CVE-2021-46195
gcc: uncontrolled recursion in libiberty/rust-demangle.c
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
GCC v12.0 was discovered to contain an uncontrolled recursion via the component libiberty/rust-demangle.c. This vulnerability allows attackers to cause a Denial of Service (DoS) by consuming excessive CPU and memory resources.
Se ha detectado que GCC versión v12.0, contiene una recursión no controlada por medio del componente libiberty/rust-demangle.c. Esta vulnerabilidad permite a atacantes causar una denegación de servicio (DoS) al consumir excesivos recursos de CPU y memoria
A flaw was discovered in the GNU libiberty library within the demangle_path() function in rust-demangle.c, as distributed in the GNU Compiler Collection (GCC). This flaw allows a crafted symbol to cause stack memory to be exhausted, leading to a crash.
The gcc packages provide compilers for C, C++, Java, Fortran, Objective C, and Ada 95 GNU, as well as related support libraries.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-01-10 CVE Reserved
- 2022-01-14 CVE Published
- 2024-08-04 CVE Updated
- 2024-08-04 First Exploit
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-674: Uncontrolled Recursion
CAPEC
References (3)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|---|---|
| https://gcc.gnu.org/bugzilla/show_bug.cgi?id=103841 | 2024-08-04 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://access.redhat.com/security/cve/CVE-2021-46195 | 2022-11-15 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2046300 | 2022-11-15 |