system/gdb: multiple vulnerabilities
| Bugzilla ID | 214 |
| Alias(es) | CVE-2018-12934, CVE-2019-1010180 |
| Reporter | Max Rees (sroracle) |
| Assignee | Max Rees (sroracle) |
| Reported | 2019-10-16 17:04:30 -0500 |
| Modified | 2020-06-22 05:58:30 -0500 |
| Status | CONFIRMED |
| Version | 1.0-BETA4 |
| Hardware | Adélie Linux / All |
| Importance | --- / minor |
| Package(s) | system/binutils |
| URL | https://nvd.nist.gov/vuln/detail/CVE-2019-1010180 |
| See also | https://sourceware.org/bugzilla/show_bug.cgi?id=23657 |
Description
CVE-2019-1010180: https://nvd.nist.gov/vuln/detail/CVE-2019-1010180
GNU gdb All versions is affected by: Buffer Overflow - Out of bound
memory access. The impact is: Deny of Service, Memory Disclosure, and
Possible Code Execution. The component is: The main gdb module. The
attack vector is: Open an ELF for debugging. The fixed version is: Not
fixed yet.
Note: NVD states it affects GDB, but upstream appears to be fixing it in BFD.