From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <fus@plutonium24.de>
Received: from ms94429.hosts.iptox.net (ms94429.hosts.iptox.net
 [95.128.200.216])
 by sourceware.org (Postfix) with ESMTPS id 55F4A3858C50
 for <gcc-help@gcc.gnu.org>; Tue,  2 Aug 2022 16:11:28 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 55F4A3858C50
Authentication-Results: sourceware.org; dmarc=none (p=none dis=none)
 header.from=plutonium24.de
Authentication-Results: sourceware.org; spf=none smtp.mailfrom=plutonium24.de
Received: from ms94429.hosts.iptox.net (unknown [127.0.0.1])
 by ms94429.hosts.iptox.net (Postfix) with ESMTP id A2B02EF1B75;
 Tue,  2 Aug 2022 16:11:18 +0000 (UTC)
Received: from www.f-us.de (dslb-084-060-033-116.084.060.pools.vodafone-ip.de
 [84.60.33.116])
 by ms94429.hosts.iptox.net (Postfix) with ESMTPA id 2CA9FEE8820;
 Tue,  2 Aug 2022 18:11:18 +0200 (CEST)
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII;
 format=flowed
Content-Transfer-Encoding: 7bit
Date: Tue, 02 Aug 2022 18:11:26 +0200
From: fus@plutonium24.de
To: gcc-help@gcc.gnu.org
Subject: determining impact of vulnerability CVE-2022-27943 in
 libiberty/rust-demangle.c
Reply-To: fus@plutonium24.de
Mail-Reply-To: fus@plutonium24.de
Message-ID: <28f5239fb7e8c8f029104563393310dd@plutonium24.de>
X-Sender: fus@plutonium24.de
User-Agent: Roundcube Webmail/1.3.17
X-Spam-Status: No, score=4.0 required=5.0 tests=BAYES_20, KAM_DMARC_STATUS,
 KAM_LAZY_DOMAIN_SECURITY, RCVD_IN_BARRACUDACENTRAL, SPF_HELO_NONE,
 SPF_NONE autolearn=no autolearn_force=no version=3.4.6
X-Spam-Level: ****
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
 server2.sourceware.org
X-BeenThere: gcc-help@gcc.gnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Gcc-help mailing list <gcc-help.gcc.gnu.org>
List-Unsubscribe: <https://gcc.gnu.org/mailman/options/gcc-help>,
 <mailto:gcc-help-request@gcc.gnu.org?subject=unsubscribe>
List-Archive: <https://gcc.gnu.org/pipermail/gcc-help/>
List-Post: <mailto:gcc-help@gcc.gnu.org>
List-Help: <mailto:gcc-help-request@gcc.gnu.org?subject=help>
List-Subscribe: <https://gcc.gnu.org/mailman/listinfo/gcc-help>,
 <mailto:gcc-help-request@gcc.gnu.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Aug 2022 16:11:29 -0000

The above mentioned CVE 
(https://nvd.nist.gov/vuln/detail/CVE-2022-27943) just specifies GNU GCC 
11.2 to be affected, but fails to eplicitly specify that previous 
versions are not affected. Does this CVE only affect exactly GCC version 
11.2?

And I would also like to know how I can determine whether or not I will 
be eposed to this vulnerability when using an affected version. Is the 
rust demangler used internally by any C/C++ tools or will I only be 
affected when compiling rust programs?

Regards
Frank