A heap-based buffer over-read exists in the function dexpression1 in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.1. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by c++filt.
{ "binaries": [ { "binary_version": "20160215-1ubuntu0.3", "binary_name": "libiberty-dev" } ] }