Wind River Support Network

HomeDefectsLIN8-10368
Not to be fixed

LIN8-10368 : Security Advisory - binutils - CVE-2018-20673

Created: Jan 14, 2019    Updated: Jan 10, 2021
Resolved Date: Jan 10, 2021
Found In Version: 8.0.0.28
Severity: Standard
Applicable for: Wind River Linux 8
Component/s: Userspace

Description

The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, contains an integer overflow vulnerability (for Create an array for saving the template argument values) that can trigger a heap-based buffer overflow, as demonstrated by nm.

https://nvd.nist.gov/vuln/detail/CVE-2018-20673

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube