Buffer Overflow Vulnerability in GNU gdb Affects All Versions
CVE-2019-1010180

7.8HIGH

Key Information:

Vendor: Gnu
Status: Gdb
Vendor: CVE Published:; 24 July 2019

What is CVE-2019-1010180?

GNU gdb, the widely used debugger, is susceptible to a buffer overflow vulnerability that leads to out-of-bounds memory access. This exploit manifests when an ELF file is opened for debugging, potentially resulting in a denial of service and memory disclosure. Additionally, there is a risk of arbitrary code execution, further compromising system integrity. As of now, no fix has been released for this issue, highlighting an urgent need for users to remain vigilant.

Affected Version(s)

gdb All versions (At least as of date 2018-09-16)

References

https://sourceware.org/bugzilla/show_bug.cgi?id=23657

x_refsource_MISC

http://www.securityfocus.com/bid/109367

vdb-entryx_refsource_BID

http://lists.opensuse.org/opensuse-security-announce/2019...

vendor-advisoryx_refsource_SUSE

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 24, 2019
Vulnerability Reserved
Mar 20, 2019

Gnu

What is CVE-2019-1010180?

Affected Version(s)

References

CVSS V3.1

Timeline