Do your applications use this vulnerable package?
Test your applications
Overview
demangle_template in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM) during the "Create an array for saving the template argument values" XNEWVEC call. This can occur during execution of objdump.
References
CVSS Score
7.5
low severity
-
Attack VectorNetwork
-
Attack ComplexityLow
-
Privileges RequiredNone
-
User InteractionNone
-
ScopeUnchanged
-
ConfidentialityNone
-
IntegrityNone
-
AvailabilityHigh
- CVE
- CVE-2018-12698
- Snyk ID
- SNYK-DEBIAN9-BINUTILS-403976
- Disclosed
- 23 Jun, 2018
- Published
- 23 Jun, 2018