{"id":"MGASA-2018-0034","summary":"Updated gdb packages fix security vulnerability","details":"Hanno Böck discovered that gdb incorrectly handled certain malformed AOUT\nheaders in PE executables. If a user or automated system were tricked into\nprocessing a specially crafted binary, a remote attacker could use this\nissue to cause gdb to crash, resulting in a denial of service, or possibly\nexecute arbitrary code (CVE-2014-8501).\n\nIt was discovered that gdb incorrectly handled printing bad bytes in Intel\nHex objects. If a user or automated system were tricked into processing a\nspecially crafted binary, a remote attacker could use this issue to cause\ngdb to crash, resulting in a denial of service (CVE-2014-9939).\n\nIt was discovered that gdb incorrectly handled certain string operations.\nIf a user or automated system were tricked into processing a specially\ncrafted binary, a remote attacker could use this issue to cause gdb to\ncrash, resulting in a denial of service, or possibly execute arbitrary\ncode (CVE-2016-2226).\n\nIt was discovered that gdb incorrectly handled parsing certain binaries.\nIf a user or automated system were tricked into processing a specially\ncrafted binary, a remote attacker could use this issue to cause gdb to\ncrash, resulting in a denial of service (CVE-2016-4487, CVE-2016-4488,\nCVE-2016-4489, CVE-2016-4490, CVE-2016-4491, CVE-2016-4492, CVE-2016-4493,\nCVE-2016-6131).\n","modified":"2026-04-16T06:24:53.724951923Z","published":"2018-01-03T14:22:14Z","upstream":["CVE-2014-8501","CVE-2014-9939","CVE-2016-2226","CVE-2016-4487","CVE-2016-4488","CVE-2016-4489","CVE-2016-4490","CVE-2016-4491","CVE-2016-4492","CVE-2016-4493","CVE-2016-6131"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2018-0034.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=21376"},{"type":"WEB","url":"https://usn.ubuntu.com/usn/usn-3367-1/"}],"affected":[{"package":{"name":"gdb","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/gdb?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7.8.1-7.1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2018-0034.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}