CVE-2019-1010180 — HIGH (7.8)

Q: How severe is CVE-2019-1010180?

CVE-2019-1010180 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2019-1010180?

Check the references section above for vendor advisories and patch information. Affected products include: Gnu Gdb, Opensuse Leap.

Vulnerability Description

GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open an ELF for debugging. The fixed version is: Not fixed yet.

CVSS Score

7.8

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Gnu	Gdb	< 9.1
Opensuse	Leap	15.0

Related Weaknesses (CWE)

CWE-125

References

http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.htmlMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.htmlMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00028.htmlMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00029.htmlMailing ListThird Party Advisory
http://www.securityfocus.com/bid/109367Third Party AdvisoryVDB Entry
https://security.gentoo.org/glsa/202003-31Third Party Advisory
https://sourceware.org/bugzilla/show_bug.cgi?id=23657ExploitIssue TrackingPatch
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.htmlMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.htmlMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00028.htmlMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00029.htmlMailing ListThird Party Advisory
http://www.securityfocus.com/bid/109367Third Party AdvisoryVDB Entry
https://security.gentoo.org/glsa/202003-31Third Party Advisory
https://sourceware.org/bugzilla/show_bug.cgi?id=23657ExploitIssue TrackingPatch

FAQ

What is CVE-2019-1010180?

CVE-2019-1010180 is a vulnerability with a CVSS score of 7.8 (HIGH). GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module...

How severe is CVE-2019-1010180?

CVE-2019-1010180 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2019-1010180?

Check the references section above for vendor advisories and patch information. Affected products include: Gnu Gdb, Opensuse Leap.