CVE-2018-18701 — Infinite Loop in Binutils
Severity
5.5MEDIUMNVD
EPSS
0.3%
top 43.81%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedOct 29
Latest updateMay 13
Description
An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions next_is_type_qual() and cplus_demangle_type() in cp-demangle.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via an ELF file, as demonstrated by nm.
CVSS vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6
Affected Packages2 packages
🔴Vulnerability Details
3📋Vendor Advisories
5💬Community
4Bugzilla▶
CVE-2018-18701 binutils: infinite recursion in next_is_type_qual and cplus_demangle_type functions in cp-demangle.c↗2018-11-05
Bugzilla▶
CVE-2018-18701 mingw-binutils: binutils: infinite recursion in next_is_type_qual and cplus_demangle_type functions in cp-demangle.c [epel-all]↗2018-11-05
Bugzilla▶
CVE-2018-18701 binutils: infinite recursion in next_is_type_qual and cplus_demangle_type functions in cp-demangle.c [fedora-all]↗2018-11-05
Bugzilla▶
CVE-2018-17794 binutils: NULL pointer dereference in libiberty/cplus-dem.c:work_stuff_copy_to_from() via crafted input↗2018-10-02