Bug 2122627 (CVE-2021-3826) - CVE-2021-3826 libiberty: Heap/stack buffer overflow in the dlang_lname function in d-demangle.c
Summary: CVE-2021-3826 libiberty: Heap/stack buffer overflow in the dlang_lname functi...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2021-3826
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 2132586 2132587 2132588 2132589 2132590 2132591 2132592 2132593 2132594 2132595 2132596 2132597 2132598 2132599 2132600 2132601 2132602 2132603 2149659
Blocks: 2122629
TreeView+ depends on / blocked
 
Reported: 2022-08-30 13:21 UTC by Pedro Sampaio
Modified: 2024-01-12 19:54 UTC (History)
39 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
A vulnerability was found in Libiberty. A heap and stack buffer overflow found in the dlang_lname function in d-demangle.c leads to a denial of service.
Clone Of:
Environment:
Last Closed: 2023-05-23 16:41:59 UTC
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2023:3269 0 None None None 2023-05-23 11:27:12 UTC
Red Hat Product Errata RHSA-2023:6372 0 None None None 2023-11-07 08:14:50 UTC

Description Pedro Sampaio 2022-08-30 13:21:15 UTC
Heap/stack buffer overflow in the dlang_lname function in d-demangle.c in libiberty allows attackers to potentially cause a denial of service (segmentation fault and crash) via a crafted mangled symbol.

Upstream fix:

https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=5481040197402be6dfee265bd2ff5a4c88e30505

References:

https://gcc.gnu.org/pipermail/gcc-patches/2021-September/579985.html

Comment 1 Patrick Monnerat 2022-08-30 15:44:53 UTC
Thanks for the "heads-up"!
insight was already OK in Fedora>=36.
In F35, insight-13.0.50.20220502-1.fc35 fixes the problem: https://koji.fedoraproject.org/koji/buildinfo?buildID=2055285 currently testing pending.

Comment 2 Fedora Update System 2022-09-08 11:07:05 UTC
FEDORA-2022-8e1df11a7a has been pushed to the Fedora 35 stable repository.
If problem still persists, please make note of it in this bug report.

Comment 4 Dhananjay Arunesh 2022-10-06 08:24:59 UTC
Created binutils tracking bugs for this issue:

Affects: fedora-all [bug 2132594]


Created gcc tracking bugs for this issue:

Affects: fedora-all [bug 2132586]


Created gdb tracking bugs for this issue:

Affects: fedora-all [bug 2132595]


Created mingw-binutils tracking bugs for this issue:

Affects: fedora-all [bug 2132596]


Created mingw-gcc tracking bugs for this issue:

Affects: fedora-all [bug 2132587]


Created mingw-gdb tracking bugs for this issue:

Affects: fedora-all [bug 2132603]

Comment 7 errata-xmlrpc 2023-05-23 11:27:08 UTC
This issue has been addressed in the following products:

  Red Hat Software Collections for Red Hat Enterprise Linux 7

Via RHSA-2023:3269 https://access.redhat.com/errata/RHSA-2023:3269

Comment 8 Product Security DevOps Team 2023-05-23 16:41:55 UTC
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2021-3826

Comment 9 errata-xmlrpc 2023-11-07 08:14:46 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2023:6372 https://access.redhat.com/errata/RHSA-2023:6372


Note You need to log in before you can comment on or make changes to this bug.