VDB

CVE-2017-13716

CVE-2017-13716 PUBLISHED

The C++ symbol demangler routine in cplus-dem.c in libiberty, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted file, as demonstrated by a call from the Binary File Descriptor (BFD) library (aka libbfd).

EPSS 0.24% · 47.0th percentile

Risk Scores

EPSS Score
0.24%
47.0th percentile

Affected Products

VendorProductVersions
Ubuntu:24.04:LTSbinutils2.41.50.20231206-1ubuntu1, 0, 2.41-6ubuntu1
Ubuntu:22.04:LTSlibiberty20211102-1, 0, 20210106-1build1
Ubuntu:25.10libiberty0, 20250315-1
Ubuntu:18.04:LTSlibiberty20170913-1ubuntu0.1, 0, 20170913-1
Ubuntu:Pro:14.04:LTSbinutils2.24-5ubuntu14.2+esm6, 0, 2.23.52.20130913-0ubuntu1
Ubuntu:Pro:20.04:LTSbinutils2.34-6ubuntu1.5, 2.34-6ubuntu1.1, 2.34-4ubuntu1
Ubuntu:22.04:LTSbinutils2.38-4ubuntu2.10, 2.38-4ubuntu2.8, 2.38-4ubuntu2.7
Ubuntu:Pro:16.04:LTSbinutils2.26.1-1ubuntu1~16.04.7, 2.26.1-1ubuntu1~16.04.8, 2.26.1-1ubuntu1~16.04.8+esm1
Ubuntu:20.04:LTSlibiberty0, 20190907-1, 20200409-1
Ubuntu:25.10binutils2.44.50.20250616-0ubuntu1, 2.44.50.20250602-0ubuntu1, 2.44-3ubuntu1
Ubuntu:16.04:LTSlibiberty20141014-1, 20160215-1ubuntu0.2, 20160215-1ubuntu0.3
Ubuntu:24.04:LTSlibiberty20240117-1, 20230721-1, 0
Ubuntu:Pro:18.04:LTSbinutils2.30-14ubuntu2, 2.30-11ubuntu1, 2.30-10ubuntu1

Exploit Intelligence

Timeline

  • Aug 28, 2017 CVE Published
  • Apr 14, 2021 EPSS Score
  • Jun 23, 2021 EPSS Score
  • Aug 24, 2021 EPSS Score
  • Oct 26, 2021 EPSS Score
  • Dec 27, 2021 EPSS Score
  • Feb 28, 2022 EPSS Score
  • May 2, 2022 EPSS Score
  • May 13, 2022 CVE Updated
  • Jul 3, 2022 EPSS Score
  • Sep 5, 2022 EPSS Score
  • Nov 6, 2022 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›