CVE-2018-12934

HIGH

GNU Binutils - Denial of Service via Excessive Memory Consumption in cplus-dem.c

Title source: llm

Description

remember_Ktype in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM). This can occur during execution of cxxfilt.

References (5)

Core 5

Core References

Exploit, Issue Tracking, Vendor Advisory x_refsource_misc

https://sourceware.org/bugzilla/show_bug.cgi?id=23059

Exploit, Issue Tracking, Vendor Advisory x_refsource_misc

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85453

Issue Tracking x_refsource_misc

https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763101

Vendor Advisory vendor-advisory x_refsource_ubuntu

https://usn.ubuntu.com/4326-1/

Vendor Advisory vendor-advisory x_refsource_ubuntu

https://usn.ubuntu.com/4336-1/

Scores

CVSS v3 7.5

EPSS 0.0070

EPSS Percentile 72.2%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-770

Status published

Products (1)

gnu/binutils 2.30

Published Jun 28, 2018

Tracked Since Feb 18, 2026