https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87675

Scott Gayou <sgayou at redhat dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |sgayou at redhat dot com

--- Comment #2 from Scott Gayou <sgayou at redhat dot com> ---
As Michael said, this seems to be one of a large number of duplicates.

At least CVE-2018-18484, CVE-2018-18701, and CVE-2018-18700 seems to be a
duplicates. I can only reproduce one of them via setting a lower ulimit -s, and
the crashes all appear to be in cp-demangle.c. The call flows are similar yet
slightly different. My guess is that a recursion limit would fix all of these
hence they are the same root issue.

If upstream agrees, the duplicate CVE assignments can potentially be rejected.
Let me know if anyone else has any evidence or arguments that these are
different -- it is possible I made a mistake in the analysis.

Reply via email to