A heap-based buffer over-read exists in the function...
Moderate severity
Unreviewed
Published
May 13, 2022
to the GitHub Advisory Database
•
Updated Feb 2, 2023
Description
Published by the National Vulnerability Database
Jan 15, 2019
Published to the GitHub Advisory Database
May 13, 2022
Last updated
Feb 2, 2023
A heap-based buffer over-read exists in the function d_expression_1 in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.1. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by c++filt.
References