system/gdb: multiple vulnerabilities
Bugzilla ID | 214 |
Alias(es) | CVE-2018-12934, CVE-2019-1010180 |
Reporter | Max Rees (sroracle) |
Assignee | Max Rees (sroracle) |
Reported | 2019-10-16 17:04:30 -0500 |
Modified | 2020-06-22 05:58:30 -0500 |
Status | CONFIRMED |
Version | 1.0-BETA4 |
Hardware | Adélie Linux / All |
Importance | --- / minor |
Package(s) | system/binutils |
URL | https://nvd.nist.gov/vuln/detail/CVE-2019-1010180 |
See also | https://sourceware.org/bugzilla/show_bug.cgi?id=23657 |
Description
CVE-2019-1010180: https://nvd.nist.gov/vuln/detail/CVE-2019-1010180
GNU gdb All versions is affected by: Buffer Overflow - Out of bound
memory access. The impact is: Deny of Service, Memory Disclosure, and
Possible Code Execution. The component is: The main gdb module. The
attack vector is: Open an ELF for debugging. The fixed version is: Not
fixed yet.
Note: NVD states it affects GDB, but upstream appears to be fixing it in BFD.