CVE-2018-12641
binutils: Stack Exhaustion in the demangling functions provided by libiberty
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
An issue was discovered in arm_pt in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_arm_hp_template, demangle_class_name, demangle_fund_type, do_type, do_arg, demangle_args, and demangle_nested_args. This can occur during execution of nm-new.
Se ha descubierto un problema en arm_pt en cplus-dem.c en GNU libiberty, tal y como se distribuye en GNU Binutils 2.30. La pila se agota en las funciones demangling en C++ proporcionadas por libiberty y hay tramas de pila recursivas: demangle_arm_hp_template, demangle_class_name, demangle_fund_type, do_type, do_arg, demangle_args y demangle_nested_args. Esto puede ocurrir durante la ejecuciĆ³n de nm-new.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2018-06-22 CVE Reserved
- 2018-06-22 CVE Published
- 2023-06-16 EPSS Updated
- 2024-08-05 CVE Updated
- 2024-08-05 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-400: Uncontrolled Resource Consumption
CAPEC
References (9)
| URL | Tag | Source |
|---|---|---|
| https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763099 | Third Party Advisory |
| URL | Date | SRC |
|---|---|---|
| https://sourceware.org/bugzilla/show_bug.cgi?id=23058 | 2024-08-05 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://access.redhat.com/errata/RHSA-2019:2075 | 2019-10-03 | |
| https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85452 | 2019-10-03 | |
| https://security.gentoo.org/glsa/201908-01 | 2019-10-03 | |
| https://usn.ubuntu.com/4326-1 | 2019-10-03 | |
| https://usn.ubuntu.com/4336-1 | 2019-10-03 | |
| https://access.redhat.com/security/cve/CVE-2018-12641 | 2019-08-06 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1594410 | 2019-08-06 |