Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2018-12698

demangle_template in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM) during the "Create an array for saving the template argument values" XNEWVEC call. This can occur during execution of objdump.

Related bugs and status

CVE-2018-12698 (Candidate) is related to these bugs:

Bug #1763102: Multiple memory corruptions in objdump (binuitils-2.30-15ubuntu1)

Summary				In	Importance	Status
	1763102	Multiple memory corruptions in objdump (binuitils-2.30-15ubuntu1)		binutils (Ubuntu)	Undecided	Confirmed

See the

CVE page on Mitre.org for more details.

References

MISC: https://bugs.launchpad...
MISC: https://gcc.gnu.org/bu...
MISC: https://sourceware.org...
BID: 104539
GENTOO: GLSA-201908-01
UBUNTU: USN-4326-1
UBUNTU: USN-4336-1