Package "gdb"

Name: gdb


This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • GNU Debugger (with support for multiple architectures)
  • GNU Debugger (source)
  • GNU Debugger (remote server)

Latest version: 12.1-0ubuntu1~22.04.2
Release: jammy (22.04)
Level: security
Repository: universe


Other versions of "gdb" in Jammy

Repository Area Version
base main 12.0.90-0ubuntu1
base universe 12.0.90-0ubuntu1
security main 12.1-0ubuntu1~22.04.2
updates main 12.1-0ubuntu1~22.04.2
updates universe 12.1-0ubuntu1~22.04.2

Packages in group

Deleted packages are displayed in grey.


Version: 12.1-0ubuntu1~22.04.2 2024-06-20 08:07:13 UTC

  gdb (12.1-0ubuntu1~22.04.2) jammy-security; urgency=low

  * SECURITY UPDATE: illegal memory access
    - debian/patches/CVE-2022-4285.patch: Fix an illegal memory access
      when parsing an ELF file containing corrupt symbol version
    - CVE-2022-4285
  * SECURITY UPDATE: heap buffer overflow
    - debian/patches/CVE-2023-1972.patch: Fix an illegal memory access
      when an accessing a zero-length verdef table.
    - CVE-2023-1972
  * SECURITY UPDATE: stack buffer overflow
    - debian/patches/CVE-2023-39128.patch: Avoid buffer overflow in
    - CVE-2023-39128
  * SECURITY UPDATE: use after free
    - debian/patches/CVE-2023-39129-1.patch: Verify COFF symbol
      stringtab offset
    - debian/patches/CVE-2023-39129-2.patch: Fix gdb/coffread.c build on
      32bit architectures
    - debian/patches/CVE-2023-39129-3.patch: Use hex_string in
      gdb/coffread.c instead of PRIxPTR
    - CVE-2023-39129
  * SECURITY UPDATE: heap buffer overflow
    - debian/patches/CVE-2023-39130.patch: gdb: warn unused result for
      bfd IO functions
    - CVE-2023-39130

 -- Bruce Cable <email address hidden> Thu, 13 Jun 2024 11:58:36 +1000

CVE-2022-4285 An illegal memory access flaw was found in the binutils package. Parsing an ELF file containing corrupt symbol version information may result in a de
CVE-2023-1972 A potential heap based buffer overflow was found in _bfd_elf_slurp_version_tables() in bfd/elf.c. This may lead to loss of availability.
CVE-2023-39128 GNU gdb (GDB) was discovered to contain a stack overflow via the function ada_decode at /gdb/ada-lang.c.
CVE-2023-39129 GNU gdb (GDB) was discovered to contain a heap use after free via the function add_pe_exported_sym() at /gdb/coff-pe-read.c.
CVE-2023-39130 GNU gdb (GDB) was discovered to contain a heap buffer overflow via the function pe_as16() at /gdb/coff-pe-read.c.

About   -   Send Feedback to @ubuntu_updates