Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Huawei EulerOS: Security Advisory for gdb (EulerOS-SA-2026-1307)

🗓️ 16 Mar 2026 00:00:00Reported by Copyright (C) 2026 Greenbone AGType 
openvas
 openvas🔗 plugins.openvas.org👁 3 Views

Huawei EulerOS security advisory for the GNU Debugger requiring update and vulnerability checks.

Related
Refs
Code
ReporterTitlePublishedViews
Family
IBM Security Bulletins		Security Bulletin: Security vulnerabilities found in the Red Hat Universal Minimal Base Image shipped with CICS Transaction Gateway for Multiplatforms
5 Mar 202613:53
ibm
IBM Security Bulletins		Security Bulletin: IBM QRadar SIEM is vulnerable to using components with known vulnerabilities
28 Jan 202615:42
ibm
IBM Security Bulletins		Security Bulletin: Muliple security vulnerabilities found in TXSeries for Multiplatforms.
22 Apr 202614:18
ibm
IBM Security Bulletins		Security Bulletin: IBM App Connect Enterprise Certified Container UBI updates
5 Feb 202612:52
ibm
ATTACKERKB		CVE-2025-11840
16 Oct 202515:32
attackerkb
Tenable Nessus		Amazon Linux 2023 : binutils, binutils-devel, binutils-gprofng (ALAS2023-2025-1301)
9 Dec 202500:00
nessus
Tenable Nessus		AlmaLinux 10 : binutils (ALSA-2025:23306)
23 Dec 202500:00
nessus
Tenable Nessus		AlmaLinux 9 : gcc-toolset-13-binutils (ALSA-2025:23336)
23 Dec 202500:00
nessus
Tenable Nessus		AlmaLinux 9 : binutils (ALSA-2025:23343)
23 Dec 202500:00
nessus
Tenable Nessus		AlmaLinux 8 : binutils (ALSA-2025:23382)
22 Dec 202500:00
nessus
Rows per page
# SPDX-FileCopyrightText: 2026 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.1.2.2026.1307");
  script_cve_id("CVE-2025-11082", "CVE-2025-11083", "CVE-2025-11412", "CVE-2025-11494", "CVE-2025-11840");
  script_tag(name:"creation_date", value:"2026-03-16 05:12:13 +0000 (Mon, 16 Mar 2026)");
  script_version("2026-03-16T06:13:25+0000");
  script_tag(name:"last_modification", value:"2026-03-16 06:13:25 +0000 (Mon, 16 Mar 2026)");
  script_tag(name:"cvss_base", value:"4.3");
  script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:S/C:P/I:P/A:P");
  script_tag(name:"severity_vector", value:"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
  script_tag(name:"severity_origin", value:"NVD");
  script_tag(name:"severity_date", value:"2025-10-03 16:52:47 +0000 (Fri, 03 Oct 2025)");

  script_name("Huawei EulerOS: Security Advisory for gdb (EulerOS-SA-2026-1307)");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2026 Greenbone AG");
  script_family("Huawei EulerOS Local Security Checks");
  script_dependencies("gb_huawei_euleros_consolidation.nasl");
  script_mandatory_keys("ssh/login/euleros", "ssh/login/rpms", re:"ssh/login/release=EULEROS\-2\.0SP10\-X86_64");

  script_xref(name:"Advisory-ID", value:"EulerOS-SA-2026-1307");
  script_xref(name:"URL", value:"https://developer.huaweicloud.com/intl/en-us/euleros/securitydetail.html?secId=EulerOS-SA-2026-1307");

  script_tag(name:"summary", value:"The remote host is missing an update for the Huawei EulerOS 'gdb' package(s) announced via the EulerOS-SA-2026-1307 advisory.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");

  script_tag(name:"insight", value:"A vulnerability has been found in GNU Binutils 2.45. The affected element is the function elf_swap_shdr in the library bfd/elfcode.h of the component Linker. The manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit has been disclosed to the public and may be used. The identifier of the patch is 9ca499644a21ceb3f946d1c179c38a83be084490. To fix this issue, it is recommended to deploy a patch. The code maintainer replied with '[f]ixed for 2.46'.(CVE-2025-11083)

A vulnerability was found in GNU Binutils 2.45. Impacted is the function _bfd_x86_elf_late_size_sections of the file bfd/elfxx-x86.c of the component Linker. The manipulation results in out-of-bounds read. The attack needs to be approached locally. The exploit has been made public and could be used. The patch is identified as b6ac5a8a5b82f0ae6a4642c8d7149b325f4cc60a. A patch should be applied to remediate this issue.(CVE-2025-11494)

A flaw has been found in GNU Binutils 2.45. Impacted is the function _bfd_elf_parse_eh_frame of the file bfd/elf-eh-frame.c of the component Linker. Executing manipulation can lead to heap-based buffer overflow. The attack is restricted to local execution. The exploit has been published and may be used. This patch is called ea1a0737c7692737a644af0486b71e4a392cbca8. A patch should be applied to remediate this issue. The code maintainer replied with '[f]ixed for 2.46'.(CVE-2025-11082)

A vulnerability has been found in GNU Binutils 2.45. This impacts the function bfd_elf_gc_record_vtentry of the file bfd/elflink.c of the component Linker. The manipulation leads to out-of-bounds read. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier of the patch is 047435dd988a3975d40c6626a8f739a0b2e154bc. To fix this issue, it is recommended to deploy a patch.(CVE-2025-11412)

A weakness has been identified in GNU Binutils 2.45. The affected element is the function vfinfo of the file ldmisc.c. Executing manipulation can lead to out-of-bounds read. The attack can only be executed locally. The exploit has been made available to the public and could be exploited. This patch is called 16357. It is best practice to apply a patch to resolve this issue.(CVE-2025-11840)");

  script_tag(name:"affected", value:"'gdb' package(s) on Huawei EulerOS V2.0SP10(x86_64).");

  script_tag(name:"solution", value:"Please install the updated package(s).");

  script_tag(name:"solution_type", value:"VendorFix");
  script_tag(name:"qod_type", value:"package");

  exit(0);
}

include("revisions-lib.inc");
include("pkg-lib-rpm.inc");

release = rpm_get_ssh_release();
if(!release)
  exit(0);

res = "";
report = "";

if(release == "EULEROS-2.0SP10-x86_64") {

  if(!isnull(res = isrpmvuln(pkg:"gdb", rpm:"gdb~9.2~1.h10.eulerosv2r10", rls:"EULEROS-2.0SP10-x86_64"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"gdb-headless", rpm:"gdb-headless~9.2~1.h10.eulerosv2r10", rls:"EULEROS-2.0SP10-x86_64"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"gdb-help", rpm:"gdb-help~9.2~1.h10.eulerosv2r10", rls:"EULEROS-2.0SP10-x86_64"))) {
    report += res;
  }

  if(report != "") {
    security_message(data:report);
  } else if(__pkg_match) {
    exit(99);
  }
  exit(0);
}

exit(0);

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
16 Mar 2026 00:00Current
6.3Medium risk
Vulners AI Score6.3
CVSS 3.15.3 - 7.8
CVSS 24.3
CVSS 44.8
CVSS 35.3
EPSS0.00037
SSVC
Huawei EulerOSGNU Debuggersecurity advisoryvulnerable versionsupdate required
3