CVE-2016-4490 — Integer Overflow or Wraparound in Binutils

CWE-190 — Integer Overflow or Wraparound14 documents8 sources
Severity
5.5MEDIUMNVD
EPSS
0.6%
top 30.19%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
GNU Binutils
Timeline
PublishedFeb 24
Latest updateMay 17

Description

Integer overflow in cp-demangle.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to inconsistent use of the long and int types for lengths.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages1 packages

â–¶Debiangnu/binutils< 2.27.51.20161102-1+3

🔴Vulnerability Details

4
GHSA
GHSA-qhpq-8fgc-6f72: Integer overflow in cp-demangle↗2022-05-17
â–¶
OSV
valgrind vulnerabilities↗2017-06-21
â–¶
OSV
CVE-2016-4490: Integer overflow in cp-demangle↗2017-02-24
â–¶
CVEList
CVE-2016-4490: Integer overflow in cp-demangle↗2017-02-24
â–¶

📋Vendor Advisories

6
Ubuntu
GNU binutils vulnerabilities↗2021-07-21
â–¶
Ubuntu
gdb vulnerabilities↗2017-07-26
â–¶
Ubuntu
libiberty vulnerabilities↗2017-07-26
â–¶
Ubuntu
Valgrind vulnerabilities↗2017-06-21
â–¶
Red Hat
gcc: Write access violation↗2016-04-01
â–¶

💬Community

3
Bugzilla
CVE-2016-2226 CVE-2016-4487 CVE-2016-4488 CVE-2016-4489 CVE-2016-4490 CVE-2016-4491 CVE-2016-4492 CVE-2016-4493 mingw-gcc: various flaws [epel-all]↗2016-05-05
â–¶
Bugzilla
CVE-2016-2226 CVE-2016-4487 CVE-2016-4488 CVE-2016-4489 CVE-2016-4490 CVE-2016-4491 CVE-2016-4492 CVE-2016-4493 msp430-gcc: various flaws [fedora-all]↗2016-05-05
â–¶
Bugzilla
CVE-2016-4490 gcc: Write access violation↗2016-05-05
â–¶
CVE-2016-4490 — Integer Overflow or Wraparound | cvebase