Mageia 9: MGASA-2024-0246 Moderate: GDB Memory Issues and Threats
mageia
July 1, 2024
An illegal memory access flaw was found in the binutils package
Summary
An illegal memory access flaw was found in the binutils package. Parsing
an ELF file containing corrupt symbol version information may result in
a denial of service. This issue is the result of an incomplete fix for
CVE-2020-16599. (CVE-2022-4285)
A potential heap based buffer overflow was found in
_bfd_elf_slurp_version_tables() in bfd/elf.c. This may lead to loss of
availability. (CVE-2023-1972)
GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a stack
overflow via the function ada_decode at /gdb/ada-lang.c.
(CVE-2023-39128)
GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap use
after free via the function add_pe_exported_sym() at
/gdb/coff-pe-read.c. (CVE-2023-39129)
GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap
buffer overflow via the function pe_as16() at /gdb/coff-pe-read.c.
(CVE-2023-39130)
References
- https://bugs.mageia.org/show_bug.cgi?id=33319
- https://ubuntu.com/security/notices/USN-6842-1
- https://www.cve.org/CVERecord?id=CVE-2022-4285
- https://www.cve.org/CVERecord?id=CVE-2023-1972
- https://www.cve.org/CVERecord?id=CVE-2023-39128
- https://www.cve.org/CVERecord?id=CVE-2023-39129
- https://www.cve.org/CVERecord?id=CVE-2023-39130
Topics Covered
Resolution
SRPMS
- 9/core/gdb-12.1-7.1.mga9
PREVIOUS
NEXT
Publication date: 01 Jul 2024
URL: https://advisories.mageia.org/MGASA-2024-0246.html
Type: security
CVE: CVE-2022-4285,
CVE-2023-1972,
CVE-2023-39128,
CVE-2023-39129,
CVE-2023-39130
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!