CVE-2021-3530
7.5 HIGHA flaw was discovered in GNU libiberty within demangle_path() in rust-demangle.c, as distributed in GNU Binutils version 2.36
Published: 2021-06-02 · Last updated: 2026-06-17
Severity and scoring
- CVSS
- 7.5 HIGH
- Vector
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- CWE
- CWE-674
Affected products
| Vendor | Product |
|---|---|
| gnu | binutils, ontap_select_deploy_administration_utility |
| netapp | binutils, ontap_select_deploy_administration_utility |
Description
A flaw was discovered in GNU libiberty within demangle_path() in rust-demangle.c, as distributed in GNU Binutils version 2.36. A crafted symbol can cause stack memory to be exhausted leading to a crash.
Source: NVD
References
- [NVD]https://nvd.nist.gov/vuln/detail/CVE-2021-3530
- [Other]https://bugzilla.redhat.com/show_bug.cgi?id=1956423
- [Other]https://security.gentoo.org/glsa/202208-30
- [Other]https://security.netapp.com/advisory/ntap-20210716-0006/
- [Patch]https://src.fedoraproject.org/rpms/binutils/blob/rawhide/f/binutils-CVE-2021-3530.patch
- [Other]https://bugzilla.redhat.com/show_bug.cgi?id=1956423
- [Other]https://security.gentoo.org/glsa/202208-30
- [Other]https://security.netapp.com/advisory/ntap-20210716-0006/
- [Patch]https://src.fedoraproject.org/rpms/binutils/blob/rawhide/f/binutils-CVE-2021-3530.patch
Related CVEs
Same vendor
- CVE-2026-42009 — A flaw was found in gnutls (7.5 HIGH)
- CVE-2026-42010 — A flaw was found in gnutls (7.1 HIGH)
- CVE-2026-3833 — A flaw was found in gnutls (6.5 MEDIUM)
- CVE-2026-3832 — A flaw was found in gnutls (3.7 LOW)
- CVE-2026-33845 — A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow ... (7.5 HIGH)
Same CWE
- CVE-2025-7010 — Stack overflow vulnerability due to uncontrolled recursion in Avast Antivirus when scanning a malformed PDF file may allow Denial-of-Serv... (5.5 MEDIUM)
- CVE-2025-7005 — Uncontrolled recursion vulnerability in Avast Antivirus when scanning a malformed Windows PE file may allow Denial-of-Service of the anti... (5.5 MEDIUM)
- CVE-2026-4870 — IBM Qiskit SDK 0.43.0 through 2.5.0 could allow an attacker to trigger a segmentation fault leading to a denial of service due to uncontr... (7.5 HIGH)
- CVE-2026-48734 — ImageMagick is free and open-source software used for editing and manipulating digital images (5.5 MEDIUM)
- CVE-2026-46557 — ImageMagick is free and open-source software used for editing and manipulating digital images (6.2 MEDIUM)