CVE-2011-4355
EPSS 0.16%
Description
GNU Project Debugger (GDB) before 7.5, when .debug_gdb_scripts is defined, automatically loads certain files from the current working directory, which allows local users to gain privileges via crafted files such as Python scripts.
How to fix CVE-2011-4355
To remediate CVE-2011-4355, upgrade the affected package to a fixed version below.
- Debian/gdb—upgrade to 7.6-1 or later
Is CVE-2011-4355 being exploited?
Low — EPSS is 0.2%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 7.6-1