Improper Input Validation in binutils

Do your applications use this vulnerable package? Test your applications

Overview

The demangler in GNU Libiberty allows remote attackers to cause a denial of service (infinite loop, stack overflow, and crash) via a cycle in the references of remembered mangled types.

References

Debian Security Tracker
OSS security Advisory
OSS security Advisory
Security Focus
Ubuntu CVE Tracker
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=71696
https://gcc.gnu.org/ml/gcc-patches/2016-06/msg02030.html

Attack Vector

Network
Attack Complexity

Low
Privileges Required

None
User Interaction

None
Scope

Unchanged
Confidentiality

None
Integrity

None
Availability

High

CVE: CVE-2016-6131
CWE: CWE-20
Snyk ID: SNYK-DEBIAN8-BINUTILS-404169
Disclosed: 07 Feb, 2017
Published: 07 Feb, 2017

Improper Input Validation
Affecting binutils package, versions *

Overview

References

CVSS Score

Improper Input Validation Affecting binutils package, versions *

Overview

References

Improper Input Validation
Affecting binutils package, versions *