Upstream information

CVE-2016-6131 at MITRE

Description

The demangler in GNU Libiberty allows remote attackers to cause a denial of service (infinite loop, stack overflow, and crash) via a cycle in the references of remembered mangled types.

SUSE information

Overall state of this security issue: Pending

This issue is currently rated as having low severity.

CVSS v2 Scores
  National Vulnerability Database SUSE
Base Score 5 1.9
Vector AV:N/AC:L/Au:N/C:N/I:N/A:P AV:L/AC:M/Au:N/C:N/I:N/A:P
Access Vector Network Local
Access Complexity Low Medium
Authentication None None
Confidentiality Impact None None
Integrity Impact None None
Availability Impact Partial Partial
CVSS v3 Scores
  National Vulnerability Database
Base Score 7.5
Vector CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Access Vector Network
Access Complexity Low
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality Impact None
Integrity Impact None
Availability Impact High
CVSSv3 Version 3
SUSE Bugzilla entries: 1075785 [VERIFIED / FIXED], 987552 [RESOLVED / MOVED], 987631 [NEW], 987633 [NEW], 987635 [NEW], 987637 [NEW], 987644 [NEW]

No SUSE Security Announcements cross referenced.


Status of this issue by product and package

Please note that this evaluation state might be work in progress, incomplete or outdated. Also information for service packs in the LTSS phase is only included for issues meeting the LTSS criteria. If in doubt, feel free to contact us for clarification.

Product(s) Source package State
SLES_LTSS-10-SP4 binutils Affected
SLES_LTSS-10-SP4 crash Affected
SLES_LTSS-10-SP4 gcc33 Affected
SLES_LTSS-10-SP4 gdb Affected
SUSE Linux Enterprise 12 Module for Legacy gcc33 Affected
SUSE Linux Enterprise 12 Module for Toolchain gcc5 Affected
SUSE Linux Enterprise 15 Module for Basesystem binutils Analysis
SUSE Linux Enterprise 15 Module for Development Tools binutils Analysis
SUSE Linux Enterprise 15-SP1 Module for Basesystem binutils Analysis
SUSE Linux Enterprise 15-SP1 Module for Development Tools binutils Analysis
SUSE Linux Enterprise Desktop 12 binutils Affected
SUSE Linux Enterprise Desktop 12 gcc33 Affected
SUSE Linux Enterprise Desktop 12 gcc48 Affected
SUSE Linux Enterprise Desktop 12 gcc5 Affected
SUSE Linux Enterprise Desktop 12 gdb Released
SUSE Linux Enterprise Desktop 12 SP1 binutils Affected
SUSE Linux Enterprise Desktop 12 SP1 gcc33 Affected
SUSE Linux Enterprise Desktop 12 SP1 gcc48 Affected
SUSE Linux Enterprise Desktop 12 SP1 gcc5 Affected
SUSE Linux Enterprise Desktop 12 SP1 gdb Released
SUSE Linux Enterprise Desktop 12 SP2 gdb Released
SUSE Linux Enterprise Desktop 12 SP4 binutils Analysis
SUSE Linux Enterprise High Performance Computing 12 SP4 binutils Analysis
SUSE Linux Enterprise High Performance Computing 12 SP5 binutils Analysis
SUSE Linux Enterprise Real Time 12 SP4 crash Affected
SUSE Linux Enterprise Real Time 12 SP5 crash Affected
SUSE Linux Enterprise Real Time Extension 12 SP1 crash Affected
SUSE Linux Enterprise Server 11 SP1 binutils Affected
SUSE Linux Enterprise Server 11 SP1 crash Affected
SUSE Linux Enterprise Server 11 SP1 gcc33 Affected
SUSE Linux Enterprise Server 11 SP1 gcc43 Affected
SUSE Linux Enterprise Server 11 SP1 gcc48 Affected
SUSE Linux Enterprise Server 11 SP1 gdb Affected
SUSE Linux Enterprise Server 11 SP2 LTSS binutils Affected
SUSE Linux Enterprise Server 11 SP2 LTSS crash Affected
SUSE Linux Enterprise Server 11 SP2 LTSS gcc33 Affected
SUSE Linux Enterprise Server 11 SP2 LTSS gcc43 Affected
SUSE Linux Enterprise Server 11 SP2 LTSS gcc46 Affected
SUSE Linux Enterprise Server 11 SP2 LTSS gdb Affected
SUSE Linux Enterprise Server 11 SP3 binutils Affected
SUSE Linux Enterprise Server 11 SP3 crash Affected
SUSE Linux Enterprise Server 11 SP3 gcc33 Affected
SUSE Linux Enterprise Server 11 SP3 gcc43 Affected
SUSE Linux Enterprise Server 11 SP3 gcc48 Affected
SUSE Linux Enterprise Server 11 SP3 gdb Affected
SUSE Linux Enterprise Server 11 SP3 LTSS binutils Affected
SUSE Linux Enterprise Server 11 SP3 LTSS crash Affected
SUSE Linux Enterprise Server 11 SP3 LTSS gcc33 Affected
SUSE Linux Enterprise Server 11 SP3 LTSS gcc43 Affected
SUSE Linux Enterprise Server 11 SP3 LTSS gcc47 Affected
SUSE Linux Enterprise Server 11 SP3 LTSS gdb Affected
SUSE Linux Enterprise Server 11 SP4 binutils Affected
SUSE Linux Enterprise Server 11 SP4 crash Affected
SUSE Linux Enterprise Server 11 SP4 gcc33 Affected
SUSE Linux Enterprise Server 11 SP4 gcc43 Affected
SUSE Linux Enterprise Server 11 SP4 gcc48 Affected
SUSE Linux Enterprise Server 11 SP4 gcc5 Affected
SUSE Linux Enterprise Server 11 SP4 gdb Affected
SUSE Linux Enterprise Server 11 SP4 LTSS binutils Analysis
SUSE Linux Enterprise Server 12 binutils Affected
SUSE Linux Enterprise Server 12 crash Affected
SUSE Linux Enterprise Server 12 gcc48 Affected
SUSE Linux Enterprise Server 12 gcc5 Affected
SUSE Linux Enterprise Server 12 gdb Released
SUSE Linux Enterprise Server 12 LTSS gdb Released
SUSE Linux Enterprise Server 12 SP1 binutils Affected
SUSE Linux Enterprise Server 12 SP1 crash Affected
SUSE Linux Enterprise Server 12 SP1 gcc48 Affected
SUSE Linux Enterprise Server 12 SP1 gcc5 Affected
SUSE Linux Enterprise Server 12 SP1 gdb Released
SUSE Linux Enterprise Server 12 SP1 LTSS binutils Analysis
SUSE Linux Enterprise Server 12 SP2 gdb Released
SUSE Linux Enterprise Server 12 SP2 LTSS binutils Analysis
SUSE Linux Enterprise Server 12 SP3 LTSS binutils Analysis
SUSE Linux Enterprise Server 12 SP4 binutils Analysis
SUSE Linux Enterprise Server 12 SP5 binutils Analysis
SUSE Linux Enterprise Server for SAP Applications 12 gcc33 Affected
SUSE Linux Enterprise Server for SAP Applications 12 SP1 gcc33 Affected
SUSE Linux Enterprise Server for SAP Applications 12 SP2 binutils Analysis
SUSE Linux Enterprise Server for SAP Applications 12 SP3 binutils Affected
SUSE Linux Enterprise Server for SAP Applications 12 SP3 crash Affected
SUSE Linux Enterprise Server for SAP Applications 12 SP3 gcc48 Affected
SUSE Linux Enterprise Server for SAP Applications 12 SP3 gcc5 Affected
SUSE Linux Enterprise Server for SAP Applications 12 SP3 gdb Affected
SUSE Linux Enterprise Server for SAP Applications 12 SP4 binutils Analysis
SUSE Linux Enterprise Server for SAP Applications 12 SP5 binutils Analysis
SUSE Linux Enterprise Software Bootstrap Kit 12 gcc5 Affected
SUSE Linux Enterprise Software Development Kit 11 SP4 binutils Affected
SUSE Linux Enterprise Software Development Kit 11 SP4 crash Affected
SUSE Linux Enterprise Software Development Kit 11 SP4 gcc33 Affected
SUSE Linux Enterprise Software Development Kit 11 SP4 gcc43 Affected
SUSE Linux Enterprise Software Development Kit 11 SP4 gcc48 Affected
SUSE Linux Enterprise Software Development Kit 11 SP4 gcc5 Affected
SUSE Linux Enterprise Software Development Kit 11 SP4 gdb Affected
SUSE Linux Enterprise Software Development Kit 12 binutils Affected
SUSE Linux Enterprise Software Development Kit 12 crash Affected
SUSE Linux Enterprise Software Development Kit 12 gcc33 Affected
SUSE Linux Enterprise Software Development Kit 12 gcc48 Affected
SUSE Linux Enterprise Software Development Kit 12 gdb Released
SUSE Linux Enterprise Software Development Kit 12 SP1 binutils Affected
SUSE Linux Enterprise Software Development Kit 12 SP1 crash Affected
SUSE Linux Enterprise Software Development Kit 12 SP1 gcc33 Affected
SUSE Linux Enterprise Software Development Kit 12 SP1 gcc48 Affected
SUSE Linux Enterprise Software Development Kit 12 SP1 gcc5 Affected
SUSE Linux Enterprise Software Development Kit 12 SP1 gdb Released
SUSE Linux Enterprise Software Development Kit 12 SP4 binutils Analysis
SUSE Linux Enterprise Software Development Kit 12 SP5 binutils Analysis
SUSE Studio Onsite gcc43 Affected