5.1 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
0.005 Low
EPSS
Percentile
75.5%
CentOS Errata and Security Advisory CESA-2007:0469
GDB, the GNU debugger, allows debugging of programs written in C, C++, and
other languages by executing them in a controlled fashion and then printing
their data.
Various buffer overflows and underflows were found in the DWARF expression
computation stack in GDB. If an attacker could trick a user into loading
an executable containing malicious debugging information into GDB, they may
be able to execute arbitrary code with the privileges of the user.
(CVE-2006-4146)
This updated package also addresses the following issues:
Support on 64-bit hosts shared libraries debuginfo larger than 2GB.
Fix a race occasionally leaving the detached processes stopped.
Fix segmentation fault on the source display by ^X 1.
Fix a crash on an opaque type dereference.
All users of gdb should upgrade to this updated package, which contains
backported patches to resolve these issues.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2007-June/076059.html
https://lists.centos.org/pipermail/centos-announce/2007-June/076064.html
https://lists.centos.org/pipermail/centos-announce/2007-June/076080.html
https://lists.centos.org/pipermail/centos-announce/2007-June/076081.html
Affected packages:
gdb
Upstream details at:
https://access.redhat.com/errata/RHSA-2007:0469
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 3 | ia64 | gdb | < 6.3.0.0-1.138.el3 | gdb-6.3.0.0-1.138.el3.ia64.rpm |
CentOS | 3 | s390 | gdb | < 6.3.0.0-1.138.el3 | gdb-6.3.0.0-1.138.el3.s390.rpm |
CentOS | 3 | s390x | gdb | < 6.3.0.0-1.138.el3 | gdb-6.3.0.0-1.138.el3.s390x.rpm |
CentOS | 3 | i386 | gdb | < 6.3.0.0-1.138.el3 | gdb-6.3.0.0-1.138.el3.i386.rpm |
CentOS | 3 | i386 | gdb | < 6.3.0.0-1.138.el3 | gdb-6.3.0.0-1.138.el3.i386.rpm |
CentOS | 3 | x86_64 | gdb | < 6.3.0.0-1.138.el3 | gdb-6.3.0.0-1.138.el3.x86_64.rpm |