VulnerableCode Package Details - pkg:deb/ubuntu/gdb@7.99.90.20170502-0ubuntu1

Search for packages

Vulnerability	Summary	Fixed by
VCID-7hwq-kpsv-aaak Aliases: CVE-2019-1010180	GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open an ELF for debugging. The fixed version is: Not fixed yet.	8.3-0ubuntu1 Affected by 0 other vulnerabilities.
VCID-msks-vp54-aaar Aliases: CVE-2016-4491	The d_print_comp function in cp-demangle.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, which triggers infinite recursion and a buffer overflow, related to a node having "itself as ancestor more than once."	8.0-0ubuntu3 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-7hwq-kpsv-aaak
Aliases:
CVE-2019-1010180

GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open an ELF for debugging. The fixed version is: Not fixed yet.

8.3-0ubuntu1
Affected by 0 other vulnerabilities.

VCID-msks-vp54-aaar
Aliases:
CVE-2016-4491

The d_print_comp function in cp-demangle.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, which triggers infinite recursion and a buffer overflow, related to a node having "itself as ancestor more than once."

8.0-0ubuntu3
Affected by 1 other vulnerability.

Vulnerability	Summary	Aliases
VCID-1uw9-7g8r-aaan	Integer overflow in cp-demangle.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to inconsistent use of the long and int types for lengths.	CVE-2016-4490
VCID-b4vs-s3v7-aaan	Use-after-free vulnerability in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to "btypevec."	CVE-2016-4487
VCID-gg7p-bvwe-aaaa	The demangle_template_value_parm and do_hpacc_template_literal functions in cplus-dem.c in libiberty allow remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted binary.	CVE-2016-4493
VCID-n479-3mn6-aaac	Buffer overflow in the do_type function in cplus-dem.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary.	CVE-2016-4492
VCID-nzvx-gfxd-aaaf	Integer overflow in the string_appends function in cplus-dem.c in libiberty allows remote attackers to execute arbitrary code via a crafted executable, which triggers a buffer overflow.	CVE-2016-2226
VCID-rezr-4az6-aaac	Use-after-free vulnerability in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to "ktypevec."	CVE-2016-4488
VCID-vmu4-tejr-aaan	The demangler in GNU Libiberty allows remote attackers to cause a denial of service (infinite loop, stack overflow, and crash) via a cycle in the references of remembered mangled types.	CVE-2016-6131
VCID-z73b-k7gs-aaab	ihex.c in GNU Binutils before 2.26 contains a stack buffer overflow when printing bad bytes in Intel Hex objects.	CVE-2014-9939
VCID-zs3h-m8bp-aaah	Integer overflow in the gnu_special function in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to the "demangling of virtual tables."	CVE-2016-4489

Vulnerability

Summary

Aliases

VCID-1uw9-7g8r-aaan

Integer overflow in cp-demangle.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to inconsistent use of the long and int types for lengths.

CVE-2016-4490

VCID-b4vs-s3v7-aaan

Use-after-free vulnerability in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to "btypevec."

CVE-2016-4487

VCID-gg7p-bvwe-aaaa

The demangle_template_value_parm and do_hpacc_template_literal functions in cplus-dem.c in libiberty allow remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted binary.

CVE-2016-4493

VCID-n479-3mn6-aaac

Buffer overflow in the do_type function in cplus-dem.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary.

CVE-2016-4492

VCID-nzvx-gfxd-aaaf

Integer overflow in the string_appends function in cplus-dem.c in libiberty allows remote attackers to execute arbitrary code via a crafted executable, which triggers a buffer overflow.

CVE-2016-2226

VCID-rezr-4az6-aaac

Use-after-free vulnerability in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to "ktypevec."

CVE-2016-4488

VCID-vmu4-tejr-aaan

The demangler in GNU Libiberty allows remote attackers to cause a denial of service (infinite loop, stack overflow, and crash) via a cycle in the references of remembered mangled types.

CVE-2016-6131

VCID-z73b-k7gs-aaab

ihex.c in GNU Binutils before 2.26 contains a stack buffer overflow when printing bad bytes in Intel Hex objects.

CVE-2014-9939

VCID-zs3h-m8bp-aaah

Integer overflow in the gnu_special function in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to the "demangling of virtual tables."

CVE-2016-4489

Next non-vulnerable version	8.3-0ubuntu1
Latest non-vulnerable version	8.3-0ubuntu1
Risk	3.5