Your submission was sent successfully! Close

CVE-2017-9778

Published: 21 June 2017

GNU Debugger (GDB) 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF binary or a core file can cause GDB to repeatedly allocate memory until a process limit is reached. This can, for example, impede efforts to analyze malware with GDB.

Priority

Low

CVSS 3 base score: 5.5

Status

Package Release Status
gdb
Launchpad, Ubuntu, Debian
Upstream Needed

Ubuntu 21.10 (Impish Indri) Needed

Ubuntu 21.04 (Hirsute Hippo) Needed

Ubuntu 20.04 LTS (Focal Fossa) Needed

Ubuntu 18.04 LTS (Bionic Beaver) Needed

Ubuntu 16.04 ESM (Xenial Xerus) Needed

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was needed)
Patches:
Upstream: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=723adb650a31859d7cc45832cb8adca0206455ed