CVE-2018-9996 in Ubuntu

CVE-2018-9996

Priority

Description

An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in
GNU Binutils 2.30. Stack Exhaustion occurs in the C++ demangling functions
provided by libiberty, and there are recursive stack frames:
demangle_template_value_parm, demangle_integral_value, and
demangle_expression.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9996

Bugs

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85304

Notes

sbeattie

unfixed upstream as of 2019-06-06

Package

Source: binutils (LP Ubuntu Debian)

Upstream:	needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):	deferred (2019-06-06)
Ubuntu 14.04 ESM (Trusty Tahr):	deferred (2019-06-06)
Ubuntu 16.04 LTS (Xenial Xerus):	deferred (2019-06-06)
Ubuntu 18.04 LTS (Bionic Beaver):	deferred (2019-06-06)
Ubuntu 19.04 (Disco Dingo):	deferred (2019-06-06)
Ubuntu 19.10 (Eoan Ermine):	deferred (2019-06-06)
Ubuntu 20.04 (Focal Fossa):	deferred (2019-06-06)

More Information

Updated: 2019-12-05 19:58:04 UTC (commit 0aa5e7c87c8b55d2ec5c7f4ca1179cf75de91961)