VYPR

Libiberty

by GNU

CVEs (27)

  • CVE-2018-20673Jan 4, 2019
    risk 0.00cvss epss 0.02

    The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, contains an integer overflow vulnerability (for "Create an array for saving the template argument values") that can trigger a heap-based buffer overflow, as demonstrated by nm.

  • CVE-2018-20657Jan 2, 2019
    risk 0.00cvss epss 0.04

    The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, has a memory leak via a crafted string, leading to a denial of service (memory consumption), as demonstrated by cxxfilt, a related issue to CVE-2018-12698.

  • CVE-2018-18700Oct 27, 2018
    risk 0.00cvss epss 0.02

    An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions d_name(), d_encoding(), and d_local_name() in cp-demangle.c. Remote attackers could…

  • CVE-2018-18701Oct 27, 2018
    risk 0.00cvss epss 0.02

    An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions next_is_type_qual() and cplus_demangle_type() in cp-demangle.c. Remote attackers could…

  • CVE-2018-18483Oct 18, 2018
    risk 0.00cvss epss 0.02

    The get_count function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31, allows remote attackers to cause a denial of service (malloc called with the result of an integer-overflowing calculation) or possibly have unspecified other impact via a crafted string,…

  • CVE-2018-18484Oct 18, 2018
    risk 0.00cvss epss 0.02

    An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there is a stack consumption problem caused by recursive stack frames: cplus_demangle_type,…

  • CVE-2012-3509Sep 5, 2012
    risk 0.00cvss epss 0.04

    Multiple integer overflows in the (1) _objalloc_alloc function in objalloc.c and (2) objalloc_alloc macro in include/objalloc.h in GNU libiberty, as used by binutils 2.22, allow remote attackers to cause a denial of service (crash) via vectors related to the "addition of…

Page 2 of 2