{"id":"UBUNTU-CVE-2023-39129","details":"GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap use after free via the function add_pe_exported_sym() at /gdb/coff-pe-read.c.","modified":"2026-01-30T00:33:42.051720Z","published":"2023-07-25T19:15:00Z","related":["USN-6842-1"],"upstream":["CVE-2023-39129"],"references":[{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2023-39129"},{"type":"REPORT","url":"https://www.cve.org/CVERecord?id=CVE-2023-39129"},{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-6842-1"}],"affected":[{"package":{"name":"gdb","ecosystem":"Ubuntu:Pro:16.04:LTS","purl":"pkg:deb/ubuntu/gdb@7.11.1-0ubuntu1~16.5+esm1?arch=source&distro=esm-infra/xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7.11.1-0ubuntu1~16.5+esm1"}]}],"versions":["7.10-1ubuntu2","7.10-1ubuntu3","7.10.1-0ubuntu1","7.10.90.20160215-0ubuntu2","7.10.90.20160220-0ubuntu1","7.11-0ubuntu1","7.11.1-0ubuntu1~16.04","7.11.1-0ubuntu1~16.5"],"ecosystem_specific":{"binaries":[{"binary_name":"gdb","binary_version":"7.11.1-0ubuntu1~16.5+esm1"},{"binary_name":"gdb-multiarch","binary_version":"7.11.1-0ubuntu1~16.5+esm1"},{"binary_name":"gdb-source","binary_version":"7.11.1-0ubuntu1~16.5+esm1"},{"binary_name":"gdb64","binary_version":"7.11.1-0ubuntu1~16.5+esm1"},{"binary_name":"gdbserver","binary_version":"7.11.1-0ubuntu1~16.5+esm1"}],"availability":"Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro","priority_reason":"Crash in a command line tool, negligible security impact"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2023/UBUNTU-CVE-2023-39129.json"}},{"package":{"name":"gdb","ecosystem":"Ubuntu:Pro:18.04:LTS","purl":"pkg:deb/ubuntu/gdb@8.1.1-0ubuntu1+esm1?arch=source&distro=esm-infra/bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.1.1-0ubuntu1+esm1"}]}],"versions":["8.0.1-0ubuntu1","8.0.1-0ubuntu2","8.0.1-0ubuntu3","8.1-0ubuntu1","8.1-0ubuntu2","8.1-0ubuntu3","8.1-0ubuntu3.1","8.1-0ubuntu3.2","8.1.1-0ubuntu1"],"ecosystem_specific":{"binaries":[{"binary_name":"gdb","binary_version":"8.1.1-0ubuntu1+esm1"},{"binary_name":"gdb-multiarch","binary_version":"8.1.1-0ubuntu1+esm1"},{"binary_name":"gdb-source","binary_version":"8.1.1-0ubuntu1+esm1"},{"binary_name":"gdbserver","binary_version":"8.1.1-0ubuntu1+esm1"}],"availability":"Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro","priority_reason":"Crash in a command line tool, negligible security impact"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2023/UBUNTU-CVE-2023-39129.json"}},{"package":{"name":"gdb","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/gdb@9.2-0ubuntu1~20.04.2?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"9.2-0ubuntu1~20.04.2"}]}],"versions":["8.3-0ubuntu1","9.0.50.20191019-0ubuntu1","9.0.50.20191119-0ubuntu1","9.0.90.20191216-0ubuntu1","9.0.90.20200105-0ubuntu1","9.0.90.20200117-0ubuntu1","9.1-0ubuntu1","9.2-0ubuntu1~20.04","9.2-0ubuntu1~20.04.1"],"ecosystem_specific":{"binaries":[{"binary_name":"gdb","binary_version":"9.2-0ubuntu1~20.04.2"},{"binary_name":"gdb-multiarch","binary_version":"9.2-0ubuntu1~20.04.2"},{"binary_name":"gdb-source","binary_version":"9.2-0ubuntu1~20.04.2"},{"binary_name":"gdbserver","binary_version":"9.2-0ubuntu1~20.04.2"}],"availability":"No subscription required","priority_reason":"Crash in a command line tool, negligible security impact"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2023/UBUNTU-CVE-2023-39129.json"}},{"package":{"name":"gdb","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/gdb@12.1-0ubuntu1~22.04.2?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"12.1-0ubuntu1~22.04.2"}]}],"versions":["11.1-0ubuntu2","11.1-0ubuntu3","11.2-0ubuntu1","12.0.50.20220217-0ubuntu1","12.0.90-0ubuntu1","12.1-0ubuntu1~22.04"],"ecosystem_specific":{"binaries":[{"binary_name":"gdb","binary_version":"12.1-0ubuntu1~22.04.2"},{"binary_name":"gdb-multiarch","binary_version":"12.1-0ubuntu1~22.04.2"},{"binary_name":"gdb-source","binary_version":"12.1-0ubuntu1~22.04.2"},{"binary_name":"gdbserver","binary_version":"12.1-0ubuntu1~22.04.2"}],"availability":"No subscription required","priority_reason":"Crash in a command line tool, negligible security impact"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2023/UBUNTU-CVE-2023-39129.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}]}