PT-2022-10702 · Libiberty+4 · Libiberty+4

Luís Ferreira

Published

2021-09-22

Updated

2024-09-03

CVE-2021-3826

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions libiberty (affected versions not specified)

Description The issue is related to a heap/stack buffer overflow in the dlang lname function in d-demangle.c, which can potentially cause a denial of service, leading to a segmentation fault and crash. This can be achieved via a crafted mangled symbol.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Buffer Overflow

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-787

Related Identifiers

ALSA-2023:6372

CVE-2021-3826

MGASA-2022-0425

OPENSUSE-SU-2022_4146-1

OPENSUSE-SU-2024:12631-1

RHSA-2023:3269

RHSA-2023:6372

RHSA-2023_6372

SUSE-SU-2022:4146-1

SUSE-SU-2022:4277-1

Affected Products

Almalinux

Debian

Red Hat

Suse

Libiberty

PT-2022-10702 · Libiberty+4 · Libiberty+4

CVE-2021-3826

Weakness Enumeration

Related Identifiers

Affected Products

References · 59