{"id":"UBUNTU-CVE-2023-1972","details":"A potential heap based buffer overflow was found in _bfd_elf_slurp_version_tables() in bfd/elf.c. This may lead to loss of availability.","modified":"2026-04-22T14:00:57.422203Z","published":"2023-04-12T00:00:00Z","related":["USN-6101-1","USN-6842-1"],"upstream":["CVE-2023-1972"],"references":[{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2023-1972"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2023-1972"},{"type":"REPORT","url":"https://sourceware.org/git/?p=binutils-gdb.git;a=blobdiff;f=bfd/elf.c;h=185028cbd97ae0901c4276c8a4787b12bb75875a;hp=027d01437352555bc4ac0717cb0486c751a7775d;hb=c22d38baefc5a7a1e1f5cdc9dbb556b1f0ec5c57;hpb=f2f9bde5cde7ff34ed0a4c4682a211d402aa1086"},{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-6101-1"},{"type":"REPORT","url":"https://www.cve.org/CVERecord?id=CVE-2023-1972"},{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-6842-1"}],"affected":[{"package":{"name":"gdb","ecosystem":"Ubuntu:Pro:16.04:LTS","purl":"pkg:deb/ubuntu/gdb@7.11.1-0ubuntu1~16.5+esm1?arch=source&distro=esm-infra/xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7.11.1-0ubuntu1~16.5+esm1"}]}],"versions":["7.10-1ubuntu2","7.10-1ubuntu3","7.10.1-0ubuntu1","7.10.90.20160215-0ubuntu2","7.10.90.20160220-0ubuntu1","7.11-0ubuntu1","7.11.1-0ubuntu1~16.04","7.11.1-0ubuntu1~16.5"],"ecosystem_specific":{"binaries":[{"binary_name":"gdb","binary_version":"7.11.1-0ubuntu1~16.5+esm1"},{"binary_name":"gdb-multiarch","binary_version":"7.11.1-0ubuntu1~16.5+esm1"},{"binary_name":"gdb-source","binary_version":"7.11.1-0ubuntu1~16.5+esm1"},{"binary_name":"gdb64","binary_version":"7.11.1-0ubuntu1~16.5+esm1"},{"binary_name":"gdbserver","binary_version":"7.11.1-0ubuntu1~16.5+esm1"}],"availability":"Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2023/UBUNTU-CVE-2023-1972.json"}},{"package":{"name":"gdb","ecosystem":"Ubuntu:Pro:18.04:LTS","purl":"pkg:deb/ubuntu/gdb@8.1.1-0ubuntu1+esm1?arch=source&distro=esm-infra/bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.1.1-0ubuntu1+esm1"}]}],"versions":["8.0.1-0ubuntu1","8.0.1-0ubuntu2","8.0.1-0ubuntu3","8.1-0ubuntu1","8.1-0ubuntu2","8.1-0ubuntu3","8.1-0ubuntu3.1","8.1-0ubuntu3.2","8.1.1-0ubuntu1"],"ecosystem_specific":{"binaries":[{"binary_name":"gdb","binary_version":"8.1.1-0ubuntu1+esm1"},{"binary_name":"gdb-multiarch","binary_version":"8.1.1-0ubuntu1+esm1"},{"binary_name":"gdb-source","binary_version":"8.1.1-0ubuntu1+esm1"},{"binary_name":"gdbserver","binary_version":"8.1.1-0ubuntu1+esm1"}],"availability":"Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2023/UBUNTU-CVE-2023-1972.json"}},{"package":{"name":"gdb","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/gdb@9.2-0ubuntu1~20.04.2?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"9.2-0ubuntu1~20.04.2"}]}],"versions":["8.3-0ubuntu1","9.0.50.20191019-0ubuntu1","9.0.50.20191119-0ubuntu1","9.0.90.20191216-0ubuntu1","9.0.90.20200105-0ubuntu1","9.0.90.20200117-0ubuntu1","9.1-0ubuntu1","9.2-0ubuntu1~20.04","9.2-0ubuntu1~20.04.1"],"ecosystem_specific":{"binaries":[{"binary_name":"gdb","binary_version":"9.2-0ubuntu1~20.04.2"},{"binary_name":"gdb-multiarch","binary_version":"9.2-0ubuntu1~20.04.2"},{"binary_name":"gdb-source","binary_version":"9.2-0ubuntu1~20.04.2"},{"binary_name":"gdbserver","binary_version":"9.2-0ubuntu1~20.04.2"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2023/UBUNTU-CVE-2023-1972.json"}},{"package":{"name":"binutils","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/binutils@2.38-4ubuntu2.2?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.38-4ubuntu2.2"}]}],"versions":["2.37-7ubuntu1","2.37-9ubuntu1","2.37-10ubuntu1","2.37.50.20220106-2ubuntu1","2.37.90.20220126-0ubuntu1","2.37.90.20220130-0ubuntu2","2.38-1ubuntu1","2.38-2ubuntu1","2.38-3ubuntu1","2.38-4ubuntu2","2.38-4ubuntu2.1"],"ecosystem_specific":{"binaries":[{"binary_name":"binutils","binary_version":"2.38-4ubuntu2.2"},{"binary_name":"binutils-aarch64-linux-gnu","binary_version":"2.38-4ubuntu2.2"},{"binary_name":"binutils-alpha-linux-gnu","binary_version":"2.38-4ubuntu2.2"},{"binary_name":"binutils-arm-linux-gnueabi","binary_version":"2.38-4ubuntu2.2"},{"binary_name":"binutils-arm-linux-gnueabihf","binary_version":"2.38-4ubuntu2.2"},{"binary_name":"binutils-common","binary_version":"2.38-4ubuntu2.2"},{"binary_name":"binutils-for-build","binary_version":"2.38-4ubuntu2.2"},{"binary_name":"binutils-for-host","binary_version":"2.38-4ubuntu2.2"},{"binary_name":"binutils-hppa-linux-gnu","binary_version":"2.38-4ubuntu2.2"},{"binary_name":"binutils-hppa64-linux-gnu","binary_version":"2.38-4ubuntu2.2"},{"binary_name":"binutils-i686-gnu","binary_version":"2.38-4ubuntu2.2"},{"binary_name":"binutils-i686-kfreebsd-gnu","binary_version":"2.38-4ubuntu2.2"},{"binary_name":"binutils-i686-linux-gnu","binary_version":"2.38-4ubuntu2.2"},{"binary_name":"binutils-ia64-linux-gnu","binary_version":"2.38-4ubuntu2.2"},{"binary_name":"binutils-m68k-linux-gnu","binary_version":"2.38-4ubuntu2.2"},{"binary_name":"binutils-multiarch","binary_version":"2.38-4ubuntu2.2"},{"binary_name":"binutils-powerpc-linux-gnu","binary_version":"2.38-4ubuntu2.2"},{"binary_name":"binutils-powerpc64-linux-gnu","binary_version":"2.38-4ubuntu2.2"},{"binary_name":"binutils-powerpc64le-linux-gnu","binary_version":"2.38-4ubuntu2.2"},{"binary_name":"binutils-riscv64-linux-gnu","binary_version":"2.38-4ubuntu2.2"},{"binary_name":"binutils-s390x-linux-gnu","binary_version":"2.38-4ubuntu2.2"},{"binary_name":"binutils-sh4-linux-gnu","binary_version":"2.38-4ubuntu2.2"},{"binary_name":"binutils-source","binary_version":"2.38-4ubuntu2.2"},{"binary_name":"binutils-sparc64-linux-gnu","binary_version":"2.38-4ubuntu2.2"},{"binary_name":"binutils-x86-64-kfreebsd-gnu","binary_version":"2.38-4ubuntu2.2"},{"binary_name":"binutils-x86-64-linux-gnu","binary_version":"2.38-4ubuntu2.2"},{"binary_name":"binutils-x86-64-linux-gnux32","binary_version":"2.38-4ubuntu2.2"},{"binary_name":"libbinutils","binary_version":"2.38-4ubuntu2.2"},{"binary_name":"libctf-nobfd0","binary_version":"2.38-4ubuntu2.2"},{"binary_name":"libctf0","binary_version":"2.38-4ubuntu2.2"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2023/UBUNTU-CVE-2023-1972.json"}},{"package":{"name":"gdb","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/gdb@12.1-0ubuntu1~22.04.2?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"12.1-0ubuntu1~22.04.2"}]}],"versions":["11.1-0ubuntu2","11.1-0ubuntu3","11.2-0ubuntu1","12.0.50.20220217-0ubuntu1","12.0.90-0ubuntu1","12.1-0ubuntu1~22.04"],"ecosystem_specific":{"binaries":[{"binary_name":"gdb","binary_version":"12.1-0ubuntu1~22.04.2"},{"binary_name":"gdb-multiarch","binary_version":"12.1-0ubuntu1~22.04.2"},{"binary_name":"gdb-source","binary_version":"12.1-0ubuntu1~22.04.2"},{"binary_name":"gdbserver","binary_version":"12.1-0ubuntu1~22.04.2"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2023/UBUNTU-CVE-2023-1972.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}]}