Bug 2046300 (CVE-2021-46195)
Summary: | CVE-2021-46195 gcc: uncontrolled recursion in libiberty/rust-demangle.c | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Mauro Matteo Cascella <mcascell> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | low | Docs Contact: | |
Priority: | low | ||
Version: | unspecified | CC: | ahajkova, ailan, aoliva, dmalcolm, erik-fedora, fweimer, jakub, jwakely, klember, ktietz, law, manisandro, mcermak, mnewsome, mpolacek, mprchlik, msebor, nickc, ohudlick, rjones, sipoyare, virt-maint |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: |
A flaw was discovered in the GNU libiberty library within the demangle_path() function in rust-demangle.c, as distributed in the GNU Compiler Collection (GCC). This flaw allows a crafted symbol to cause stack memory to be exhausted, leading to a crash.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2022-12-05 02:23:37 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 2054887, 2054888, 2054889, 2054890, 2055050, 2055051 | ||
Bug Blocks: | 2046209 |
Description
Mauro Matteo Cascella
2022-01-26 14:36:14 UTC
Note - a patch to fix this bug has been proposed here: https://gcc.gnu.org/pipermail/gcc-patches/2022-January/589277.html Also note that although this CVE refers to GCC, the problem also affects the Binutils packages. The severity of the CVE might be to high however. The problem is only triggered when deliberately corrupt input is passed to a tool that attempts to demangle symbol names. Normal users should never encounter this problem. Sorry, I meant ..."might be too high"... Thanks Nick, I lowered the severity of the flaw as per your previous comment. Upstream commit: https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=f10bec5ffa487ad3033ed5f38cfd0fc7d696deab Created gcc tracking bugs for this issue: Affects: fedora-all [bug 2054887] Created mingw-gcc tracking bugs for this issue: Affects: fedora-all [bug 2054888] This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2022:8415 https://access.redhat.com/errata/RHSA-2022:8415 This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2021-46195 |