{ "threat_severity" : "Moderate", "public_date" : "2018-12-27T00:00:00Z", "bugzilla" : { "description" : "libiberty: Integer overflow in demangle_template() function", "id" : "1664709", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1664709" }, "cvss3" : { "cvss3_base_score" : "5.3", "cvss3_scoring_vector" : "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "status" : "verified" }, "cwe" : "CWE-190", "details" : [ "The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, contains an integer overflow vulnerability (for \"Create an array for saving the template argument values\") that can trigger a heap-based buffer overflow, as demonstrated by nm." ], "statement" : "This issue did not affect the versions of gdb as shipped with Red Hat Enterprise Linux 7 and with Red Hat Developer Toolset 7 and 8 as they are compiled only for 64bit architectures, where the flaw is not present.\nThis vulnerability has been rated as Low severity for Red Hat Enterprise Linux 8, as the circumstances to exploit are particularly unlikely. A crafted binary file must be passed to one of the affected tools, in a 32-bit environment, and in a scenario where the corrupted file comes from an untrusted source. In 64 bit environments, exploitation is not possible.", "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2021-11-09T00:00:00Z", "advisory" : "RHSA-2021:4386", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "gcc-0:8.5.0-3.el8", "impact" : "low" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2021-11-09T00:00:00Z", "advisory" : "RHSA-2021:4386", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "gcc-0:8.5.0-3.el8", "impact" : "low" } ], "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 5", "fix_state" : "Will not fix", "package_name" : "binutils", "cpe" : "cpe:/o:redhat:enterprise_linux:5" }, { "product_name" : "Red Hat Enterprise Linux 5", "fix_state" : "Will not fix", "package_name" : "gcc", "cpe" : "cpe:/o:redhat:enterprise_linux:5" }, { "product_name" : "Red Hat Enterprise Linux 5", "fix_state" : "Will not fix", "package_name" : "gdb", "cpe" : "cpe:/o:redhat:enterprise_linux:5" }, { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Will not fix", "package_name" : "binutils", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Will not fix", "package_name" : "gcc", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Will not fix", "package_name" : "gdb", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Will not fix", "package_name" : "binutils", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Will not fix", "package_name" : "gcc", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Not affected", "package_name" : "gdb", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Will not fix", "package_name" : "binutils", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "impact" : "low" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "gdb", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Will not fix", "package_name" : "mingw-binutils", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "impact" : "low" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2018-20673\nhttps://nvd.nist.gov/vuln/detail/CVE-2018-20673" ], "name" : "CVE-2018-20673", "csaw" : false }