CVE-2006-4146

CWE-119 — Buffer Overflow9 documents8 sources

Severity

5.1MEDIUM

EPSS

1.3%

top 20.60%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

GNU GDB

Timeline

PublishedAug 31

Latest updateMay 3

Description

Buffer overflow in the (1) DWARF (dwarfread.c) and (2) DWARF2 (dwarf2read.c) debugging code in GNU Debugger (GDB) 6.5 allows user-assisted attackers, or restricted users, to execute arbitrary code via a crafted file with a location block (DW_FORM_block) that contains a large number of operations.

CVSS vector

AV:N/AC:H/C:P/I:P/A:PExploitability: 4.9 | Impact: 6.4

Affected Packages2 packages

▶Debiangdb< 7.3-1+3

▶NVDgnu/gdb6.5

Patches

Patch: bugzilla.redhat.com ↗Patch: bugzilla.redhat.com ↗

🔴Vulnerability Details

GHSA

GHSA-63cf-4m5h-x542: Buffer overflow in the (1) DWARF (dwarfread↗2022-05-03

▶

OSV

CVE-2006-4146: Buffer overflow in the (1) DWARF (dwarfread↗2006-08-31

▶

CVEList

CVE-2006-4146: Buffer overflow in the (1) DWARF (dwarfread↗2006-08-31

▶

📋Vendor Advisories

Ubuntu

gdb vulnerability↗2006-10-02

▶

Red Hat

GDB buffer overflow↗2006-08-31

▶

Debian

CVE-2006-4146: gdb - Buffer overflow in the (1) DWARF (dwarfread.c) and (2) DWARF2 (dwarf2read.c) deb...↗2006

▶

💬Community

Bugzilla

CVE-2006-4146 GDB buffer overflow↗2007-03-29

▶

Bugzilla

CVE-2006-4146 GDB buffer overflow↗2006-08-24

▶