GNU Debugger (GDB) 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF binary or a core file can cause GDB to repeatedly allocate memory until a process limit is reached. This can, for example, impede efforts to analyze malware with GDB.

Published : 2017-06-21 07:29 Updated : 2019-10-03 00:03

CVSS Score More info
Score 4.3 / 10
Vendor Product Version URI
Gnu Gdb 8.0 cpe:/a:gnu:gdb:8.0
  1. Gnu (1) Search CVE
    1. Gdb (1) Search CVE
      1. 8.0


ID Name Description Links
CWE-20 Improper Input Validation The product does not validate or incorrectly validates input that can affect the control flow or data flow of a program. CVE
CWE-770 Allocation of Resources Without Limits or Throttling The software allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on how many resources can be allocated, in violation of the intended security policy for that actor. CVE

History of changes

Date Event
2019-10-03 00:03
2017-06-29 20:29
2017-06-27 05:28
2017-06-21 07:29