Описание
GCC v12.0 was discovered to contain an uncontrolled recursion via the component libiberty/rust-demangle.c. This vulnerability allows attackers to cause a Denial of Service (DoS) by consuming excessive CPU and memory resources.
A flaw was discovered in the GNU libiberty library within the demangle_path() function in rust-demangle.c, as distributed in the GNU Compiler Collection (GCC). This flaw allows a crafted symbol to cause stack memory to be exhausted, leading to a crash.
Отчет
This flaw has been rated as having a security impact of Low. The problem is only triggered when deliberately corrupt input is passed to a tool that attempts to demangle symbol names. Normal users should never encounter this problem.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | compat-gcc-295 | Out of support scope | ||
| Red Hat Enterprise Linux 6 | compat-gcc-296 | Out of support scope | ||
| Red Hat Enterprise Linux 6 | compat-gcc-32 | Out of support scope | ||
| Red Hat Enterprise Linux 6 | compat-gcc-34 | Out of support scope | ||
| Red Hat Enterprise Linux 6 | gcc | Out of support scope | ||
| Red Hat Enterprise Linux 7 | compat-gcc-32 | Out of support scope | ||
| Red Hat Enterprise Linux 7 | compat-gcc-34 | Out of support scope | ||
| Red Hat Enterprise Linux 7 | compat-gcc-44 | Out of support scope | ||
| Red Hat Enterprise Linux 7 | gcc | Out of support scope | ||
| Red Hat Enterprise Linux 8 | gcc | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
3.3 Low
CVSS3
Связанные уязвимости
GCC v12.0 was discovered to contain an uncontrolled recursion via the component libiberty/rust-demangle.c. This vulnerability allows attackers to cause a Denial of Service (DoS) by consuming excessive CPU and memory resources.
GCC v12.0 was discovered to contain an uncontrolled recursion via the component libiberty/rust-demangle.c. This vulnerability allows attackers to cause a Denial of Service (DoS) by consuming excessive CPU and memory resources.
GCC v12.0 was discovered to contain an uncontrolled recursion via the ...
GCC v12.0 was discovered to contain an uncontrolled recursion via the component libiberty/rust-demangle.c. This vulnerability allows attackers to cause a Denial of Service (DoS) by consuming excessive CPU and memory resources.
ELSA-2022-8415: mingw-gcc security and bug fix update (LOW)
EPSS
3.3 Low
CVSS3