GMP: Buffer Overflow Vulnerability A buffer overflow vulnerability has been found in GMP which could result in denial of service. gmp 2023-09-29 2023-09-29 823804 remote 6.2.1-r2 6.2.1-r2

The GNU Multiple Precision Arithmetic Library is a library forarbitrary-precision arithmetic on different types of numbers.

There is an integer overflow leading to a buffer overflow when processing untrusted input via GMP's mpz_inp_raw function.

Untrusted input can cause a denial of service via segmentation fault.

Users can ensure no untrusted input is passed into GMP's mpz_inp_raw function.

All GMP users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/gmp-6.2.1-r2" CVE-2021-43618 ajak graaff