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary.
- CVE-2021-32256Jul 18, 2023risk 0.00cvss —epss 0.01
An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.36. It is a stack-overflow issue in demangle_type in rust-demangle.c.
- CVE-2021-3826Sep 1, 2022risk 0.00cvss —epss 0.01
Heap/stack buffer overflow in the dlang_lname function in d-demangle.c in libiberty allows attackers to potentially cause a denial of service (segmentation fault and crash) via a crafted mangled symbol.
- CVE-2021-3530Jun 2, 2021risk 0.00cvss —epss 0.02
A flaw was discovered in GNU libiberty within demangle_path() in rust-demangle.c, as distributed in GNU Binutils version 2.36. A crafted symbol can cause stack memory to be exhausted leading to a crash.
- CVE-2019-14250Jul 24, 2019risk 0.00cvss —epss 0.02
An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow.
- CVE-2019-9070Feb 24, 2019risk 0.00cvss —epss 0.02
An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a heap-based buffer over-read in d_expression_1 in cp-demangle.c after many recursive calls.
- CVE-2018-20712Jan 15, 2019risk 0.00cvss —epss 0.03
A heap-based buffer over-read exists in the function d_expression_1 in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.1. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by c++filt.
Page 1 of 2