NS-SA-2025-0165

简介

moderate: gdb security update

严重级别

moderate

主题

An update for gdb is now available for NewStart CGSL MAIN 7.02.
NewStart Security has rated this update as having a security impact of moderate. A Common Vunlnerability Scoring System(CVSS)base score, which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.

详细描述

gdb:


Security Fix(es):
gdb: GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap use after free via the function add_pe_exported_sym() at /gdb/coff-pe-read.c.(CVE-2023-39129)
gdb: GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap buffer overflow via the function pe_as16() at /gdb/coff-pe-read.c.(CVE-2023-39130)
gdb: GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a stack overflow via the function ada_decode at /gdb/ada-lang.c.(CVE-2023-39128)
gdb: bugfix


Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
http://security.gd-linux.com/how_to_apply_patch.html
Remember the build tag is 7.02.03B8.

影响组件

• gdb

影响产品

• CGSL MAIN 7.02

更新包

CVE

• CVE-2023-39129
• CVE-2023-39130
• CVE-2023-39128

参考

• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39129
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39130
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39128