Your submission was sent successfully! Close

CVE-2018-18701

Published: 29 October 2018

An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions next_is_type_qual() and cplus_demangle_type() in cp-demangle.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via an ELF file, as demonstrated by nm.

Notes

AuthorNote
mdeslaur 
same commit as CVE-2018-12697 to CVE-2018-12700
Priority

Low

CVSS 3 base score: 5.5

Status

Package Release Status
binutils
Launchpad, Ubuntu, Debian 		bionic
Released (2.30-21ubuntu1~18.04.3)
cosmic Ignored
(reached end-of-life)
disco Not vulnerable
(2.32-7ubuntu4)
eoan Not vulnerable
(2.32-8ubuntu1)
focal Not vulnerable
(2.32-8ubuntu1)
groovy Not vulnerable
(2.32-8ubuntu1)
hirsute Not vulnerable
(2.32-8ubuntu1)
impish Not vulnerable
(2.32-8ubuntu1)
jammy Not vulnerable
(2.32-8ubuntu1)
kinetic Not vulnerable
(2.32-8ubuntu1)
precise Ignored
(end of ESM support, was needs-triage)
trusty Needs triage

upstream Needs triage

xenial
Released (2.26.1-1ubuntu1~16.04.8+esm1)
Patches:
upstream: https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=03e51746ed98d9106803f6009ebd71ea670ad3b9

libiberty
Launchpad, Ubuntu, Debian 		artful Ignored
(reached end-of-life)
bionic
Released (20170913-1ubuntu0.1)
cosmic Ignored
(reached end-of-life)
disco Ignored
(reached end-of-life)
eoan Not vulnerable
(20190122-1)
focal Not vulnerable
(20190122-1)
groovy Not vulnerable
(20190122-1)
hirsute Not vulnerable
(20190122-1)
impish Not vulnerable
(20190122-1)
jammy Not vulnerable
(20190122-1)
kinetic Not vulnerable
(20190122-1)
precise Does not exist

trusty Does not exist

upstream
Released (20190122-1)
xenial
Released (20160215-1ubuntu0.3)
Patches:

upstream: https://gcc.gnu.org/viewcvs/gcc?view=revision&revision=266886

References

Bugs

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Further reading