CVE-2016-4493 Gnu CVE debrief

Who should care

Teams that ship or use GNU libiberty, especially tools or services that process untrusted binaries and rely on the cplus-dem demangler. Security owners for GCC-derived packages should also verify whether the referenced patch is included.

Technical summary

The NVD record ties the flaw to an out-of-bounds read in demangle_template_value_parm and do_hpacc_template_literal within cplus-dem.c in libiberty, with CWE-125 as the primary weakness. The supplied CVE description notes a crash caused by a crafted binary, and the NVD vector indicates a user-interaction-dependent availability issue.

Defensive priority

Medium. Prioritize if libiberty is exposed to untrusted binary inputs or if crashes in symbol demangling would have operational impact.

Recommended defensive actions

• Apply the vendor patch referenced in the supplied gcc-patches and Openwall advisory links, or upgrade to a package version that already includes it.
• Inventory software that embeds or depends on GNU libiberty and identify any paths that parse untrusted binaries.
• Restrict untrusted input to demangling or binary-inspection components until the patched build is deployed.
• Treat crashes in cplus-dem parsing as security-relevant and monitor for unexpected failures or core dumps.
• Verify downstream packages and distributions that bundle libiberty have incorporated the fix.

Evidence notes

The supplied NVD record states that CVE-2016-4493 affects cpe:2.3:a:gnu:libiberty:* and assigns CVSS 3.0 vector AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H with CWE-125. The CVE description explicitly mentions an out-of-bounds read and crash in demangle_template_value_parm and do_hpacc_template_literal in cplus-dem.c. Supporting references in the corpus include an Openwall mailing-list advisory/patch thread, GCC Bugzilla issue 70926, and a gcc-patches post.

Official resources