oss-sec mailing list archives

CVE assigned for gdb: arbitrary code execution via .debug_gdb_scripts

From: Kurt Seifried <kseifried () redhat com>
Date: Mon, 28 Nov 2011 09:53:37 -0700

This issue is now public.

gdb: arbitrary code execution via .debug_gdb_scripts

https://bugzilla.redhat.com/show_bug.cgi?id=703238

Vincent Danen 
It was discovered [1],[2] the the GNU Debugger (gdb) would load
untrusted files
from the current working directory when .debug_gdb_scripts was defined. 
While
this was a design decision, it is an insecure one and users who do not
pre-inspect untrusted files may execute arbitrary code with their
privileges.

[1] http://sourceware.org/ml/gdb-patches/2011-04/msg00559.html
[2] http://sourceware.org/ml/gdb-patches/2011-05/msg00202.html

This issue has been assigned CVE-2011-4355

-- 

-Kurt Seifried / Red Hat Security Response Team

Current thread:

CVE assigned for gdb: arbitrary code execution via .debug_gdb_scripts Kurt Seifried (Nov 28)