A flaw was discovered in GNU libiberty within demangle_path() in rust-demangle.c, as distributed in GNU Binutils version 2.36. A crafted symbol can cause stack memory to be exhausted leading to a crash.
Weakness
The product does not properly control the amount of recursion that takes place, consuming excessive resources, such as allocated memory or the program stack.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Binutils | Gnu | 2.36 (including) | 2.36 (including) |
| Binutils | Ubuntu | hirsute | * |
| Binutils | Ubuntu | impish | * |
| Binutils | Ubuntu | precise/esm | * |
| Binutils | Ubuntu | trusty | * |
| Binutils | Ubuntu | xenial | * |
| Gdb | Ubuntu | bionic | * |
| Gdb | Ubuntu | jammy | * |
| Gdb | Ubuntu | trusty | * |
| Gdb | Ubuntu | xenial | * |
| Libiberty | Ubuntu | hirsute | * |
| Libiberty | Ubuntu | impish | * |
| Libiberty | Ubuntu | jammy | * |
| Libiberty | Ubuntu | trusty | * |
| Libiberty | Ubuntu | xenial | * |
Potential Mitigations
Related Attack Patterns
References
- https://bugzilla.redhat.com/show_bug.cgi?id=1956423
- https://security.gentoo.org/glsa/202208-30
- https://security.netapp.com/advisory/ntap-20210716-0006/
- https://src.fedoraproject.org/rpms/binutils/blob/rawhide/f/binutils-CVE-2021-3530.patch
- https://bugzilla.redhat.com/show_bug.cgi?id=1956423
- https://security.gentoo.org/glsa/202208-30
- https://security.netapp.com/advisory/ntap-20210716-0006/
- https://src.fedoraproject.org/rpms/binutils/blob/rawhide/f/binutils-CVE-2021-3530.patch