Published: 24/02/2017 Updated: 28/07/2017

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 384

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

The d_print_comp function in cp-demangle.c in libiberty allows remote malicious users to cause a denial of service (segmentation fault and crash) via a crafted binary, which triggers infinite recursion and a buffer overflow, related to a node having "itself as ancestor more than once."

Vulnerable Product	Search on Vulmon	Subscribe to Product
gnu libiberty

Several security issues were fixed in gdb ...

Several security issues were fixed in libiberty ...

Valgrind could be made to crash or run programs if it opened a specially crafted file ...

Debian Bug report logs - #858264 binutils: CVE-2017-6965 Package: binutils; Maintainer for binutils is Matthias Klose <doko@debianorg>; Source for binutils is src:binutils (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@debianorg> Date: Mon, 20 Mar 2017 13:03:01 UTC Severity: important Tags: fixed-upstr ...

Debian Bug report logs - #858263 binutils: CVE-2017-6966 Package: binutils; Maintainer for binutils is Matthias Klose <doko@debianorg>; Source for binutils is src:binutils (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@debianorg> Date: Mon, 20 Mar 2017 13:03:01 UTC Severity: important Tags: fixed-upstr ...

Debian Bug report logs - #858324 binutils: CVE-2017-7210 Package: src:binutils; Maintainer for src:binutils is Matthias Klose <doko@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 21 Mar 2017 09:57:05 UTC Severity: important Tags: fixed-upstream, patch, security, upstream Found in versi ...

Debian Bug report logs - #858323 binutils: CVE-2017-7209 Package: src:binutils; Maintainer for src:binutils is Matthias Klose <doko@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 21 Mar 2017 09:57:02 UTC Severity: important Tags: fixed-upstream, patch, security, upstream Found in versi ...

Debian Bug report logs - #840889 libiberty: CVE-2016-6131 Package: src:libiberty; Maintainer for src:libiberty is Debian GCC Maintainers <debian-gcc@listsdebianorg>; Reported by: gladk@debianorg Date: Sat, 15 Oct 2016 19:12:07 UTC Severity: important Tags: patch, security Found in versions libiberty/20141014-1, libiber ...

Debian Bug report logs - #858256 binutils: CVE-2017-6969 Package: binutils; Maintainer for binutils is Matthias Klose <doko@debianorg>; Source for binutils is src:binutils (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@debianorg> Date: Mon, 20 Mar 2017 13:03:01 UTC Severity: important Tags: fixed-upstr ...

Debian Bug report logs - #840358 Multiple security issues in libiberty Package: ht; Maintainer for ht is Anton Gladky <gladk@debianorg>; Source for ht is src:ht (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@debianorg> Date: Mon, 10 Oct 2016 21:39:02 UTC Severity: grave Tags: fixed-upstream, security, ...

The d_print_comp function in cp-demanglec in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, which triggers infinite recursion and a buffer overflow, related to a node having "itself as ancestor more than once" ...

CWE-119 https://gcc.gnu.org/ml/gcc-patches/2016-05/msg00105.html https://gcc.gnu.org/bugzilla/show_bug.cgi?id=70909 http://www.openwall.com/lists/oss-security/2016/05/05/5 http://www.securityfocus.com/bid/90016 https://nvd.nist.gov https://usn.ubuntu.com/3367-1/

Get Started

CVE-2016-4491

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect