Sign In

CVE-2018-18483

SOURCE - nist

Summary

The get_count function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31, allows remote attackers to cause a denial of service (malloc called with the result of an integer-overflowing calculation) or possibly have unspecified other impact via a crafted string, as demonstrated by c++filt.

EPSS Score: 0.00993 (0.835)

Common Weakness Enumeration (CWE)

SOURCE - nist

CWE-190

Integer Overflow or Wraparound

SOURCE - redhat

CWE-190

Integer Overflow or Wraparound

CWE-400

Uncontrolled Resource Consumption

Sources (6)

Impacted images

debian

CREATED

UPDATED

SOURCE IDCVE-2018-18483
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow
PackageTypeOS NameOS VersionAffected RangesFix Versions
debian/binutilsdebdebian12>=2.40-2Not yet available
debian/binutilsdebdebian11>=2.35.2-2Not yet available
debian/binutilsdebdebian13>=2.42-4Not yet available
debian/binutilsdebdebianunstable>=2.42-4Not yet available
debian/binutilsdebdebian10>=2.31.1-16Not yet available

Severity and metrics

No CVSS data available from this source.

nist

CREATED

UPDATED

SOURCE IDCVE-2018-18483
EXPLOITABILITY SCORE

1.8

EXPLOITS FOUND
COMMON WEAKNESS ENUMERATION (CWE)
CWE-190

CVSS SCORE

7.8high

ubuntu

CREATED

UPDATED

SOURCE IDCVE-2018-18483
EXPLOITABILITY SCORE

1.8

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

7.8low

redhat

CREATED

UPDATED

SOURCE IDCVE-2018-18483
EXPLOITABILITY SCORE

2.8

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CWE-190CWE-400

CVSS SCORE

4.3low

suse

CREATED

UPDATED

SOURCE IDCVE-2018-18483
EXPLOITABILITY SCORE

2.8

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

4.3medium

inthewild

CREATED

UPDATED

SOURCE IDCVE-2018-18483
EXPLOITABILITY SCORE

-

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)-
RATING UNAVAILABLE FROM SOURCE