PT-2019-3232 · Gnu+4 · Gnu Gdb+4

Jun

·

Published

2019-07-24

·

Updated

2024-06-15

·

CVE-2019-1010180

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions GNU gdb All versions
Description The issue is related to a buffer overflow due to out-of-bounds memory access in the main gdb module. This can be exploited by opening a specially crafted ELF file for debugging, potentially leading to denial of service, memory disclosure, and possible code execution. The estimated number of potentially affected devices worldwide is not specified. There is no information about real-world incidents where this issue was exploited.
Recommendations For GNU gdb All versions: At the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting the use of the gdb module to minimize the risk of exploitation, especially when opening ELF files for debugging. Avoid using the gdb module with untrusted or unknown ELF files until the issue is resolved.

Exploit

Buffer Overflow

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-125

Related Identifiers

ALT-PU-2020-3149
ALT-PU-2020-3161
ALT-PU-2020-3365
BDU:2019-03222
CESA-2020_1635
CVE-2019-1010180
MGASA-2020-0239
OESA-2022-2002
OPENSUSE-SU-2019:2415-1
OPENSUSE-SU-2019:2432-1
OPENSUSE-SU-2019:2493-1
OPENSUSE-SU-2019:2494-1
OPENSUSE-SU-2019_2415-1
OPENSUSE-SU-2019_2432-1
OPENSUSE-SU-2019_2493-1
OPENSUSE-SU-2019_2494-1
OPENSUSE-SU-2024:10651-1
OPENSUSE-SU-2024:10778-1
RHSA-2020:1635
RHSA-2020_1635
SUSE-SU-2019:14207-1
SUSE-SU-2019:2650-1
SUSE-SU-2019:2779-1
SUSE-SU-2019:2780-1
SUSE-SU-2019:2902-1
SUSE-SU-2019:2913-1
SUSE-SU-2019:2914-1
SUSE-SU-2019:2916-1
SUSE-SU-2019_2902-1
SUSE-SU-2019_2913-1
SUSE-SU-2019_2914-1
SUSE-SU-2019_2916-1

Affected Products

Alt Linux
Centos
Gnu Gdb
Red Hat
Suse