CVE-2018-18701

An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions next_is_type_qual() and cplus_demangle_type() in cp-demangle.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via an ELF file, as demonstrated by nm.

Published : 2018-10-29 12:29 Updated : 2019-10-03 00:03

4.3
CVSS Score More info
Score 4.3 / 10
4.3
Vendor Product Version URI
Gnu Binutils 2.31 cpe:/a:gnu:binutils:2.31
  1. Gnu (1) Search CVE
    1. Binutils (1) Search CVE
      1. 2.31

CWE

ID Name Description Links
CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop') The program contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop. CVE

History of changes

Date Event
2019-10-03 00:03
2018-12-10 17:14
2018-10-29 12:29

New CVE