Description
An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions d_name(), d_encoding(), and d_local_name() in cp-demangle.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via an ELF file, as demonstrated by nm.
Published: 2018-10-27
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

No analysis available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2018-10416 An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions d_name(), d_encoding(), and d_local_name() in cp-demangle.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via an ELF file, as demonstrated by nm.
Ubuntu USN Ubuntu USN USN-4326-1 libiberty vulnerabilities
Ubuntu USN Ubuntu USN USN-4336-1 GNU binutils vulnerabilities
Ubuntu USN Ubuntu USN USN-4336-2 GNU binutils vulnerabilities
History

Sun, 13 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.00871}

 epss

{'score': 0.00777}

Subscriptions

Gnu Binutils
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-08-05T11:16:00.418Z

Reserved: 2018-10-27T00:00:00.000Z

Link: CVE-2018-18700

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2018-10-29T12:29:04.710

Modified: 2024-11-21T03:56:23.843

Link: CVE-2018-18700

cve-icon Redhat

Severity : Low

Publid Date: 2018-10-22T00:00:00Z

Links: CVE-2018-18700 - Bugzilla

cve-icon OpenCVE Enrichment

No data.

Weaknesses