A vulnerability was found in libiberty when demangling some specific mangled functions. A particularly malicious attacker could craft an executable that executes when *analysed* by objdump, nm or gdb, or any other libiberty-based forensics tool (if the demangling option is switched on). External references: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=69687 References: http://seclists.org/oss-sec/2016/q2/238 Upstream fix: https://gcc.gnu.org/viewcvs/gcc?view=revision&revision=234829
Created msp430-gcc tracking bugs for this issue: Affects: fedora-all [bug 1333388]
Created mingw-gcc tracking bugs for this issue: Affects: epel-all [bug 1333389]
Statement: Red Hat Product Security has rated this issue as having Low security impact. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.