PatchSiren

PatchSiren cyber security CVE debrief

CVE-2016-4491 Gnu CVE debrief

CVE-2016-4491 is a denial-of-service issue in GNU libiberty's C++ demangling code. The vulnerable d_print_comp function in cp-demangle.c can recurse indefinitely and overflow a buffer when given a crafted binary, leading to a segmentation fault and crash. NVD classifies the issue as medium severity and maps it to CWE-119. The CVE was published on 2017-02-24, while the referenced patch discussion and issue tracking entries date to May 2016.

Vendor
Gnu
Product
Libiberty
CVSS
MEDIUM 5.5
CISA KEV
Not listed in stored evidence
Original CVE published
2017-02-24
Original CVE updated
2026-05-13
Advisory published
2017-02-24
Advisory updated
2026-05-13

Who should care

Teams that ship or embed GNU libiberty, libiberty-based tooling, or demangling functionality should review this CVE. That includes maintainers of build systems, analysis tools, and any software that processes untrusted binaries and may invoke cp-demangle or related symbol handling paths.

Technical summary

According to the CVE record, the issue is in d_print_comp in cp-demangle.c within libiberty. A crafted binary can cause a node to have itself as an ancestor more than once, which triggers infinite recursion and a buffer overflow. The observable impact is a crash/segmentation fault and denial of service. NVD's CVSS vector is CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H, and the weakness is classified as CWE-119.

Defensive priority

Medium. This is a denial-of-service vulnerability rather than a data exposure or code execution issue in the supplied record, but it can still disrupt tooling that handles untrusted binaries. Prioritize if libiberty-backed components are exposed to attacker-controlled inputs or are part of build, parsing, or analysis pipelines.

Recommended defensive actions

  • Identify whether your software ships, links against, or vendors GNU libiberty components, especially cp-demangle.c / d_print_comp paths.
  • Apply the upstream fix or vendor patch referenced in the GNU patch discussion and oss-security thread.
  • Limit or sandbox processing of untrusted binaries in workflows that invoke symbol demangling or related parsing code.
  • Monitor for repeated crashes in demangling or binary-analysis tooling and treat them as a potential sign of this issue.
  • Track downstream packages that may embed libiberty rather than relying only on a system-provided copy.

Evidence notes

Supported facts come from the NVD CVE record and its referenced GNU and OSS-security links. The CVE description states the crash is triggered by crafted binary input and is related to infinite recursion and a buffer overflow in d_print_comp. NVD lists the affected CPE as cpe:2.3:a:gnu:libiberty:*:*:*:*:*:*:*:* and classifies the weakness as CWE-119. The cited references include the oss-security post, GCC bug 70909, and the GCC patch thread from May 2016.

Official resources

CVE-2016-4491 was published by the CVE Program and NVD on 2017-02-24. The source references in the record point to May 2016 discussion and patch material, but those are reference dates, not the CVE publication date.