7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.002 Low
EPSS
Percentile
50.3%
binutils is vulnerable to Denial Of Service (DoS). The vulnerability exists in dlang_lname
function in d-demangle.c
due to heap/stack buffer overflow which allows an attacker to cause an application crash via a malicious mangled symbol.
gcc.gnu.org/git/?p=gcc.git%3Ba=commit%3Bh=5481040197402be6dfee265bd2ff5a4c88e30505
gcc.gnu.org/git/?p=gcc.git;a=commit;h=5481040197402be6dfee265bd2ff5a4c88e30505
gcc.gnu.org/pipermail/gcc-patches/2021-September/579987
github.com/advisories/GHSA-88rg-m78j-x8xw
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4MYLS3VR4OPL5ECRWOR4ZHMGXUSCJFZY/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6AKZ2DTS3ATVN5PANNVLKLE5OP4OF25Q/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7MTEHT3G6YKJ7F7MSGWYSI4UM3XBAYXZ/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AXFC74WRZ2Q7F2TSUKPYNIL7ZPBWYI6L/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H424YXGW7OKXS2NCAP35OP6Y4P4AW6VG/
lists.fedoraproject.org/archives/list/[email protected]/message/4MYLS3VR4OPL5ECRWOR4ZHMGXUSCJFZY/
lists.fedoraproject.org/archives/list/[email protected]/message/6AKZ2DTS3ATVN5PANNVLKLE5OP4OF25Q/
lists.fedoraproject.org/archives/list/[email protected]/message/7MTEHT3G6YKJ7F7MSGWYSI4UM3XBAYXZ/
lists.fedoraproject.org/archives/list/[email protected]/message/AXFC74WRZ2Q7F2TSUKPYNIL7ZPBWYI6L/
lists.fedoraproject.org/archives/list/[email protected]/message/H424YXGW7OKXS2NCAP35OP6Y4P4AW6VG/
security-tracker.debian.org/tracker/CVE-2021-3826