CVE-2018-20657

NameCVE-2018-20657
DescriptionThe demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, has a memory leak via a crafted string, leading to a denial of service (memory consumption), as demonstrated by cxxfilt, a related issue to CVE-2018-12698.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
NVD severitymedium

Notes

Short-lived, small  memleak, not considered a real bug by upstream
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88539

Search for package or bug name: Reporting problems