Sign In

CVE-2018-20673

ADVISORY - nist

Summary

The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, contains an integer overflow vulnerability (for "Create an array for saving the template argument values") that can trigger a heap-based buffer overflow, as demonstrated by nm.

EPSS Score: 0.00119 (0.316)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-190

Integer Overflow or Wraparound

CWE-787

Out-of-bounds Write

ADVISORY - redhat

CWE-122

Heap-based Buffer Overflow

CWE-190

Integer Overflow or Wraparound

Impacted images

Advisories

NIST

CREATED

UPDATED

ADVISORY IDCVE-2018-20673
EXPLOITABILITY SCORE

1.8

EXPLOITS FOUND
COMMON WEAKNESS ENUMERATION (CWE)
CWE-190CWE-787

CVSS SCORE

5.5medium

Debian

CREATED

UPDATED

ADVISORY IDCVE-2018-20673
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Ubuntu

CREATED

UPDATED

ADVISORY IDCVE-2018-20673
EXPLOITABILITY SCORE

1.8

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

5.5low

Alma

CREATED

UPDATED

ADVISORY IDALSA-2021:4386
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Red Hat

CREATED

UPDATED

ADVISORY IDCVE-2018-20673
EXPLOITABILITY SCORE

1.8

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CWE-122CWE-190

CVSS SCORE

5.3medium

Rocky

CREATED

UPDATED

ADVISORY IDRLSA-2021:4386
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Oracle

CREATED

UPDATED

ADVISORY IDELSA-2021-4386
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

intheWild

CREATED

UPDATED

ADVISORY IDCVE-2018-20673
EXPLOITABILITY SCORE

-

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)-
RATING UNAVAILABLE FROM ADVISORY