CVE-2018-20712

A heap-based buffer over-read exists in the function d_expression_1 in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.1. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by c++filt.

packagechannelchannel versionpkg versionstatus
binutils-unwrapped
nixos-19.03
2019-05-20 19:26:33 UTC (cdec62)2.31.1vulnerable
2019-05-19 05:45:38 UTC (705986)2.31.1vulnerable
2019-05-18 19:20:38 UTC (cff736)2.31.1vulnerable
2019-05-18 14:40:37 UTC (51cc0e)2.31.1vulnerable
2019-05-18 12:10:29 UTC (c86f09)2.31.1vulnerable
2019-05-16 07:25:27 UTC (c21f08)2.31.1vulnerable
2019-05-15 23:05:36 UTC (f5493b)2.31.1vulnerable
2019-05-14 10:50:48 UTC (7cd2e4)2.31.1vulnerable
2019-05-14 04:40:47 UTC (af657b)2.31.1vulnerable
2019-05-12 22:55:17 UTC (727e5b)2.31.1vulnerable
2019-05-12 18:15:28 UTC (c2570e)2.31.1vulnerable
2019-05-12 06:15:30 UTC (312a05)2.31.1vulnerable
2019-05-10 05:55:42 UTC (7bb74e)2.31.1vulnerable
2019-05-09 23:45:28 UTC (2ec36d)2.31.1vulnerable
2019-05-09 11:30:25 UTC (096e2f)2.31.1vulnerable
2019-05-08 07:05:44 UTC (aade6d)2.31.1vulnerable
2019-05-08 03:25:43 UTC (a04ef7)2.31.1vulnerable
2019-05-07 18:25:28 UTC (3e7300)2.31.1vulnerable
2019-05-07 12:25:52 UTC (2dcbd4)2.31.1vulnerable
2019-05-07 03:45:44 UTC (2df17e)2.31.1vulnerable
2019-05-06 22:45:43 UTC (8c6c85)2.31.1vulnerable
2019-05-06 19:05:39 UTC (6ec097)2.31.1vulnerable
2019-05-05 20:50:42 UTC (a177da)2.31.1vulnerable
2019-05-05 11:55:39 UTC (6e29f2)2.31.1vulnerable
2019-05-05 08:25:33 UTC (04954e)2.31.1vulnerable
2019-05-02 22:00:31 UTC (915ce0)2.31.1vulnerable
2019-05-02 14:05:46 UTC (2e6afa)2.31.1vulnerable
2019-05-02 10:40:42 UTC (b2b5c1)2.31.1vulnerable
2019-05-01 17:25:26 UTC (d740b2)2.31.1vulnerable
2019-04-30 23:15:17 UTC (6d7ed9)2.31.1vulnerable
2019-04-25 16:05:41 UTC (cf3e27)2.31.1vulnerable
2019-04-24 14:30:20 UTC (2f1eac)2.31.1vulnerable
2019-04-24 10:40:27 UTC (893541)2.31.1vulnerable
2019-04-23 19:20:27 UTC (793640)2.31.1vulnerable
2019-04-22 06:20:19 UTC (330b9f)2.31.1vulnerable
2019-04-21 17:40:24 UTC (454eea)2.31.1vulnerable
2019-04-21 16:40:14 UTC (83e778)2.31.1vulnerable
2019-04-21 10:05:20 UTC (73c885)2.31.1vulnerable
2019-04-20 19:45:16 UTC (b807bc)2.31.1vulnerable
2019-04-19 19:40:31 UTC (8ea36d)2.31.1vulnerable
2019-04-17 11:30:25 UTC (7b3696)2.31.1vulnerable
2019-04-16 15:30:40 UTC (ea4979)2.31.1vulnerable
2019-04-10 15:10:50 UTC (5c52b2)2.31.1vulnerable
2019-04-10 14:15:29 UTC (63f250)2.31.1vulnerable
2019-04-10 10:35:28 UTC (f52505)2.31.1vulnerable
2019-04-10 08:25:33 UTC (0363ab)2.31.1vulnerable
2019-04-08 01:00:36 UTC (67bc63)2.31.1vulnerable
2019-04-05 01:55:19 UTC (91fa69)2.31.1vulnerable
2019-04-04 23:20:18 UTC (e18a58)2.31.1vulnerable
2019-04-04 17:35:16 UTC (ef2899)2.31.1vulnerable
2019-03-31 05:55:25 UTC (3a4ffd)2.31.1vulnerable
2019-03-25 19:05:29 UTC (23fd13)2.31.1vulnerable
2019-03-24 15:55:20 UTC (ff9c3f)2.31.1vulnerable
2019-03-24 09:05:37 UTC (fe9abc)2.31.1vulnerable
2019-03-23 20:25:30 UTC (638216)2.31.1vulnerable
2019-03-22 23:55:24 UTC (f5e7da)2.31.1vulnerable
2019-03-21 04:35:34 UTC (91cb80)2.31.1vulnerable
2019-03-20 11:55:29 UTC (3574db)2.31.1vulnerable
2019-03-19 17:15:39 UTC (f00bd2)2.31.1vulnerable
2019-03-19 13:55:38 UTC (2a7c34)2.31.1vulnerable
2019-03-19 04:40:34 UTC (e0e29a)2.31.1vulnerable
2019-03-18 08:30:37 UTC (b2b2ff)2.31.1vulnerable
2019-03-18 07:25:46 UTC (6a3a05)2.31.1vulnerable
2019-03-17 11:45:18 UTC (9aab14)2.31.1vulnerable
2019-03-16 16:45:40 UTC (aa34ca)2.31.1vulnerable
2019-03-11 16:05:16 UTC (5f3be9)2.31.1vulnerable
2019-03-11 11:05:32 UTC (aea913)2.31.1vulnerable
2019-03-11 04:15:21 UTC (508764)2.31.1vulnerable
2019-03-10 20:35:28 UTC (72ad05)2.31.1vulnerable
2019-03-10 14:30:29 UTC (360522)2.31.1vulnerable
2019-03-10 03:10:39 UTC (52565a)2.31.1vulnerable
2019-03-10 02:25:21 UTC (4610d6)2.31.1vulnerable
2019-03-08 17:55:42 UTC (584748)2.31.1vulnerable
2019-03-07 03:15:40 UTC (58e31b)2.31.1vulnerable
2019-02-26 20:35:21 UTC (07e2b5)2.31.1vulnerable
nixos-unstable
2019-05-03 17:40:38 UTC (190727)2.31.1vulnerable
2019-04-30 23:35:46 UTC (aeb464)2.31.1vulnerable
2019-04-25 16:30:32 UTC (dfd8f8)2.31.1vulnerable
2019-04-24 12:55:41 UTC (0620e0)2.31.1vulnerable
2019-04-21 22:55:37 UTC (d26027)2.31.1vulnerable
2019-04-16 15:55:38 UTC (1fc591)2.31.1vulnerable
2019-04-07 21:55:33 UTC (acbdaa)2.31.1vulnerable
2019-04-05 11:20:44 UTC (d956f2)2.31.1vulnerable
2019-03-27 00:30:32 UTC (07b42c)2.31.1vulnerable
2019-03-21 05:55:30 UTC (373488)2.31.1vulnerable
2019-03-19 00:35:43 UTC (1222e2)2.31.1vulnerable
2019-03-18 22:50:18 UTC (4c6be1)2.31.1vulnerable
2019-03-16 16:20:42 UTC (da1a2b)2.31.1vulnerable
2019-03-10 06:15:14 UTC (5d3fd3)2.31.1vulnerable
2019-03-05 07:50:31 UTC (34aa25)2.31.1vulnerable
2019-03-02 21:10:38 UTC (26d8a8)2.31.1vulnerable
2019-03-02 17:40:36 UTC (81bf89)2.31.1vulnerable
2019-02-26 19:40:35 UTC (1233c8)2.31.1vulnerable
2019-02-26 18:30:36 UTC (bd0189)2.31.1vulnerable
2019-02-23 21:15:46 UTC (19eeda)2.31.1vulnerable
2019-02-23 13:25:25 UTC (969cff)2.31.1vulnerable
2019-02-22 17:55:42 UTC (2a81ec)2.31.1vulnerable