Buffer Overflow Vulnerability in GNU gdb Affects All Versions
CVE-2019-1010180

7.8HIGH

Key Information:

Vendor
Gnu
Status
Gdb
Vendor
CVE Published:
24 July 2019

Summary

GNU gdb, the widely used debugger, is susceptible to a buffer overflow vulnerability that leads to out-of-bounds memory access. This exploit manifests when an ELF file is opened for debugging, potentially resulting in a denial of service and memory disclosure. Additionally, there is a risk of arbitrary code execution, further compromising system integrity. As of now, no fix has been released for this issue, highlighting an urgent need for users to remain vigilant.

Affected Version(s)

gdb All versions (At least as of date 2018-09-16)

References

https://sourceware.org/bugzilla/show_bug.cgi?id=23657
x_refsource_MISC
http://www.securityfocus.com/bid/109367
vdb-entryx_refsource_BID
http://lists.opensuse.org/opensuse-security-announce/2019...
vendor-advisoryx_refsource_SUSE

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.