CVE-2017-13716

SOURCE - nist

Summary

The C++ symbol demangler routine in cplus-dem.c in libiberty, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted file, as demonstrated by a call from the Binary File Descriptor (BFD) library (aka libbfd).

EPSS Score⁠: 0.00075 (0.321)

Common Weakness Enumeration (CWE)

SOURCE - nist

CWE-770⁠

Allocation of Resources Without Limits or Throttling

Sources (4)

Impacted images

debian

CREATED

7 years ago

UPDATED

2 months ago

SOURCE IDCVE-2017-13716⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Package	Type	OS Name	OS Version	Affected Ranges	Fix Versions
debian/binutils	deb	debian	12	>=2.40-2	Not yet available
debian/binutils	deb	debian	13	>=2.42-4	Not yet available
debian/binutils	deb	debian	11	>=2.35.2-2	Not yet available
debian/binutils	deb	debian	unstable	>=2.42-4	Not yet available
debian/binutils	deb	debian	10	>=2.31.1-16	Not yet available

Severity and metrics

No CVSS data available from this source.

nist

CREATED

7 years ago

UPDATED

5 years ago

SOURCE IDCVE-2017-13716⁠

EXPLOITABILITY SCORE

1.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-770⁠

CVSS SCORE

5.5medium

ubuntu

CREATED

7 years ago

UPDATED

21 days ago

SOURCE IDCVE-2017-13716⁠

EXPLOITABILITY SCORE

1.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

5.5low

redhat

CREATED

7 years ago

UPDATED

10 months ago

SOURCE IDCVE-2017-13716⁠

EXPLOITABILITY SCORE

1.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

3.3low