Home
Packages
Forums
Wiki
GitLab
Security
AUR
Download

issues
advisories
todo
stats
log
login

CVE-2018-20712 - log back

CVE-2018-20712 created at 25 Sep 2019 19:31:40

Severity

+

Medium

Remote

+

Remote

Type

+	Denial of service

Description

+	A heap-based buffer over-read exists in the function d_expression_1 in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.1. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by c++filt.

References

+	http://www.securityfocus.com/bid/106563
+	https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88629
+	https://sourceware.org/bugzilla/show_bug.cgi?id=24043

Notes