CVE-2018-18484 — Uncontrolled Recursion in Binutils
Severity
5.5MEDIUMNVD
EPSS
0.2%
top 60.75%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedOct 18
Latest updateMay 13
Description
An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there is a stack consumption problem caused by recursive stack frames: cplus_demangle_type, d_bare_function_type, d_function_type.
CVSS vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6
Affected Packages2 packages
🔴Vulnerability Details
3📋Vendor Advisories
5Debian▶
CVE-2018-18484: binutils - An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU...↗2018
💬Community
6Bugzilla▶
CVE-2018-18484 binutils: Stack exhaustion in cp-demangle.c allows for denial of service [fedora-all]↗2018-11-05
Bugzilla
▶
Bugzilla▶
CVE-2018-18484 mingw-binutils: binutils: Stack exhaustion in cp-demangle.c allows for denial of service [epel-all]↗2018-11-05
Bugzilla▶
CVE-2018-18701 binutils: infinite recursion in next_is_type_qual and cplus_demangle_type functions in cp-demangle.c↗2018-11-05
Bugzilla▶
CVE-2018-18700 binutils: Recursive Stack Overflow within function d_name, d_encoding, and d_local_name in cp-demangle.c↗2018-11-05