Bug 1668269 (CVE-2018-20712) - CVE-2018-20712 libiberty: heap-based buffer over-read in d_expression_1
Summary: CVE-2018-20712 libiberty: heap-based buffer over-read in d_expression_1
Status: NEW
Alias: CVE-2018-20712
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
Depends On: 1668270
Blocks: 1668272
TreeView+ depends on / blocked
Reported: 2019-01-22 10:40 UTC by Dhananjay Arunesh
Modified: 2019-09-29 15:05 UTC (History)
15 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Last Closed:

Attachments (Terms of Use)

Description Dhananjay Arunesh 2019-01-22 10:40:34 UTC
A heap-based buffer over-read exists in the function d_expression_1 in
cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.1. A crafted
input can cause segmentation faults, leading to denial-of-service.

Upstream Issue:

Comment 1 Dhananjay Arunesh 2019-01-22 10:40:50 UTC
Created binutils tracking bugs for this issue:

Affects: fedora-all [bug 1668270]

Comment 2 Riccardo Schirone 2019-01-23 09:45:27 UTC
The flaw was introduced in binutils through commit af03af8f55f2536b6e20928e6b1fa0324a5f3d6e.

Note You need to log in before you can comment on or make changes to this bug.