Search CVE reports
1 – 10 of 29 results
CVE-2021-32256
Low priorityAn issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.36. It is a stack-overflow issue in demangle_type in rust-demangle.c.
1 affected package
libiberty
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libiberty | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2021-3826
Low priorityHeap/stack buffer overflow in the dlang_lname function in d-demangle.c in libiberty allows attackers to potentially cause a denial of service (segmentation fault and crash) via a crafted mangled symbol.
51 affected packages
binutils, gcc-10, gcc-11, gcc-12, gcc-13...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
binutils | Not affected | Not affected | Not affected | Not affected | Not affected |
gcc-10 | Not affected | Not affected | Not affected | Not in release | Not in release |
gcc-11 | Vulnerable | Vulnerable | Not in release | Not in release | Not in release |
gcc-12 | Not affected | Not affected | Not in release | Ignored | Ignored |
gcc-13 | Not affected | Not in release | Not in release | Ignored | Ignored |
gcc-3.3 | Not affected | Not affected | Not affected | Not affected | Not affected |
gcc-4.4 | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-4.6 | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-4.7 | Not in release | Not in release | Not in release | Not in release | Not affected |
gcc-4.7-armel-cross | Not in release | Not in release | Not in release | Not in release | Not affected |
gcc-4.7-armhf-cross | Not in release | Not in release | Not in release | Not in release | Not affected |
gcc-4.8 | Not in release | Not in release | Not in release | Not affected | Not affected |
gcc-4.8-arm64-cross | Not in release | Not in release | Not in release | Not in release | Not affected |
gcc-4.8-armhf-cross | Not in release | Not in release | Not in release | Not in release | Not affected |
gcc-4.8-powerpc-cross | Not in release | Not in release | Not in release | Not in release | Not affected |
gcc-4.8-ppc64el-cross | Not in release | Not in release | Not in release | Not in release | Not affected |
gcc-4.9 | Not in release | Not in release | Not in release | Not in release | Not affected |
gcc-5 | Not in release | Not in release | Not in release | Not affected | Not affected |
gcc-5-cross | Not in release | Not in release | Not in release | Not affected | Not affected |
gcc-6 | Not in release | Not in release | Not in release | Not affected | Not in release |
gcc-6-cross | Not in release | Not in release | Not in release | Not affected | Not in release |
gcc-6-cross-ports | Not in release | Not in release | Not in release | Not affected | Not in release |
gcc-7 | Not in release | Not in release | Not affected | Not affected | Not in release |
gcc-7-cross | Not in release | Not in release | Not in release | Not affected | Not in release |
gcc-7-cross-ports | Not in release | Not in release | Not in release | Not affected | Not in release |
gcc-8 | Not in release | Not in release | Not affected | Not affected | Not in release |
gcc-8-cross | Not in release | Not in release | Not affected | Not affected | Not in release |
gcc-8-cross-ports | Not in release | Not in release | Not affected | Not affected | Not in release |
gcc-9 | Not affected | Not affected | Not affected | Not in release | Not in release |
gcc-9-cross | Not affected | Not affected | Not affected | Not in release | Not in release |
gcc-9-cross-ports | Not affected | Not affected | Not affected | Not in release | Not in release |
gcc-arm-linux-androideabi | Not in release | Not in release | Not in release | Not in release | Not affected |
gcc-arm-none-eabi | Not affected | Not affected | Not affected | Not affected | Not affected |
gcc-avr | Not affected | Not affected | Not affected | Not affected | Not affected |
gcc-defaults | Not affected | Not affected | Not affected | Not affected | Not affected |
gcc-defaults-arm64-cross | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-defaults-armel-cross | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-defaults-armhf-cross | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-defaults-powerpc-cross | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-defaults-ppc64el-cross | Not in release | Not in release | Not in release | Not in release | Not in release |
gccgo-4.9 | Not in release | Not in release | Not in release | Not in release | Not in release |
gccgo-6 | Not in release | Not in release | Not in release | Not in release | Not affected |
gcc-h8300-hms | Not affected | Not affected | Not affected | Not affected | Not affected |
gcc-i686-linux-android | Not in release | Not in release | Not in release | Not in release | Not affected |
gcc-m68hc1x | Not in release | Not affected | Not affected | Not affected | Not affected |
gcc-mingw-w64 | Not affected | Not affected | Not affected | Not affected | Not affected |
gcc-msp430 | Not in release | Not affected | Not affected | Not affected | Not affected |
gcc-opt | Not affected | Not affected | Not affected | Not affected | Not affected |
gcc-snapshot | Not affected | Not affected | Not affected | Not affected | Not affected |
gdb | Not affected | Not affected | Not affected | Needs evaluation | Needs evaluation |
libiberty | Not affected | Vulnerable | Not affected | Not affected | Not affected |
CVE-2022-27943
Low prioritylibiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangle_const, as demonstrated by nm-new.
52 affected packages
binutils, crash, gcc-10, gcc-11, gcc-12...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
binutils | Not affected | Vulnerable | Not affected | Not affected | Not affected |
crash | Not affected | Not affected | Not affected | Not affected | Not affected |
gcc-10 | Not affected | Not affected | Not affected | Not in release | Not in release |
gcc-11 | Vulnerable | Vulnerable | Not in release | Not in release | Not in release |
gcc-12 | Vulnerable | Vulnerable | Not in release | Not in release | Not in release |
gcc-13 | Not affected | Not in release | Not in release | Not in release | Not in release |
gcc-3.3 | Not affected | Not affected | Not affected | Not affected | Needs evaluation |
gcc-4.4 | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-4.6 | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-4.7 | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
gcc-4.7-armel-cross | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
gcc-4.7-armhf-cross | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
gcc-4.8 | Not in release | Not in release | Not in release | Not affected | Not affected |
gcc-4.8-arm64-cross | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
gcc-4.8-armhf-cross | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
gcc-4.8-powerpc-cross | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
gcc-4.8-ppc64el-cross | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
gcc-4.9 | Not in release | Not in release | Not in release | Not in release | Not affected |
gcc-5 | Not in release | Not in release | Not in release | Not affected | Not affected |
gcc-5-cross | Not in release | Not in release | Not in release | Not affected | Not affected |
gcc-6 | Not in release | Not in release | Not in release | Not affected | Not in release |
gcc-6-cross | Not in release | Not in release | Not in release | Not affected | Not in release |
gcc-6-cross-ports | Not in release | Not in release | Not in release | Not affected | Not in release |
gcc-7 | Not in release | Not in release | Not affected | Not affected | Not in release |
gcc-7-cross | Not in release | Not in release | Not in release | Needs evaluation | Not in release |
gcc-7-cross-ports | Not in release | Not in release | Not in release | Needs evaluation | Not in release |
gcc-8 | Not in release | Not in release | Not affected | Not affected | Not in release |
gcc-8-cross | Not in release | Not in release | Needs evaluation | Needs evaluation | Not in release |
gcc-8-cross-ports | Not in release | Not in release | Not affected | Not affected | Not in release |
gcc-9 | Not affected | Not affected | Not affected | Not in release | Not in release |
gcc-9-cross | Not affected | Not affected | Not affected | Not in release | Not in release |
gcc-9-cross-ports | Not affected | Not affected | Not affected | Not in release | Not in release |
gcc-arm-linux-androideabi | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
gcc-arm-none-eabi | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
gcc-avr | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
gcc-defaults | Not affected | Not affected | Not affected | Not affected | Not affected |
gcc-defaults-arm64-cross | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-defaults-armel-cross | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-defaults-armhf-cross | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-defaults-powerpc-cross | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-defaults-ppc64el-cross | Not in release | Not in release | Not in release | Not in release | Not in release |
gccgo-4.9 | Not in release | Not in release | Not in release | Not in release | Not in release |
gccgo-6 | Not in release | Not in release | Not in release | Not in release | Not affected |
gcc-h8300-hms | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
gcc-i686-linux-android | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
gcc-m68hc1x | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
gcc-mingw-w64 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
gcc-msp430 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
gcc-opt | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
gcc-snapshot | Not affected | Ignored | Ignored | Not affected | Not affected |
gdb | Not affected | Vulnerable | Not affected | Not affected | Not affected |
libiberty | Not affected | Vulnerable | Not affected | Not affected | Not affected |
CVE-2021-3530
Low prioritySome fixes available 1 of 6
A flaw was discovered in GNU libiberty within demangle_path() in rust-demangle.c, as distributed in GNU Binutils version 2.36. A crafted symbol can cause stack memory to be exhausted leading to a crash.
3 affected packages
binutils, gdb, libiberty
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
binutils | Not affected | Not affected | Not affected | Not affected | Not affected |
gdb | Not affected | Fixed | Not affected | Not affected | Not affected |
libiberty | Not affected | Vulnerable | Not affected | Not affected | Not affected |
CVE-2019-14250
Medium prioritySome fixes available 4 of 8
An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer...
2 affected packages
binutils, libiberty
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
binutils | Not affected | Not affected | Not affected | Fixed | Fixed |
libiberty | Not affected | Not affected | Not affected | Fixed | Fixed |
CVE-2019-9071
Low prioritySome fixes available 4 of 9
An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a stack consumption issue in d_count_templates_scopes in cp-demangle.c after many recursive calls.
2 affected packages
binutils, libiberty
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
binutils | Not affected | Not affected | Not affected | Fixed | Fixed |
libiberty | Not affected | Not affected | Not affected | Fixed | Fixed |
CVE-2019-9070
Low prioritySome fixes available 4 of 9
An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a heap-based buffer over-read in d_expression_1 in cp-demangle.c after many recursive calls.
2 affected packages
binutils, libiberty
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
binutils | Not affected | Not affected | Not affected | Fixed | Fixed |
libiberty | Not affected | Not affected | Not affected | Fixed | Fixed |
CVE-2018-20712
Low priorityA heap-based buffer over-read exists in the function d_expression_1 in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.1. A crafted input can cause segmentation faults, leading to denial-of-service, as...
1 affected package
libiberty
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libiberty | Not affected | Not affected | Not affected | Not affected | Vulnerable |
CVE-2018-18701
Low prioritySome fixes available 4 of 9
An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions next_is_type_qual()...
2 affected packages
binutils, libiberty
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
binutils | Not affected | Not affected | Not affected | Fixed | Fixed |
libiberty | Not affected | Not affected | Not affected | Fixed | Fixed |
CVE-2018-18700
Low prioritySome fixes available 4 of 9
An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions d_name(), d_encoding(),...
2 affected packages
binutils, libiberty
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
binutils | Not affected | Not affected | Not affected | Fixed | Fixed |
libiberty | Not affected | Not affected | Not affected | Fixed | Fixed |