5.1 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
0.004 Low
EPSS
Percentile
69.6%
GDB, the GNU debugger, allows debugging of programs written in C, C++, and
other languages by executing them in a controlled fashion and then printing
their data.
Various buffer overflows and underflows were found in the DWARF expression
computation stack in GDB. If an attacker could trick a user into loading
an executable containing malicious debugging information into GDB, they may
be able to execute arbitrary code with the privileges of the user.
(CVE-2006-4146)
This updated package also addresses the following issues:
Support on 64-bit hosts shared libraries debuginfo larger than 2GB.
Fix a race occasionally leaving the detached processes stopped.
Fix segmentation fault on the source display by ^X 1.
Fix a crash on an opaque type dereference.
All users of gdb should upgrade to this updated package, which contains
backported patches to resolve these issues.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 3 | s390 | gdb | < 6.3.0.0-1.138.el3 | gdb-6.3.0.0-1.138.el3.s390.rpm |