CVE-2018-20657
Description
The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, has a memory leak via a crafted string, leading to a denial of service (memory consumption), as demonstrated by cxxfilt, a related issue to CVE-2018-12698.
- CVSS Version 3.0
- CVSS Version 2.0
nvd
CVE ID: CVE-2018-20657
Base Score: 7.5
Base Severity: HIGH
Vector String:CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd
CVE ID: CVE-2018-20657
Base Score: 5.0
Base Severity: MEDIUM
Vector String:AV:N/AC:L/Au:N/C:N/I:N/A:P
Refrence: NVD