CVE-2018-12698

Name of the Vulnerable Software and Affected Versions GNU Binutils version 2.30

Description The issue is related to the demangle template function in the cplus-dem.c component of GNU Binutils, which is associated with uncontrolled resource consumption. This allows a remote attacker to cause a denial of service. The vulnerability can be triggered during the execution of objdump, leading to excessive memory consumption, also known as an out-of-memory (OOM) condition, when creating an array for saving template argument values during the XNEWVEC call.

Recommendations For GNU Binutils version 2.30, consider disabling the demangle template function in cplus-dem.c as a temporary workaround to minimize the risk of exploitation. Restrict access to the objdump execution to reduce the likelihood of triggering the excessive memory consumption.