DEBIAN-CVE-2017-13716

DEBIAN-CVE-2017-13716 PUBLISHED CVSS 5.5 MEDIUM

The C++ symbol demangler routine in cplus-dem.c in libiberty, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted file, as demonstrated by a call from the Binary File Descriptor (BFD) library (aka libbfd).

Risk Scores

CVSS v3.0

5.5

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Affected Products

Vendor	Product	Versions
Debian:13	binutils	2.45.50.20251201-1, 2.45.50.20251209-1, 2.45.50.20260116-1
Debian:11	binutils	2.40.50.20230501-1, 2.44-1, 2.44-2
Debian:12	binutils	2.40.50.20230625-1, 2.40.50.20230111-1, 2.40.50.20230501-1
Debian:14	binutils	0, 2.44.50.20250207-1, 2.44.50.20250218-1
Debian	binutils

Timeline

Aug 28, 2017 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2017-13716 advisory

Open in Interactive Console →