Skip to navigation

Security Advisory Moderate: gdb security and bug fix update

Advisory: RHSA-2013:0522-2
Type: Security Advisory
Severity: Moderate
Issued on: 2013-02-21
Last updated on: 2013-02-21
Affected Products: Red Hat Enterprise Linux Desktop (v. 6)
Red Hat Enterprise Linux HPC Node (v. 6)
Red Hat Enterprise Linux Server (v. 6)
Red Hat Enterprise Linux Workstation (v. 6)
CVEs (cve.mitre.org): CVE-2011-4355

Details

Updated gdb packages that fix one security issue and three bugs are now
available for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having moderate
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.

The GNU Debugger (GDB) allows debugging of programs written in C, C++,
Java, and other languages by executing them in a controlled fashion and
then printing out their data.

GDB tried to auto-load certain files (such as GDB scripts, Python scripts,
and a thread debugging library) from the current working directory when
debugging programs. This could result in the execution of arbitrary code
with the user's privileges when GDB was run in a directory that has
untrusted content. (CVE-2011-4355)

With this update, GDB no longer auto-loads files from the current directory
and only trusts certain system directories by default. The list of trusted
directories can be viewed and modified using the "show auto-load safe-path"
and "set auto-load safe-path" GDB commands. Refer to the GDB manual, linked
to in the References, for further information.

This update also fixes the following bugs:

* When a struct member was at an offset greater than 256 MB, the resulting
bit position within the struct overflowed and caused an invalid memory
access by GDB. With this update, the code has been modified to ensure that
GDB can access such positions. (BZ#795424)

* When a thread list of the core file became corrupted, GDB did not print
this list but displayed the "Cannot find new threads: generic error" error
message instead. With this update, GDB has been modified and it now prints
the thread list of the core file as expected. (BZ#811648)

* GDB did not properly handle debugging of multiple binaries with the
same build ID. This update modifies GDB to use symbolic links created for
particular binaries so that debugging of binaries that share a build ID
now proceeds as expected. Debugging of live programs and core files is
now more user-friendly. (BZ#836966)

All users of gdb are advised to upgrade to these updated packages, which
contain backported patches to correct these issues.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

Updated packages

Red Hat Enterprise Linux Desktop (v. 6)

SRPMS:
gdb-7.2-60.el6.src.rpm
File outdated by:  RHBA-2013:0811
    MD5: fc930cc14c7ae74f40cbd84c17e1d440
SHA-256: ad77f760c4849e0a7686a43bfccba0ba9d7292ecfe9be1aa278707fe1a63cf21
 
IA-32:
gdb-7.2-60.el6.i686.rpm
File outdated by:  RHBA-2013:0811
    MD5: 7be4be0732d3c4d21a621a1f31780ae1
SHA-256: 87e10fb13df443318bbd1c895a068bfe64cb419e3fa699900275cdbd6f11d972
gdb-debuginfo-7.2-60.el6.i686.rpm
File outdated by:  RHBA-2013:0811
    MD5: beb94506b62084a2c2b972f1f6bdb1a0
SHA-256: 823cb9a9869ed82ed2fa066660c816813834d280dd54e774f5e2365926701516
gdb-gdbserver-7.2-60.el6.i686.rpm
File outdated by:  RHBA-2013:0811
    MD5: 495ac2bca7fada5629bf563bb79d49cb
SHA-256: bcfbe8763949c1c1b0c57db02ef0ded1a7da8ab65537ced68af95d07de547922
 
x86_64:
gdb-7.2-60.el6.x86_64.rpm
File outdated by:  RHBA-2013:0811
    MD5: ec66afbc0227eee1cbfba42812971f5c
SHA-256: d847960b415a9095d135dae3207a749b82ee5dd208fde784ec6a09635428d99e
gdb-debuginfo-7.2-60.el6.x86_64.rpm
File outdated by:  RHBA-2013:0811
    MD5: 32102b5931b8228a32418f96f089b4f6
SHA-256: fad0d03a9a40dd30036eeb4c2d90fe9c498c9da559ca19ddfec47c2b48e8d1ea
gdb-gdbserver-7.2-60.el6.x86_64.rpm
File outdated by:  RHBA-2013:0811
    MD5: 38b913fad58713c8b47a978ebe4e7a9c
SHA-256: e0de59dc2f73ef5f6cc318cdee200e5efd2dbe8bdfba81a97dea5dab24d4cc1e
 
Red Hat Enterprise Linux HPC Node (v. 6)

SRPMS:
gdb-7.2-60.el6.src.rpm
File outdated by:  RHBA-2013:0811
    MD5: fc930cc14c7ae74f40cbd84c17e1d440
SHA-256: ad77f760c4849e0a7686a43bfccba0ba9d7292ecfe9be1aa278707fe1a63cf21
 
x86_64:
gdb-7.2-60.el6.x86_64.rpm
File outdated by:  RHBA-2013:0811
    MD5: ec66afbc0227eee1cbfba42812971f5c
SHA-256: d847960b415a9095d135dae3207a749b82ee5dd208fde784ec6a09635428d99e
gdb-debuginfo-7.2-60.el6.x86_64.rpm
File outdated by:  RHBA-2013:0811
    MD5: 32102b5931b8228a32418f96f089b4f6
SHA-256: fad0d03a9a40dd30036eeb4c2d90fe9c498c9da559ca19ddfec47c2b48e8d1ea
gdb-gdbserver-7.2-60.el6.x86_64.rpm
File outdated by:  RHBA-2013:0811
    MD5: 38b913fad58713c8b47a978ebe4e7a9c
SHA-256: e0de59dc2f73ef5f6cc318cdee200e5efd2dbe8bdfba81a97dea5dab24d4cc1e
 
Red Hat Enterprise Linux Server (v. 6)

SRPMS:
gdb-7.2-60.el6.src.rpm
File outdated by:  RHBA-2013:0811
    MD5: fc930cc14c7ae74f40cbd84c17e1d440
SHA-256: ad77f760c4849e0a7686a43bfccba0ba9d7292ecfe9be1aa278707fe1a63cf21
 
IA-32:
gdb-7.2-60.el6.i686.rpm
File outdated by:  RHBA-2013:0811
    MD5: 7be4be0732d3c4d21a621a1f31780ae1
SHA-256: 87e10fb13df443318bbd1c895a068bfe64cb419e3fa699900275cdbd6f11d972
gdb-debuginfo-7.2-60.el6.i686.rpm
File outdated by:  RHBA-2013:0811
    MD5: beb94506b62084a2c2b972f1f6bdb1a0
SHA-256: 823cb9a9869ed82ed2fa066660c816813834d280dd54e774f5e2365926701516
gdb-gdbserver-7.2-60.el6.i686.rpm
File outdated by:  RHBA-2013:0811
    MD5: 495ac2bca7fada5629bf563bb79d49cb
SHA-256: bcfbe8763949c1c1b0c57db02ef0ded1a7da8ab65537ced68af95d07de547922
 
PPC:
gdb-7.2-60.el6.ppc64.rpm
File outdated by:  RHBA-2013:0811
    MD5: 6c79d817bd9a61515bb9b332d6bc6ba4
SHA-256: c4cf23f05605734ff6bf0489e0ca243056cdc0fd9b3627c594e2e51a42d33b02
gdb-debuginfo-7.2-60.el6.ppc64.rpm
File outdated by:  RHBA-2013:0811
    MD5: 2191f8df7b82a53f2abe1791e8cacdaa
SHA-256: ee18848b4ab027712f0471fcdb36220d6e4d574789e0c9a84fe801462e63ed3c
gdb-gdbserver-7.2-60.el6.ppc64.rpm
File outdated by:  RHBA-2013:0811
    MD5: 8bbbc276d129cfc33b3e6ae7c84f3e60
SHA-256: c387451d9c11e30842eb5075b8d7e8ef1ad0126b33a9cb180afb3636d148296d
 
s390x:
gdb-7.2-60.el6.s390x.rpm
File outdated by:  RHBA-2013:0811
    MD5: e8c625db85c287746986d7805996f616
SHA-256: b014f89207f867547b414eab6fa8bb26185e1583a2f2506f584cbcd861143a6d
gdb-debuginfo-7.2-60.el6.s390x.rpm
File outdated by:  RHBA-2013:0811
    MD5: e0e88570b6bdc40babe9c96b0d4cb7e4
SHA-256: 8d8ba13df2a25433328723031031c84b4e344250105ee0a23bd69eaa9c0e69b6
gdb-gdbserver-7.2-60.el6.s390x.rpm
File outdated by:  RHBA-2013:0811
    MD5: 0c25ff2f059b342672f01989878460ce
SHA-256: f9e872ace2a8aad959fe6d38d2981c22c2ab335add793e5cd41ebecc820593af
 
x86_64:
gdb-7.2-60.el6.x86_64.rpm
File outdated by:  RHBA-2013:0811
    MD5: ec66afbc0227eee1cbfba42812971f5c
SHA-256: d847960b415a9095d135dae3207a749b82ee5dd208fde784ec6a09635428d99e
gdb-debuginfo-7.2-60.el6.x86_64.rpm
File outdated by:  RHBA-2013:0811
    MD5: 32102b5931b8228a32418f96f089b4f6
SHA-256: fad0d03a9a40dd30036eeb4c2d90fe9c498c9da559ca19ddfec47c2b48e8d1ea
gdb-gdbserver-7.2-60.el6.x86_64.rpm
File outdated by:  RHBA-2013:0811
    MD5: 38b913fad58713c8b47a978ebe4e7a9c
SHA-256: e0de59dc2f73ef5f6cc318cdee200e5efd2dbe8bdfba81a97dea5dab24d4cc1e
 
Red Hat Enterprise Linux Workstation (v. 6)

SRPMS:
gdb-7.2-60.el6.src.rpm
File outdated by:  RHBA-2013:0811
    MD5: fc930cc14c7ae74f40cbd84c17e1d440
SHA-256: ad77f760c4849e0a7686a43bfccba0ba9d7292ecfe9be1aa278707fe1a63cf21
 
IA-32:
gdb-7.2-60.el6.i686.rpm
File outdated by:  RHBA-2013:0811
    MD5: 7be4be0732d3c4d21a621a1f31780ae1
SHA-256: 87e10fb13df443318bbd1c895a068bfe64cb419e3fa699900275cdbd6f11d972
gdb-debuginfo-7.2-60.el6.i686.rpm
File outdated by:  RHBA-2013:0811
    MD5: beb94506b62084a2c2b972f1f6bdb1a0
SHA-256: 823cb9a9869ed82ed2fa066660c816813834d280dd54e774f5e2365926701516
gdb-gdbserver-7.2-60.el6.i686.rpm
File outdated by:  RHBA-2013:0811
    MD5: 495ac2bca7fada5629bf563bb79d49cb
SHA-256: bcfbe8763949c1c1b0c57db02ef0ded1a7da8ab65537ced68af95d07de547922
 
x86_64:
gdb-7.2-60.el6.x86_64.rpm
File outdated by:  RHBA-2013:0811
    MD5: ec66afbc0227eee1cbfba42812971f5c
SHA-256: d847960b415a9095d135dae3207a749b82ee5dd208fde784ec6a09635428d99e
gdb-debuginfo-7.2-60.el6.x86_64.rpm
File outdated by:  RHBA-2013:0811
    MD5: 32102b5931b8228a32418f96f089b4f6
SHA-256: fad0d03a9a40dd30036eeb4c2d90fe9c498c9da559ca19ddfec47c2b48e8d1ea
gdb-gdbserver-7.2-60.el6.x86_64.rpm
File outdated by:  RHBA-2013:0811
    MD5: 38b913fad58713c8b47a978ebe4e7a9c
SHA-256: e0de59dc2f73ef5f6cc318cdee200e5efd2dbe8bdfba81a97dea5dab24d4cc1e
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

703238 - CVE-2011-4355 gdb: object file .debug_gdb_scripts section improper input validation
811648 - Cannot find new threads: generic error
836966 - Backport gdb fix to handle identical binaries via additional build-id symlinks


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/