CVE-2018-12641

NameCVE-2018-12641
DescriptionAn issue was discovered in arm_pt in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_arm_hp_template, demangle_class_name, demangle_fund_type, do_type, do_arg, demangle_args, and demangle_nested_args. This can occur during execution of nm-new.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
NVD severitymedium

Notes

harmless crashes exposed by binutils, but underlying issue is in libiberty from GCC
https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763099
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85452
https://sourceware.org/bugzilla/show_bug.cgi?id=23058
Fixed by: https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=03e51746ed98d9106803f6009ebd71ea670ad3b9
binutils not covered by security support

Search for package or bug name: Reporting problems