CVE-2006-4146

Description

Buffer overflow in the (1) DWARF (dwarfread.c) and (2) DWARF2 (dwarf2read.c) debugging code in GNU Debugger (GDB) 6.5 allows user-assisted attackers, or restricted users, to execute arbitrary code via a crafted file with a location block (DW_FORM_block) that contains a large number of operations.

How to fix CVE-2006-4146

To remediate CVE-2006-4146, upgrade the affected package to a fixed version below.

• Debian/gdb—upgrade to 7.3-1 or later

Is CVE-2006-4146 being exploited?

Low — EPSS is 1.3%, meaning exploitation activity has not been observed at scale.

Affected packages (1)

• from 0, < 7.3-1

References (1)

• ADVISORYsecurity-tracker.debian.org/tracker/CVE-2006-4146