A heap-based buffer over-read exists in the function dexpression1 in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.1. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by c++filt.
{ "ubuntu_priority": "low" }
{ "ubuntu_priority": "low", "binaries": [ { "binary_name": "libiberty-dev", "binary_version": "20170913-1ubuntu0.1" } ], "availability": "No subscription required" }
{ "ubuntu_priority": "low", "binaries": [ { "binary_name": "libiberty-dev", "binary_version": "20200409-1" } ], "availability": "No subscription required" }