지락문화예술공작단

USN-3367-1: gdb vulnerabilities Ubuntu Security Notice USN-3367-1 26th July, 2017 gdb vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 17.04 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Summary Several security issues were fixed in gdb. Software description gdb – GNU Debugger Details Hanno Böck discovered that gdb incorrectly handled certain malformed AOUTheaders in PE executables. If a user or automated system were tricked intoprocessing a specially crafted binary, a remote attacker could use thisissue to cause gdb to crash, resulting in a denial of service, or possiblyexecute arbitrary code. This issue only applied to Ubuntu 14.04 LTS.(CVE-2014-8501) It was discovered that gdb incorrectly handled printing bad bytes in IntelHex objects. If a user or automated system were tricked into processing aspecially crafted binary, a remote attacker could use this issue to causegdb to crash, resulting in [ more… ]

USN-3368-1: libiberty vulnerabilities Ubuntu Security Notice USN-3368-1 26th July, 2017 libiberty vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 17.04 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Summary Several security issues were fixed in libiberty. Software description libiberty – library of utility functions used by GNU programs Details It was discovered that libiberty incorrectly handled certain stringoperations. If a user or automated system were tricked into processing aspecially crafted binary, a remote attacker could use this issue to causelibiberty to crash, resulting in a denial of service, or possibly executearbitrary code. This issue only applied to Ubuntu 14.04 LTS and Ubuntu16.04 LTS. (CVE-2016-2226) It was discovered that libiberty incorrectly handled parsing certainbinaries. If a user or automated system were tricked into processing aspecially crafted binary, a remote attacker could use this issue to causelibiberty to crash, [ more… ]