A heap-based buffer over-read exists in the function d_expression_1 in
cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.1. A crafted
input can cause segmentation faults, leading to denial-of-service.
Created binutils tracking bugs for this issue:
Affects: fedora-all [bug 1668270]
The flaw was introduced in binutils through commit af03af8f55f2536b6e20928e6b1fa0324a5f3d6e.