Gdb
by GNU
CVEs (9)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-9778 | Med | 0.36 | 5.5 | 0.01 | Jun 21, 2017 | GNU Debugger (GDB) 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF binary or a core file can cause GDB to repeatedly allocate memory until a process limit is reached. This can, for example, impede efforts to analyze… | ||
| CVE-2023-39129 | 0.00 | — | 0.00 | Jul 25, 2023 | GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap use after free via the function add_pe_exported_sym() at /gdb/coff-pe-read.c. | |||
| CVE-2023-39130 | 0.00 | — | 0.00 | Jul 25, 2023 | GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap buffer overflow via the function pe_as16() at /gdb/coff-pe-read.c. | |||
| CVE-2023-39128 | 0.00 | — | 0.00 | Jul 25, 2023 | GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a stack overflow via the function ada_decode at /gdb/ada-lang.c. | |||
| CVE-2019-1010180 | 0.00 | — | 0.03 | Jul 24, 2019 | GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open an ELF for debugging. The fixed version is: Not… | |||
| CVE-2011-4355 | 0.00 | — | 0.00 | Mar 5, 2013 | GNU Project Debugger (GDB) before 7.5, when .debug_gdb_scripts is defined, automatically loads certain files from the current working directory, which allows local users to gain privileges via crafted files such as Python scripts. | |||
| CVE-2006-4146 | 0.00 | — | 0.03 | Aug 31, 2006 | Buffer overflow in the (1) DWARF (dwarfread.c) and (2) DWARF2 (dwarf2read.c) debugging code in GNU Debugger (GDB) 6.5 allows user-assisted attackers, or restricted users, to execute arbitrary code via a crafted file with a location block (DW_FORM_block) that contains a large… | |||
| CVE-2005-1704 | 0.00 | — | 0.01 | May 24, 2005 | Integer overflow in the Binary File Descriptor (BFD) library for gdb before 6.3, binutils, elfutils, and possibly other packages, allows user-assisted attackers to execute arbitrary code via a crafted object file that specifies a large number of section headers, leading to a… | |||
| CVE-2005-1705 | 0.00 | — | 0.00 | May 24, 2005 | gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which allows local users to execute arbitrary commands as the user running gdb. |
- risk 0.36cvss 5.5epss 0.01
GNU Debugger (GDB) 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF binary or a core file can cause GDB to repeatedly allocate memory until a process limit is reached. This can, for example, impede efforts to analyze…
- CVE-2023-39129Jul 25, 2023risk 0.00cvss —epss 0.00
GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap use after free via the function add_pe_exported_sym() at /gdb/coff-pe-read.c.
- CVE-2023-39130Jul 25, 2023risk 0.00cvss —epss 0.00
GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap buffer overflow via the function pe_as16() at /gdb/coff-pe-read.c.
- CVE-2023-39128Jul 25, 2023risk 0.00cvss —epss 0.00
GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a stack overflow via the function ada_decode at /gdb/ada-lang.c.
- CVE-2019-1010180Jul 24, 2019risk 0.00cvss —epss 0.03
GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open an ELF for debugging. The fixed version is: Not…
- CVE-2011-4355Mar 5, 2013risk 0.00cvss —epss 0.00
GNU Project Debugger (GDB) before 7.5, when .debug_gdb_scripts is defined, automatically loads certain files from the current working directory, which allows local users to gain privileges via crafted files such as Python scripts.
- CVE-2006-4146Aug 31, 2006risk 0.00cvss —epss 0.03
Buffer overflow in the (1) DWARF (dwarfread.c) and (2) DWARF2 (dwarf2read.c) debugging code in GNU Debugger (GDB) 6.5 allows user-assisted attackers, or restricted users, to execute arbitrary code via a crafted file with a location block (DW_FORM_block) that contains a large…
- CVE-2005-1704May 24, 2005risk 0.00cvss —epss 0.01
Integer overflow in the Binary File Descriptor (BFD) library for gdb before 6.3, binutils, elfutils, and possibly other packages, allows user-assisted attackers to execute arbitrary code via a crafted object file that specifies a large number of section headers, leading to a…
- CVE-2005-1705May 24, 2005risk 0.00cvss —epss 0.00
gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which allows local users to execute arbitrary commands as the user running gdb.