mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-28 01:04:30 +00:00
1.3 KiB
1.3 KiB
CVE-2018-18700
Description
An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions d_name(), d_encoding(), and d_local_name() in cp-demangle.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via an ELF file, as demonstrated by nm.
POC
Reference
- https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87681
- https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87681
Github
- https://github.com/ICSE2020-MemLock/MemLock_Benchmark
- https://github.com/SZU-SE/MemLock_Benchmark
- https://github.com/SZU-SE/Stack-overflow-Fuzzer-TestSuite
- https://github.com/fokypoky/places-list
- https://github.com/fuzz-evaluator/MemLock-Fuzz-eval
- https://github.com/tzf-key/MemLock_Benchmark
- https://github.com/tzf-omkey/MemLock_Benchmark
- https://github.com/wcventure/MemLock-Fuzz
- https://github.com/wcventure/MemLock_Benchmark