9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.1 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.026 Low
EPSS
Percentile
90.1%
Hanno Böck discovered that gdb incorrectly handled certain malformed AOUT
headers in PE executables. If a user or automated system were tricked into
processing a specially crafted binary, a remote attacker could use this
issue to cause gdb to crash, resulting in a denial of service, or possibly
execute arbitrary code. This issue only applied to Ubuntu 14.04 LTS.
(CVE-2014-8501)
It was discovered that gdb incorrectly handled printing bad bytes in Intel
Hex objects. If a user or automated system were tricked into processing a
specially crafted binary, a remote attacker could use this issue to cause
gdb to crash, resulting in a denial of service. This issue only applied to
Ubuntu 14.04 LTS. (CVE-2014-9939)
It was discovered that gdb incorrectly handled certain string operations.
If a user or automated system were tricked into processing a specially
crafted binary, a remote attacker could use this issue to cause gdb to
crash, resulting in a denial of service, or possibly execute arbitrary
code. This issue only applied to Ubuntu 14.04 LTS and Ubuntu 16.04 LTS.
(CVE-2016-2226)
It was discovered that gdb incorrectly handled parsing certain binaries. If
a user or automated system were tricked into processing a specially crafted
binary, a remote attacker could use this issue to cause gdb to crash,
resulting in a denial of service. This issue only applied to Ubuntu 14.04
LTS and Ubuntu 16.04 LTS. (CVE-2016-4487, CVE-2016-4488, CVE-2016-4489,
CVE-2016-4490, CVE-2016-4492, CVE-2016-4493, CVE-2016-6131)
It was discovered that gdb incorrectly handled parsing certain binaries. If
a user or automated system were tricked into processing a specially crafted
binary, a remote attacker could use this issue to cause gdb to crash,
resulting in a denial of service. (CVE-2016-4491)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 17.04 | noarch | gdb | < 7.12.50.20170314-0ubuntu1.1 | UNKNOWN |
Ubuntu | 17.04 | noarch | gdb-dbg | < 7.12.50.20170314-0ubuntu1.1 | UNKNOWN |
Ubuntu | 17.04 | noarch | gdb-dbgsym | < 7.12.50.20170314-0ubuntu1.1 | UNKNOWN |
Ubuntu | 17.04 | noarch | gdb-doc | < 7.12.50.20170314-0ubuntu1.1 | UNKNOWN |
Ubuntu | 17.04 | noarch | gdb-multiarch | < 7.12.50.20170314-0ubuntu1.1 | UNKNOWN |
Ubuntu | 17.04 | noarch | gdb-multiarch-dbgsym | < 7.12.50.20170314-0ubuntu1.1 | UNKNOWN |
Ubuntu | 17.04 | noarch | gdb-source | < 7.12.50.20170314-0ubuntu1.1 | UNKNOWN |
Ubuntu | 17.04 | noarch | gdbserver | < 7.12.50.20170314-0ubuntu1.1 | UNKNOWN |
Ubuntu | 17.04 | noarch | gdbserver-dbgsym | < 7.12.50.20170314-0ubuntu1.1 | UNKNOWN |
Ubuntu | 16.04 | noarch | gdb | < 7.11.1-0ubuntu1~16.5 | UNKNOWN |
ubuntu.com/security/CVE-2014-8501
ubuntu.com/security/CVE-2014-9939
ubuntu.com/security/CVE-2016-2226
ubuntu.com/security/CVE-2016-4487
ubuntu.com/security/CVE-2016-4488
ubuntu.com/security/CVE-2016-4489
ubuntu.com/security/CVE-2016-4490
ubuntu.com/security/CVE-2016-4491
ubuntu.com/security/CVE-2016-4492
ubuntu.com/security/CVE-2016-4493
ubuntu.com/security/CVE-2016-6131
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.1 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.026 Low
EPSS
Percentile
90.1%