392349 – (CVE-2011-4355) <sys-devel/gdb-7.5: Loads untrusted files with possible arbitrary code execution (CVE-2011-4355)

Bug 392349 (CVE-2011-4355) - <sys-devel/gdb-7.5: Loads untrusted files with possible arbitrary code execution (CVE-2011-4355)

Summary: <sys-devel/gdb-7.5: Loads untrusted files with possible arbitrary code execut...

Status:	RESOLVED FIXED

Alias:	CVE-2011-4355

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	Gentoo Security

URL:	https://bugzilla.redhat.com/show_bug....
Whiteboard:	B2 [noglsa]
Keywords:

Depends on:
Blocks:

Reported:	2011-11-29 04:33 UTC by Michael Harrison
Modified:	2015-12-31 04:35 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Michael Harrison 2011-11-29 04:33:43 UTC

It was discovered [1],[2] the the GNU Debugger (gdb) would load untrusted files
from the current working directory when .debug_gdb_scripts was defined.  While
this was a design decision, it is an insecure one and users who do not
pre-inspect untrusted files may execute arbitrary code with their privileges.

References:
http://sourceware.org/ml/gdb-patches/2011-04/msg00559.html
http://sourceware.org/ml/gdb-patches/2011-05/msg00202.html

Comment 1 GLSAMaker/CVETool Bot gentoo-dev

2013-03-06 23:34:22 UTC

CVE-2011-4355 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4355):
  GNU Project Debugger (GDB) before 7.5, when .debug_gdb_scripts is defined,
  automatically loads certain files from the current working directory, which
  allows local users to gain privileges via crafted files such as Python
  scripts.

Comment 2 Kristian Fiskerstrand (RETIRED) gentoo-dev

2014-08-28 20:15:04 UTC

According to CVE this is fixed in 7.5 That has already been stabilized

@maintainers: Please clean up vulnerable versions

Comment 3 Yury German Gentoo Infrastructure

2014-11-23 03:04:16 UTC

Maintainer(s), please drop the vulnerable version(s).

Comment 4 Yury German Gentoo Infrastructure

2014-12-12 17:35:30 UTC

Maintaner(s): Please drop affected versions, security will remove or mask in 30 days if no response.

Comment 5 Manuel Rüger (RETIRED) gentoo-dev

2015-08-28 00:02:37 UTC

Vulnerable versions have been removed.

Security, please vote.

Comment 6 Stefan Behte (RETIRED) gentoo-dev

2015-11-09 21:48:25 UTC

Vote: no.

Comment 7 Yury German Gentoo Infrastructure

2015-12-31 04:34:06 UTC

GLSA Vote: No
Thank you all. Closing as noglsa.