CVE-2021-3826
MEDIUMGCC - Heap/Stack Buffer Overflow in dlang_lname Function
Title source: llmDescription
Heap/stack buffer overflow in the dlang_lname function in d-demangle.c in libiberty allows attackers to potentially cause a denial of service (segmentation fault and crash) via a crafted mangled symbol.
References (7)
Core 7
Core References
Mailing List, Third Party Advisory vendor-advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AXFC74WRZ2Q7F2TSUKPYNIL7ZPBWYI6L/
Mailing List, Third Party Advisory vendor-advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4MYLS3VR4OPL5ECRWOR4ZHMGXUSCJFZY/
Mailing List, Third Party Advisory vendor-advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6AKZ2DTS3ATVN5PANNVLKLE5OP4OF25Q/
Mailing List, Third Party Advisory vendor-advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H424YXGW7OKXS2NCAP35OP6Y4P4AW6VG/
Mailing List, Third Party Advisory vendor-advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7MTEHT3G6YKJ7F7MSGWYSI4UM3XBAYXZ/
Broken Link
https://gcc.gnu.org/git/?p=gcc.git%3Ba=commit%3Bh=5481040197402be6dfee265bd2ff5a4c88e30505
Mailing List, Patch, Vendor Advisory
https://gcc.gnu.org/pipermail/gcc-patches/2021-September/579987
Scores
CVSS v3
6.5
EPSS
0.0056
EPSS Percentile
68.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Details
CWE
CWE-119
CWE-787
Status
published
Products (4)
fedoraproject/fedora
35
fedoraproject/fedora
36
fedoraproject/fedora
37
gnu/gcc
11.2
Published
Sep 01, 2022
Tracked Since
Feb 18, 2026