vulnerability
CentOS Linux: CVE-2018-20673: Low: gcc security and bug fix update (CESA-2021:4386)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:N/C:N/I:N/A:P) | Jan 4, 2019 | Nov 10, 2021 | Jun 15, 2023 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:N/A:P)
Published
Jan 4, 2019
Added
Nov 10, 2021
Modified
Jun 15, 2023
Description
The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, contains an integer overflow vulnerability (for "Create an array for saving the template argument values") that can trigger a heap-based buffer overflow, as demonstrated by nm.
Solutions
centos-upgrade-cppcentos-upgrade-cpp-debuginfocentos-upgrade-gcccentos-upgrade-gcc-ccentos-upgrade-gcc-c-debuginfocentos-upgrade-gcc-debuginfocentos-upgrade-gcc-debugsourcecentos-upgrade-gcc-gdb-plugincentos-upgrade-gcc-gdb-plugin-debuginfocentos-upgrade-gcc-gfortrancentos-upgrade-gcc-gfortran-debuginfocentos-upgrade-gcc-plugin-devel-debuginfocentos-upgrade-libasancentos-upgrade-libasan-debuginfocentos-upgrade-libatomiccentos-upgrade-libatomic-debuginfocentos-upgrade-libatomic-staticcentos-upgrade-libgcccentos-upgrade-libgcc-debuginfocentos-upgrade-libgfortrancentos-upgrade-libgfortran-debuginfocentos-upgrade-libgompcentos-upgrade-libgomp-debuginfocentos-upgrade-libitmcentos-upgrade-libitm-debuginfocentos-upgrade-libitm-develcentos-upgrade-libstdccentos-upgrade-libstdc-debuginfocentos-upgrade-libstdc-develcentos-upgrade-libstdc-docscentos-upgrade-libubsancentos-upgrade-libubsan-debuginfo
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.