VDB
DEBIAN-CVE-2018-20712
DEBIAN-CVE-2018-20712
PUBLISHED
CVSS 6.5 MEDIUM
A heap-based buffer over-read exists in the function d_expression_1 in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.1. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by c++filt.
Risk Scores
CVSS v3.0
6.5
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:12 | binutils | 2.46-1, 2.42-3, 2.43.1-2 |
| Debian:11 | binutils | 2.45.50.20260119-1, 2.45.50.20260116-1, 2.45.50.20260119-1 |
| Debian:13 | binutils | 0, 2.45-6, 2.45-6 |
| Debian:14 | binutils | 2.45.50.20251005-1, 2.44.50.20250218-2, 2.44.50.20250707-1 |
Timeline
- Jan 15, 2019 CVE Published
- Apr 28, 2026 CVE Updated