CVE-2017-9778
published 2017-06-21CVE-2017-9778: GNU Debugger (GDB) 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF binary or a core file can cause…
medium5.5CVSS 3.0
AVLACLPRNUIRSUCNINAH
GNU Debugger (GDB) 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF binary or a core file can cause GDB to repeatedly allocate memory until a process limit is reached. This can, for example, impede efforts to analyze malware with GDB.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | gdb | < gdb 8.3.1-1 (bookworm) | gdb 8.3.1-1 (bookworm) |
| gnu | gdb | <= 8.0 | — |
| gnu | gdb | >= 0 < 8.3.1-1 | 8.3.1-1 |
| gnu | gdb | >= 0 < 8.3.1-1 | 8.3.1-1 |
| gnu | gdb | >= 0 < 8.3.1-1 | 8.3.1-1 |
| gnu | gdb | >= 0 < 8.3.1-1 | 8.3.1-1 |
CVSS provenance
nvdv3.05.5MEDIUMCVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
osv5.5MEDIUM