vendor:
gdb
by:
nitr0us
7,5
CVSS
HIGH
NULL Pointer Dereference
476
CWE
Product Name: gdb
Affected Version From: 7.5
Affected Version To: 7.5.1
Patch Exists: YES
Related CWE: N/A
CPE: a:gnu:gdb
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: OpenBSD 5.2 i386, Ubuntu Server 12.04, CentOS Linux, Gentoo Linux
2012
gdb (GNU debugger) <= 7.5.1 (crash due a NULL pointer dereference)
In gdb-7.5.1/gdb/dwarf2read.c is the following data structure: struct line_header {... unsigned int num_include_dirs, include_dirs_size; char **include_dirs;... struct file_entry { char *name; unsigned int dir_index; unsigned int mod_time; unsigned int length;... } *file_names; } The problem exists when trying to open a malformed ELF that contains a file_entry.dir_index > 0 and char **include_dirs pointing to NULL.
Mitigation:
Update to the latest version of gdb.
