The C++ symbol demangler routine in cplus-dem.c in libiberty, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted file, as demonstrated by a call from the Binary File Descriptor (BFD) library (aka libbfd).
Allocation of Resources Without Limits or Throttling
-
Package | Type | OS Name | OS Version | Affected Ranges | Fix Versions |
---|---|---|---|---|---|
debian/binutils | deb | debian | 12 | >=2.40-2 | Not yet available |
debian/binutils | deb | debian | 13 | >=2.42-4 | Not yet available |
debian/binutils | deb | debian | 11 | >=2.35.2-2 | Not yet available |
debian/binutils | deb | debian | unstable | >=2.42-4 | Not yet available |
debian/binutils | deb | debian | 10 | >=2.31.1-16 | Not yet available |
Severity and metrics
No CVSS data available from this source.
1.8
1.8
1.8