978818 – (CVE-2016-4492) VUL-1: CVE-2016-4492: gcc: Write access violations

Bug 978818 (CVE-2016-4492) - VUL-1: CVE-2016-4492: gcc: Write access violations

Summary: VUL-1: CVE-2016-4492: gcc: Write access violations

Status:	RESOLVED FIXED

Alias:	CVE-2016-4492

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P4 - Low Severity: Minor
Target Milestone:	---
Assignee:	Michael Matz
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/168631/
Whiteboard:	CVSSv2:SUSE:CVE-2016-4492:2.6:(AV:N/...
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2016-05-06 10:14 UTC by Alexander Bergmann
Modified:	2023-02-08 16:51 UTC (History)
CC List:	2 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Alexander Bergmann 2016-05-06 10:14:57 UTC

rh#1333377 / CVE-2016-4492

A vulnerability was found in gcc. A write access violation on destination operand in the libiberty demangler causes its host applications to crash.

External references:

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=70926

Proposed patch:

https://gcc.gnu.org/ml/gcc-patches/2016-05/msg00223.html

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1333377
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4492
http://seclists.org/oss-sec/2016/q2/240

Comment 1 Swamp Workflow Management 2016-05-06 22:01:21 UTC

bugbot adjusting priority

Comment 2 Sebastian Krahmer 2016-05-09 12:22:56 UTC

Bug in name demangling -> VUL-1

Comment 3 Michael Matz 2023-02-08 16:51:16 UTC

Fixed since a long time.  (when libiberty, and hence binutils was affected: by version updates to binutils for sle-12 and sle-15 and sle-11 wontfix)