vulnerability

Rocky Linux: CVE-2018-20673: gcc (RLSA-2021-4386)

Try Surface Command
Back to search
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:N/A:P)
Published
Jan 4, 2019
Added
Mar 12, 2024
Modified
Aug 13, 2025

Description

The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, contains an integer overflow vulnerability (for "Create an array for saving the template argument values") that can trigger a heap-based buffer overflow, as demonstrated by nm.

Solutions

rocky-upgrade-cpprocky-upgrade-cpp-debuginforocky-upgrade-gccrocky-upgrade-gcc-c++rocky-upgrade-gcc-c++-debuginforocky-upgrade-gcc-debuginforocky-upgrade-gcc-debugsourcerocky-upgrade-gcc-gdb-pluginrocky-upgrade-gcc-gdb-plugin-debuginforocky-upgrade-gcc-gfortranrocky-upgrade-gcc-gfortran-debuginforocky-upgrade-gcc-offload-nvptxrocky-upgrade-gcc-offload-nvptx-debuginforocky-upgrade-gcc-plugin-develrocky-upgrade-gcc-plugin-devel-debuginforocky-upgrade-libasanrocky-upgrade-libasan-debuginforocky-upgrade-libatomicrocky-upgrade-libatomic-debuginforocky-upgrade-libatomic-staticrocky-upgrade-libgccrocky-upgrade-libgcc-debuginforocky-upgrade-libgfortranrocky-upgrade-libgfortran-debuginforocky-upgrade-libgomprocky-upgrade-libgomp-debuginforocky-upgrade-libgomp-offload-nvptxrocky-upgrade-libgomp-offload-nvptx-debuginforocky-upgrade-libitmrocky-upgrade-libitm-debuginforocky-upgrade-libitm-develrocky-upgrade-liblsanrocky-upgrade-liblsan-debuginforocky-upgrade-libquadmathrocky-upgrade-libquadmath-debuginforocky-upgrade-libquadmath-develrocky-upgrade-libstdc++rocky-upgrade-libstdc++-debuginforocky-upgrade-libstdc++-develrocky-upgrade-libstdc++-docsrocky-upgrade-libstdc++-staticrocky-upgrade-libtsanrocky-upgrade-libtsan-debuginforocky-upgrade-libubsanrocky-upgrade-libubsan-debuginfo

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today