Libiberty Security Vulnerabilities and Issues — Libiberty CVE List

GnuLibiberty

10 matches found

CVE•added 2017/02/24 8:0 p.m.•117 views

CVE-2016-4487

Technical details for CVE-2016-4487 are not publicly provided in the connected documents. The initial description notes a use-after-free in libiberty, but no vendor/product specifics or remediation are present here. Monitor for updates.

5.5CVSS5.8AI score0.01672EPSS

CVE•added 2017/02/24 8:0 p.m.•105 views

CVE-2016-4489

CVE-2016-4489 : Integer overflow in gnu_special in libiberty (demangling of virtual tables) can cause a remote crash/segmentation fault when processing a crafted binary, per the description. The entry ties the issue to GCC/libiberty’s demangler behavior and notes potential denial of service via c...

5.5CVSS6AI score0.01728EPSS

CVE•added 2017/02/24 8:0 p.m.•104 views

CVE-2016-4490

CVE-2016-4490 affects the GNU Compiler Collection (GCC). It is caused by a write access violation in cp-demangle.c (libiberty) that could allow a remote attacker to execute arbitrary code. The provided documents do not include a remediation or fixed version; consult GCC/security advisories for av...

5.5CVSS6AI score0.01824EPSS

CVE•added 2017/02/24 8:0 p.m.•101 views

CVE-2016-4493

CVE-2016-4493 : GNU Compiler Collection (GCC) / libiberty is vulnerable due to an out-of-bounds read in the demangler paths implemented by cplus-dem.c (functions demangle_template_value_parm and do_hpacc_template_literal). A crafted binary could trigger a denial of service (crash) by exploiting t...

5.5CVSS5.8AI score0.01615EPSS

CVE•added 2017/02/24 8:0 p.m.•100 views

CVE-2016-2226

CVE-2016-2226 is supported by a connected document: it details an integer overflow in the string demangling path of libiberty (cplus-dem.c) used by GCC, enabling remote code execution through crafted inputs that trigger a buffer overflow. The IBM bulletin context shows affected product scope as C...

7.8CVSS8AI score0.07267EPSS

CVE•added 2017/02/24 8:0 p.m.•100 views

CVE-2016-4488

CVE-2016-4488 is a use-after-free vulnerability in libiberty (GCC’s libiberty demangler path via ktypevec) that could allow remote denial of service (crash) when processing crafted binaries. The initial document does not specify a vendor-specific fix or version, only noting the underlying compone...

5.5CVSS5.8AI score0.0168EPSS

CVE•added 2017/02/24 8:0 p.m.•96 views

CVE-2016-4492

Technical details for CVE-2016-4492 are not provided in the supplied documents; public details appear limited to the initial description. Monitor for updates.

4.4CVSS5.6AI score0.01915EPSS

CVE•added 2017/02/07 3:0 p.m.•90 views

CVE-2016-6131

CVE-2016-6131 affects the GNU Binutils libiberty demangler. The vulnerability arises from a cycle in the references of remembered mangled types, enabling a remote attacker to cause a denial of service via an infinite loop, stack overflow, or crash. The issue is tied to the demangler in libiberty ...

7.5CVSS7AI score0.04619EPSS

CVE•added 2017/02/24 8:0 p.m.•79 views

CVE-2016-4491

CVE-2016-4491 : The connected record confirms a vulnerability in GNU Compiler Collection (GCC) involving the libiberty demangler. It is a stack-based buffer overflow caused by an infinite recursion in d_print_comp, which could enable a crash or denial of service when processing a crafted input. T...

5.5CVSS6AI score0.0178EPSS

CVE•added 2012/09/05 11:0 p.m.•71 views

CVE-2012-3509

CVE-2012-3509 concerns multiple integer overflows in GNU binutils’ libiberty and related code paths (objalloc_alloc and CHUNK_HEADER_SIZE usage) that can trigger a heap-based buffer overflow when processing untrusted inputs. The vendor-adopted description in the connected records confirms the imp...

5CVSS8.8AI score0.03602EPSS