CVE-2018-12934

Name of the Vulnerable Software and Affected Versions GNU Binutils version 2.30

Description The issue is related to the remember Ktype function in the cplus-dem.c component of GNU Binutils, which is associated with unbounded memory allocation. This can be exploited by a remote attacker to cause a denial of service, potentially leading to excessive memory consumption. The exploitation can occur during the execution of cxxfilt.

Recommendations For GNU Binutils version 2.30, consider restricting the use of the remember Ktype function in cplus-dem.c to minimize the risk of exploitation until a patch is available. As a temporary workaround, limit the amount of memory available to the cxxfilt execution to prevent excessive memory consumption. At the moment, there is no information about a newer version that contains a fix for this vulnerability.