Stack Overflow Vulnerability in GNU gdb Version 13.0.50
CVE-2023-39128

5.5MEDIUM

Key Information:

Vendor: Gnu
Status: Gdb
Vendor: CVE Published:; 25 July 2023

What is CVE-2023-39128?

GNU gdb version 13.0.50.20220805-git has been identified to contain a stack overflow vulnerability in the ada_decode function located in /gdb/ada-lang.c. This flaw can potentially allow an attacker to exploit the stack overflow, which may lead to unexpected behavior or crash of the application, compromising system integrity. Users are urged to update to the latest version to mitigate any risks associated with this vulnerability.

References

https://sourceware.org/bugzilla/show_bug.cgi?id=30639

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 25, 2023
Vulnerability Reserved
Jul 25, 2023

Gnu

What is CVE-2023-39128?

References

CVSS V3.1

Timeline