Search CVE reports

1 – 10 of 25 results

Detailed view

Sort by:

CVE-2023-39130

Low priority

Some fixes available 4 of 5

GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap buffer overflow via the function pe_as16() at /gdb/coff-pe-read.c.

1 affected packages

gdb

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
gdb	Not affected	Fixed	Fixed	Fixed	Fixed

CVE-2023-39129

Low priority

Some fixes available 4 of 5

GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap use after free via the function add_pe_exported_sym() at /gdb/coff-pe-read.c.

1 affected packages

gdb

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
gdb	Not affected	Fixed	Fixed	Fixed	Fixed

CVE-2023-39128

Low priority

Some fixes available 4 of 5

GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a stack overflow via the function ada_decode at /gdb/ada-lang.c.

1 affected packages

gdb

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
gdb	Not affected	Fixed	Fixed	Fixed	Fixed

CVE-2023-1972

Low priority

Some fixes available 9 of 11

A potential heap based buffer overflow was found in _bfd_elf_slurp_version_tables() in bfd/elf.c. This may lead to loss of availability.

2 affected packages

binutils, gdb

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
binutils	Fixed	Fixed	Not affected	Not affected	Not affected
gdb	Not affected	Fixed	Fixed	Fixed	Fixed

CVE-2022-4285

Low priority

Some fixes available 5 of 15

An illegal memory access flaw was found in the binutils package. Parsing an ELF file containing corrupt symbol version information may result in a denial of service. This issue is the result of an incomplete fix for CVE-2020-16599.

3 affected packages

binutils, binutils-avr, gdb

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
binutils	Not affected	Fixed	Not affected	Not affected	Not affected
binutils-avr	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
gdb	Not affected	Fixed	Fixed	Fixed	Fixed

CVE-2021-3826

Low priority

Vulnerable

Heap/stack buffer overflow in the dlang_lname function in d-demangle.c in libiberty allows attackers to potentially cause a denial of service (segmentation fault and crash) via a crafted mangled symbol.

51 affected packages

binutils, gcc-10, gcc-11, gcc-12, gcc-13...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
binutils	Not affected	Not affected	Not affected	Not affected	Not affected
gcc-10	Not affected	Not affected	Not affected	Not in release	Not in release
gcc-11	Vulnerable	Vulnerable	Not in release	Not in release	Not in release
gcc-12	Not affected	Not affected	Not in release	Ignored	Ignored
gcc-13	Not affected	Not in release	Not in release	Ignored	Ignored
gcc-3.3	Not affected	Not affected	Not affected	Not affected	Not affected
gcc-4.4	Not in release	Not in release	Not in release	Not in release	Not in release
gcc-4.6	Not in release	Not in release	Not in release	Not in release	Not in release
gcc-4.7	Not in release	Not in release	Not in release	Not in release	Not affected
gcc-4.7-armel-cross	Not in release	Not in release	Not in release	Not in release	Not affected
gcc-4.7-armhf-cross	Not in release	Not in release	Not in release	Not in release	Not affected
gcc-4.8	Not in release	Not in release	Not in release	Not affected	Not affected
gcc-4.8-arm64-cross	Not in release	Not in release	Not in release	Not in release	Not affected
gcc-4.8-armhf-cross	Not in release	Not in release	Not in release	Not in release	Not affected
gcc-4.8-powerpc-cross	Not in release	Not in release	Not in release	Not in release	Not affected
gcc-4.8-ppc64el-cross	Not in release	Not in release	Not in release	Not in release	Not affected
gcc-4.9	Not in release	Not in release	Not in release	Not in release	Not affected
gcc-5	Not in release	Not in release	Not in release	Not affected	Not affected
gcc-5-cross	Not in release	Not in release	Not in release	Not affected	Not affected
gcc-6	Not in release	Not in release	Not in release	Not affected	Not in release
gcc-6-cross	Not in release	Not in release	Not in release	Not affected	Not in release
gcc-6-cross-ports	Not in release	Not in release	Not in release	Not affected	Not in release
gcc-7	Not in release	Not in release	Not affected	Not affected	Not in release
gcc-7-cross	Not in release	Not in release	Not in release	Not affected	Not in release
gcc-7-cross-ports	Not in release	Not in release	Not in release	Not affected	Not in release
gcc-8	Not in release	Not in release	Not affected	Not affected	Not in release
gcc-8-cross	Not in release	Not in release	Not affected	Not affected	Not in release
gcc-8-cross-ports	Not in release	Not in release	Not affected	Not affected	Not in release
gcc-9	Not affected	Not affected	Not affected	Not in release	Not in release
gcc-9-cross	Not affected	Not affected	Not affected	Not in release	Not in release
gcc-9-cross-ports	Not affected	Not affected	Not affected	Not in release	Not in release
gcc-arm-linux-androideabi	Not in release	Not in release	Not in release	Not in release	Not affected
gcc-arm-none-eabi	Not affected	Not affected	Not affected	Not affected	Not affected
gcc-avr	Not affected	Not affected	Not affected	Not affected	Not affected
gcc-defaults	Not affected	Not affected	Not affected	Not affected	Not affected
gcc-defaults-arm64-cross	Not in release	Not in release	Not in release	Not in release	Not in release
gcc-defaults-armel-cross	Not in release	Not in release	Not in release	Not in release	Not in release
gcc-defaults-armhf-cross	Not in release	Not in release	Not in release	Not in release	Not in release
gcc-defaults-powerpc-cross	Not in release	Not in release	Not in release	Not in release	Not in release
gcc-defaults-ppc64el-cross	Not in release	Not in release	Not in release	Not in release	Not in release
gcc-h8300-hms	Not affected	Not affected	Not affected	Not affected	Not affected
gcc-i686-linux-android	Not in release	Not in release	Not in release	Not in release	Not affected
gcc-m68hc1x	Not in release	Not affected	Not affected	Not affected	Not affected
gcc-mingw-w64	Not affected	Not affected	Not affected	Not affected	Not affected
gcc-msp430	Not in release	Not affected	Not affected	Not affected	Not affected
gcc-opt	Not affected	Not affected	Not affected	Not affected	Not affected
gcc-snapshot	Not affected	Not affected	Not affected	Not affected	Not affected
gccgo-4.9	Not in release	Not in release	Not in release	Not in release	Not in release
gccgo-6	Not in release	Not in release	Not in release	Not in release	Not affected
gdb	Not affected	Not affected	Not affected	Needs evaluation	Needs evaluation
libiberty	Not affected	Vulnerable	Not affected	Not affected	Not affected

CVE-2022-27943

Low priority

Vulnerable

libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangle_const, as demonstrated by nm-new.

52 affected packages

binutils, crash, gcc-10, gcc-11, gcc-12...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
binutils	Not affected	Vulnerable	Not affected	Not affected	Not affected
crash	Not affected	Not affected	Not affected	Not affected	Not affected
gcc-10	Not affected	Not affected	Not affected	Not in release	Not in release
gcc-11	Vulnerable	Vulnerable	Not in release	Not in release	Not in release
gcc-12	Vulnerable	Vulnerable	Not in release	Not in release	Not in release
gcc-13	Not affected	Not in release	Not in release	Not in release	Not in release
gcc-3.3	Not affected	Not affected	Not affected	Not affected	Needs evaluation
gcc-4.4	Not in release	Not in release	Not in release	Not in release	Not in release
gcc-4.6	Not in release	Not in release	Not in release	Not in release	Not in release
gcc-4.7	Not in release	Not in release	Not in release	Not in release	Needs evaluation
gcc-4.7-armel-cross	Not in release	Not in release	Not in release	Not in release	Needs evaluation
gcc-4.7-armhf-cross	Not in release	Not in release	Not in release	Not in release	Needs evaluation
gcc-4.8	Not in release	Not in release	Not in release	Not affected	Not affected
gcc-4.8-arm64-cross	Not in release	Not in release	Not in release	Not in release	Needs evaluation
gcc-4.8-armhf-cross	Not in release	Not in release	Not in release	Not in release	Needs evaluation
gcc-4.8-powerpc-cross	Not in release	Not in release	Not in release	Not in release	Needs evaluation
gcc-4.8-ppc64el-cross	Not in release	Not in release	Not in release	Not in release	Needs evaluation
gcc-4.9	Not in release	Not in release	Not in release	Not in release	Not affected
gcc-5	Not in release	Not in release	Not in release	Not affected	Not affected
gcc-5-cross	Not in release	Not in release	Not in release	Not affected	Not affected
gcc-6	Not in release	Not in release	Not in release	Not affected	Not in release
gcc-6-cross	Not in release	Not in release	Not in release	Not affected	Not in release
gcc-6-cross-ports	Not in release	Not in release	Not in release	Not affected	Not in release
gcc-7	Not in release	Not in release	Not affected	Not affected	Not in release
gcc-7-cross	Not in release	Not in release	Not in release	Needs evaluation	Not in release
gcc-7-cross-ports	Not in release	Not in release	Not in release	Needs evaluation	Not in release
gcc-8	Not in release	Not in release	Not affected	Not affected	Not in release
gcc-8-cross	Not in release	Not in release	Needs evaluation	Needs evaluation	Not in release
gcc-8-cross-ports	Not in release	Not in release	Not affected	Not affected	Not in release
gcc-9	Not affected	Not affected	Not affected	Not in release	Not in release
gcc-9-cross	Not affected	Not affected	Not affected	Not in release	Not in release
gcc-9-cross-ports	Not affected	Not affected	Not affected	Not in release	Not in release
gcc-arm-linux-androideabi	Not in release	Not in release	Not in release	Not in release	Needs evaluation
gcc-arm-none-eabi	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
gcc-avr	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
gcc-defaults	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
gcc-defaults-arm64-cross	Not in release	Not in release	Not in release	Not in release	Not in release
gcc-defaults-armel-cross	Not in release	Not in release	Not in release	Not in release	Not in release
gcc-defaults-armhf-cross	Not in release	Not in release	Not in release	Not in release	Not in release
gcc-defaults-powerpc-cross	Not in release	Not in release	Not in release	Not in release	Not in release
gcc-defaults-ppc64el-cross	Not in release	Not in release	Not in release	Not in release	Not in release
gcc-h8300-hms	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
gcc-i686-linux-android	Not in release	Not in release	Not in release	Not in release	Needs evaluation
gcc-m68hc1x	Not in release	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
gcc-mingw-w64	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
gcc-msp430	Not in release	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
gcc-opt	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
gcc-snapshot	Not affected	Ignored	Ignored	Not affected	Not affected
gccgo-4.9	Not in release	Not in release	Not in release	Not in release	Not in release
gccgo-6	Not in release	Not in release	Not in release	Not in release	Not affected
gdb	Not affected	Vulnerable	Not affected	Not affected	Not affected
libiberty	Not affected	Vulnerable	Not affected	Not affected	Not affected

CVE-2021-3530

Low priority

Vulnerable

A flaw was discovered in GNU libiberty within demangle_path() in rust-demangle.c, as distributed in GNU Binutils version 2.36. A crafted symbol can cause stack memory to be exhausted leading to a crash.

3 affected packages

binutils, gdb, libiberty

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
binutils	Not affected	Not affected	Not affected	Not affected	Not affected
gdb	Not affected	Vulnerable	Not affected	Not affected	Not affected
libiberty	Not affected	Vulnerable	Not affected	Not affected	Not affected

CVE-2019-1010180

Low priority

Vulnerable

GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open...

1 affected packages

gdb

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
gdb	Not affected	Not affected	Not affected	Vulnerable	Vulnerable

CVE-2017-9778

Low priority

Vulnerable

GNU Debugger (GDB) 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF binary or a core file can cause GDB to repeatedly allocate memory until a process limit is reached. This...

1 affected packages

gdb

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
gdb	Not affected	Not affected	Not affected	Vulnerable	Vulnerable

Export to JSON

Results by page: