CVE-2018-20712 - log back

CVE-2018-20712 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Denial of service
Description
+ A heap-based buffer over-read exists in the function d_expression_1 in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.1. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by c++filt.
References
+ http://www.securityfocus.com/bid/106563
+ https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88629
+ https://sourceware.org/bugzilla/show_bug.cgi?id=24043
Notes