PT-2018-2451 · Gnu+2 · Gnu Binutils+2

慕冬亮

Publicado

2018-03-02

Atualizado

2026-04-20

CVE-2018-9996

CVSS v3.1

5.5

Média

Vetor

AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions GNU Binutils version 2.30

Description The issue is related to stack exhaustion in the C++ demangling functions provided by libiberty, specifically in the demangle template value parm, demangle integral value, and demangle expression functions. This can lead to a denial of service.

Recommendations For GNU Binutils version 2.30, consider updating to a newer version that addresses this issue. As a temporary workaround, restrict the use of the demangling functions to minimize the risk of exploitation.

Exploit

Correção

Uncontrolled Recursion

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-674CWE-399

Identificadores relacionados

ALT-PU-2019-1204

ALT-PU-2019-1367

BDU:2019-00673

CVE-2018-9996

ECHO-536F-33FE-97EE

Produtos afetados

Alt Linux

Debian

Gnu Binutils

PT-2018-2451 · Gnu+2 · Gnu Binutils+2

CVE-2018-9996

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 9