462 matches found
SUSE CVE-2018-12641
An issue was discovered in armpt in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demanglearmhptemplate, demangleclassname, demanglefundtype, dotype, doarg,...
SUSE CVE-2018-12698
demangletemplate in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption aka OOM during the "Create an array for saving the template argument values" XNEWVEC call. This can occur during execution of objdump...
SUSE CVE-2018-12934
rememberKtype in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption aka OOM. This can occur during execution of cxxfilt...
SUSE CVE-2018-17794
An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in workstuffcopytofrom when called from iteratedemanglefunction...
SUSE CVE-2018-17985
An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption problem caused by the cplusdemangletype function making recursive calls to itself in certain scenarios involving many 'P' characters...
SUSE CVE-2018-18483
The getcount function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31, allows remote attackers to cause a denial of service malloc called with the result of an integer-overflowing calculation or possibly have unspecified other impact via a crafted string, as demonstrated by...
SUSE CVE-2018-18484
An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there is a stack consumption problem caused by recursive stack frames: cplusdemangletype, dbarefunctiontype,...
SUSE CVE-2018-18701
An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions nextistypequal and cplusdemangletype in cp-demangle.c. Remote attackers could leverage this vulnerability t...
SUSE CVE-2018-18700
An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions dname, dencoding, and dlocalname in cp-demangle.c. Remote attackers could leverage this vulnerability to...
SUSE CVE-2018-20657
The demangletemplate function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, has a memory leak via a crafted string, leading to a denial of service memory consumption, as demonstrated by cxxfilt, a related issue to CVE-2018-12698...
SUSE CVE-2018-20673
The demangletemplate function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, contains an integer overflow vulnerability for "Create an array for saving the template argument values" that can trigger a heap-based buffer overflow, as demonstrated by nm...
SUSE CVE-2018-20712
A heap-based buffer over-read exists in the function dexpression1 in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.1. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by c++filt...
SUSE CVE-2019-9070
An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a heap-based buffer over-read in dexpression1 in cp-demangle.c after many recursive calls...
SUSE CVE-2019-9071
An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a stack consumption issue in dcounttemplatesscopes in cp-demangle.c after many recursive calls...
SUSE CVE-2019-14250
An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simpleobjectelfmatch in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow...
SUSE CVE-2021-3530
A flaw was discovered in GNU libiberty within demanglepath in rust-demangle.c, as distributed in GNU Binutils version 2.36. A crafted symbol can cause stack memory to be exhausted leading to a crash...
SUSE CVE-2021-46195
GCC v12.0 was discovered to contain an uncontrolled recursion via the component libiberty/rust-demangle.c. This vulnerability allows attackers to cause a Denial of Service DoS by consuming excessive CPU and memory resources...
SUSE CVE-2022-27943
libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangleconst, as demonstrated by nm-new...
Fedora 36 : mingw-gcc (2022-c9a1fd5370)
The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-c9a1fd5370 advisory. Backport fixes for CVE-2021-3826 and CVE-2022-27943. Tenable has extracted the preceding description block directly from the Fedora security advisor...
SUSE SLES12: binutils / binutils-devel / binutils-gold / cross-ppc-binutils / etc (SUSE-SU-2022:4277-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4277-1 advisory. The following security bugs were fixed: - CVE-2019-1010204: Fixed out-of-bounds read in elfcpp/elfcppfile.h bsc1142579. -...