cbcvebase.
CVE-2021-3530
published 2021-06-02

CVE-2021-3530: A flaw was discovered in GNU libiberty within demangle_path() in rust-demangle.c, as distributed in GNU Binutils version 2.36. A crafted symbol can cause stack…

high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
A flaw was discovered in GNU libiberty within demangle_path() in rust-demangle.c, as distributed in GNU Binutils version 2.36. A crafted symbol can cause stack memory to be exhausted leading to a crash.

Affected

6 ranges
VendorProductVersion rangeFixed in
debianbinutils< binutils 2.37.90.20220207-1 (bookworm)binutils 2.37.90.20220207-1 (bookworm)
gnubinutils
gnubinutils
gnubinutils>= 0 < 2.37.90.20220207-12.37.90.20220207-1
gnubinutils>= 0 < 2.37.90.20220207-12.37.90.20220207-1
gnubinutils>= 0 < 2.37.90.20220207-12.37.90.20220207-1

CVSS provenance

nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
osv7.5HIGH