Adhokshaj Mishra

Name of the Vulnerable Software and Affected Versions: GNU Binutils version 2.29 Description: The issue is related to the C++ symbol demangler routine in cplus-dem.c, which allows remote attackers to cause a denial of service through excessive memory allocation and application crash via a crafted file. This can be triggered by a call from the Binary File Descriptor (BFD) library. The vulnerability is associated with unlimited memory allocation. Recommendations: For GNU Binutils version 2.29, consider updating to a newer version to mitigate the risk of excessive memory allocation and application crash. As a temporary workaround, restrict the use of crafted files that could trigger the denial of service. At the moment, there is no information about a newer version that contains a fix for this vulnerability.