Stack Consumption Vulnerability in GNU GCC 11.2
CVE-2022-27943

5.5MEDIUM

Key Information:

Vendor: Gnu
Status: Gcc
Vendor: CVE Published:; 26 March 2022

Summary

A vulnerability in the libiberty/rust-demangle.c component of GNU GCC 11.2 allows for potential stack consumption in the demangle_const function. This issue can manifest during the demangling of certain inputs, leading to resource exhaustion that affects the stability of the software environment. Users are advised to review the provided advisories and implement necessary updates to mitigate any risks associated with this vulnerability.

References

https://sourceware.org/bugzilla/show_bug.cgi?id=28995

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105039

https://lists.fedoraproject.org/archives/list/package-ann...

vendor-advisory

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Mar 26, 2022
Vulnerability Reserved
Mar 26, 2022