First published: Sun Sep 30 2018(Updated: )
An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in work_stuff_copy_to_from when called from iterate_demangle_function.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
GNU Binutils | =2.31 | |
debian/binutils | 2.35.2-2 2.40-2 2.43.50.20241215-1 2.43.50.20241221-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-17794 is a vulnerability discovered in GNU libiberty, as distributed in GNU Binutils 2.31. It is a NULL pointer dereference issue in work_stuff_copy_to_from when called from iterate_demangle_function.
CVE-2018-17794 affects the following software: Ubuntu binutils 2.30-21ubuntu1~18.04.3, Ubuntu binutils 2.26.1-1ubuntu1~16.04.8+, Ubuntu libiberty 20170913-1ubuntu0.1, Ubuntu libiberty 20190122-1, Ubuntu libiberty 20160215-1ubuntu0.3, and Debian binutils 2.31.1-16.
The severity of CVE-2018-17794 is not specified.
To fix CVE-2018-17794, you should update the affected software to the recommended versions: Ubuntu binutils 2.30-21ubuntu1~18.04.3, Ubuntu binutils 2.26.1-1ubuntu1~16.04.8+, Ubuntu libiberty 20170913-1ubuntu0.1, Ubuntu libiberty 20190122-1, Ubuntu libiberty 20160215-1ubuntu0.3, and Debian binutils 2.31.1-16.
You can find more information about CVE-2018-17794 in the following references: [GCC Bugzilla](https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87350), [Ubuntu USN-4326-1](https://usn.ubuntu.com/4326-1/), [Ubuntu USN-4336-1](https://usn.ubuntu.com/4336-1/).