First published: Fri Mar 30 2018(Updated: )
An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.29 and 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_nested_args, demangle_args, do_arg, and do_type.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
GNU Binutils | =2.29 | |
GNU Binutils | =2.30 | |
debian/binutils | 2.35.2-2 2.40-2 2.43.50.20241215-1 2.43.50.20241221-1 |
https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=af03af8f55f2536b6e20928e6b1fa0324a5f3d6e
https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=69799d67e8872dcd3feee81ed2ff0fc47beb52d7
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-9138 is a vulnerability in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.29 and 2.30.
CVE-2018-9138 is a high severity vulnerability.
CVE-2018-9138 allows for stack exhaustion in the C++ demangling functions provided by libiberty, leading to recursive stack frames.
The affected software includes GNU Binutils versions 2.29 and 2.30.
To fix CVE-2018-9138, update to the recommended versions of binutils and libiberty as provided by the official sources.