ID CVE-2018-12698
Summary demangle_template in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM) during the "Create an array for saving the template argument values" XNEWVEC call. This can occur during execution of objdump.
References
Vulnerable Configurations
  • cpe:2.3:a:gnu:binutils:2.30:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:binutils:2.30:*:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:16.04.4:*:*:*:*:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:16.04.4:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 03-10-2019 - 00:03)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:P
refmap via4
bid 104539
gentoo GLSA-201908-01
misc
ubuntu
  • USN-4326-1
  • USN-4336-1
Last major update 03-10-2019 - 00:03
Published 23-06-2018 - 23:29
Last modified 03-10-2019 - 00:03
Back to Top