CVE-2021-46195

CWE-674Uncontrolled Recursion6 documents6 sources
Severity
5.5MEDIUM
EPSS
0.1%
top 77.59%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
GNU GCC
Timeline
PublishedJan 14
Latest updateJan 15

Description

GCC v12.0 was discovered to contain an uncontrolled recursion via the component libiberty/rust-demangle.c. This vulnerability allows attackers to cause a Denial of Service (DoS) by consuming excessive CPU and memory resources.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

Debianbinutils< 2.37.90.20220207-1+2
NVDgnu/gcc12.0

🔴Vulnerability Details

3
GHSA
GHSA-gr6j-4vhj-c665: GCC v122022-01-15
OSV
CVE-2021-46195: GCC v122022-01-14
CVEList
CVE-2021-46195: GCC v122022-01-14

📋Vendor Advisories

2
Red Hat
gcc: uncontrolled recursion in libiberty/rust-demangle.c2021-01-29
Debian
CVE-2021-46195: binutils - GCC v12.0 was discovered to contain an uncontrolled recursion via the component ...2021
CVE-2021-46195 (MEDIUM CVSS 5.5) | GCC v12.0 was discovered to contain | cvebase.io