Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 599802

Summary: sys-devel/gcc: Stack overflow due to infinite recursion in d_print_comp
Product: Gentoo Security Reporter: Thomas Deutschmann (RETIRED) <whissi>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED DUPLICATE    
Severity: normal CC: toolchain
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=70909
Whiteboard: A3 [upstream]
Package list:
Runtime testing required: ---

Description Thomas Deutschmann (RETIRED) gentoo-dev 2016-11-15 15:08:49 UTC
A vulnerability was found in gcc. A stack overflow in the libiberty demangler library causes its host applications to crash. The stack contains return addresses that are not mapped in the inferior's process address space and/or the stack pointer is pointing to a location outside the default stack region. These conditions likely indicate stack corruption, which is generally considered exploitable.


References:
https://bugzilla.redhat.com/show_bug.cgi?id=1333371
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4491
http://seclists.org/oss-sec/2016/q2/240
Comment 1 Thomas Deutschmann (RETIRED) gentoo-dev 2016-11-15 15:27:23 UTC

*** This bug has been marked as a duplicate of bug 582240 ***