GDB, the GNU debugger, allows debugging of programs written in C, C++, and
other languages by executing them in a controlled fashion and then printing
their data.
Various buffer overflows and underflows were found in the DWARF expression
computation stack in GDB. If an attacker could trick a user into loading
an executable containing malicious debugging information into GDB, they may
be able to execute arbitrary code with the privileges of the user.
(CVE-2006-4146)
This updated package also addresses the following issues:
Support on 64-bit hosts shared libraries debuginfo larger than 2GB.
Fix a race occasionally leaving the detached processes stopped.
Fix segmentation fault on the source display by ^X 1.
Fix a crash on an opaque type dereference.
All users of gdb should upgrade to this updated package, which contains
backported patches to resolve these issues.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 3 | s390 | gdb | < 6.3.0.0-1.138.el3 | gdb-6.3.0.0-1.138.el3.s390.rpm |