CVE-2018-20673 — Integer Overflow or Wraparound in Binutils

CWE-190 — Integer Overflow or Wraparound CWE-787 — Out-of-bounds Write17 documents7 sources

Severity

5.5MEDIUMNVD

EPSS

0.1%

top 73.94%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

GNU Binutils

Timeline

PublishedJan 4

Latest updateMay 13

Description

The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, contains an integer overflow vulnerability (for "Create an array for saving the template argument values") that can trigger a heap-based buffer overflow, as demonstrated by nm.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages1 packages

▶NVDgnu/binutils2.31.1

🔴Vulnerability Details

GHSA

GHSA-jx5v-cp2v-88f2: The demangle_template function in cplus-dem↗2022-05-13

▶

OSV

CVE-2018-20673: The demangle_template function in cplus-dem↗2019-01-04

▶

CVEList

CVE-2018-20673: The demangle_template function in cplus-dem↗2019-01-04

▶

📋Vendor Advisories

Red Hat

libiberty: Integer overflow in demangle_template() function↗2018-12-27

▶

Debian

CVE-2018-20673: binutils - The demangle_template function in cplus-dem.c in GNU libiberty, as distributed i...↗2018

▶

💬Community

Bugzilla

CVE-2018-20673 avr-binutils: libiberty: Integer overflow in demangle_template() function [fedora-all]↗2019-01-14

▶

Bugzilla

CVE-2018-20673 gcc: libiberty: Integer overflow in demangle_template() function [fedora-all]↗2019-01-14

▶

Bugzilla

CVE-2018-20673 gccxml: libiberty: Integer overflow in demangle_template() function [fedora-all]↗2019-01-14

▶

Bugzilla

CVE-2018-20673 gdb: libiberty: Integer overflow in demangle_template() function [fedora-all]↗2019-01-14

▶

Bugzilla

CVE-2018-20673 sdcc: libiberty: Integer overflow in demangle_template() function [fedora-all]↗2019-01-14

▶