SUSE 5184 Published by

A security update for GDB has been issued for SUSE Linux:

SUSE-SU-2024:4414-1: moderate: Security update for gdb




SUSE-SU-2024:4414-1: moderate: Security update for gdb


# Security update for gdb

Announcement ID: SUSE-SU-2024:4414-1
Release Date: 2024-12-23T19:43:48Z
Rating: moderate
References:

* bsc#1220490
* jsc#PED-10258
* jsc#PED-10751

Cross-References:

* CVE-2022-4806

CVSS scores:

* CVE-2022-4806 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
* CVE-2022-4806 ( NVD ): 8.2 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

Affected Products:

* Development Tools Module 15-SP5
* Development Tools Module 15-SP6
* openSUSE Leap 15.4
* openSUSE Leap 15.5
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP4 LTSS
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves one vulnerability and contains two features can now be
installed.

## Description:

This update for gdb fixes the following issues:

Mention changes in GDB 14:

* GDB now supports the AArch64 Scalable Matrix Extension 2 (SME2), which
includes a new 512 bit lookup table register named ZT0.
* GDB now supports the AArch64 Scalable Matrix Extension (SME), which includes
a new matrix register named ZA, a new thread register TPIDR2 and a new
vector length register SVG (streaming vector granule). GDB also supports
tracking ZA state across signal frames. Some features are still under
development or are dependent on ABI specs that are still in alpha stage. For
example, manual function calls with ZA state don't have any special
handling, and tracking of SVG changes based on DWARF information is still
not implemented, but there are plans to do so in the future.
* GDB now recognizes the NO_COLOR environment variable and disables styling
according to the spec. See https://no-color.org/. Styling can be re-enabled
with "set style enabled on".
* The AArch64 'org.gnu.gdb.aarch64.pauth' Pointer Authentication feature
string has been deprecated in favor of the 'org.gnu.gdb.aarch64.pauth_v2'
feature string.
* GDB now has some support for integer types larger than 64 bits.
* Multi-target feature configuration. GDB now supports the individual
configuration of remote targets' feature sets. Based on the current
selection of a target, the commands 'set remote -packet (on|off|auto)'
and 'show remote -packet' can be used to configure a target's feature
packet and to display its configuration, respectively.
* GDB has initial built-in support for the Debugger Adapter Protocol.
* For the break command, multiple uses of the 'thread' or 'task' keywords will
now give an error instead of just using the thread or task id from the last
instance of the keyword. E.g.: break foo thread 1 thread 2 will now give an
error rather than using 'thread 2'.
* For the watch command, multiple uses of the 'task' keyword will now give an
error instead of just using the task id from the last instance of the
keyword. E.g.: watch my_var task 1 task 2 will now give an error rather than
using 'task 2'. The 'thread' keyword already gave an error when used
multiple times with the watch command, this remains unchanged.
* The 'set print elements' setting now helps when printing large arrays. If an
array would otherwise exceed max-value-size, but 'print elements' is set
such that the size of elements to print is less than or equal to 'max-value-
size', GDB will now still print the array, however only 'max-value-size'
worth of data will be added into the value history.
* For both the break and watch commands, it is now invalid to use both the
'thread' and 'task' keywords within the same command. For example the
following commnds will now give an error: break foo thread 1 task 1 watch
var thread 2 task 3
* The printf command now accepts a '%V' output format which will format an
expression just as the 'print' command would. Print options can be placed
withing '[...]' after the '%V' to modify how the value is printed. E.g:
printf "%V", some_array printf "%V[-array-indexes on]", some_array will
print the array without, or with array indexes included, just as the array
would be printed by the 'print' command. This functionality is also
available for dprintf when dprintf-style is 'gdb'.
* When the printf command requires a string to be fetched from the inferior,
GDB now uses the existing 'max-value-size' setting to the limit the memory
allocated within GDB. The default 'max-value-size' is 64k. To print longer
strings you should increase 'max-value-size'.
* The Ada 2022 Enum_Rep and Enum_Val attributes are now supported.
* The Ada 2022 target name symbol ('@') is now supported by the Ada expression
parser.
* The 'list' command now accepts '.' as an argument, which tells GDB to print
the location around the point of execution within the current frame. If the
inferior hasn't started yet, the command will print around the beginning of
the 'main' function.
* Using the 'list' command with no arguments in a situation where the command
would attempt to list past the end of the file now warns the user that the
end of file has been reached, refers the user to the newly added '.'
argument
* Breakpoints can now be inferior-specific. This is similar to the existing
thread-specific breakpoint support. Breakpoint conditions can include the
'inferior' keyword followed by an inferior id (as displayed in the 'info
inferiors' output). It is invalid to use the 'inferior' keyword with either
the 'thread' or 'task' keywords when creating a breakpoint.
* New convenience function "$_shell", to execute a shell command and return
the result. This lets you run shell commands in expressions. Some examples:
(gdb) p $_shell("true") $1 = 0 (gdb) p $_shell("false") $2 = 1 (gdb) break
func if $_shell("some command") == 0
* New commands:

* set debug breakpoint on|off show debug breakpoint Print additional debug
messages about breakpoint insertion and removal.

* maintenance print record-instruction [ N ] Print the recorded information
for a given instruction. If N is not given prints how GDB would undo the
last instruction executed. If N is negative, prints how GDB would undo the
N-th previous instruction, and if N is positive, it prints how GDB will redo
the N-th following instruction.
* maintenance info frame-unwinders List the frame unwinders currently in
effect, starting with the highest priority.
* maintenance wait-for-index-cache Wait until all pending writes to the index
cache have completed.
* set always-read-ctf on|off show always-read-ctf When off, CTF is only read
if DWARF is not present. When on, CTF is read regardless of whether DWARF is
present. Off by default.
* info main Get main symbol to identify entry point into program.
* set tui mouse-events [on|off] show tui mouse-events When on (default), mouse
clicks control the TUI and can be accessed by Python extensions. When off,
mouse clicks are handled by the terminal, enabling terminal-native text
selection.

* MI changes:

* MI version 1 has been removed.

* mi now reports 'no-history' as a stop reason when hitting the end of the
reverse execution history.
* When creating a thread-specific breakpoint using the '-p' option, the
-break-insert command would report the 'thread' field twice in the reply.
The content of both fields was always identical. This has now been fixed;
the 'thread' field will be reported just once for thread-specific
breakpoints, or not at all for breakpoints without a thread restriction. The
same is also true for the 'task' field of an Ada task-specific breakpoint.
* It is no longer possible to create a thread-specific breakpoint for a thread that doesn't exist using '-break-insert -p ID'. Creating breakpoints for non-existent threads is not allowed when using the CLI, that the MI allowed it was a long standing bug, which has now been fixed.
* The '\--simple-values' argument to the '-stack-list-arguments','-stack-list-
locals', '-stack-list-variables', and '-var-list-children' commands now
takes reference types into account: that is, a value is now considered
simple if it is neither an array, structure, or union, nor a reference to an
array, structure, or union. (Previously all references were considered
simple.) Support for this feature can be verified by using the '-list-
features' command, which should contain "simple-values-ref-types".
* The -break-insert command now accepts a '-g thread-group-id' option to allow
for the creation of inferior-specific breakpoints.
* The bkpt tuple, which appears in breakpoint-created notifications, and in
the result of the -break-insert command can now include an optional
'inferior' field for both the main breakpoint, and each location, when the
breakpoint is inferior-specific.

* Python API:

* gdb.ThreadExitedEvent added. Emits a ThreadEvent.

* The gdb.unwinder.Unwinder.name attribute is now read-only.
* The name argument passed to gdb.unwinder.Unwinder. **init** must now be of
type 'str' otherwise a TypeError will be raised.
* The gdb.unwinder.Unwinder.enabled attribute can now only accept values of
type 'bool'. Changing this attribute will now invalidate GDB's frame-cache,
which means GDB will need to rebuild its frame-cache when next required -
either with, or without the particular unwinder, depending on how 'enabled'
was changed.
* New methods added to the gdb.PendingFrame class. These methods have the same
behaviour as the corresponding methods on gdb.Frame. The new methods are:
* gdb.PendingFrame.name: Return the name for the frame's function, or None.
* gdb.PendingFrame.is_valid: Return True if the pending frame object is valid.
* gdb.PendingFrame.pc: Return the $pc register value for this frame.
* gdb.PendingFrame.language: Return a string containing the language for this frame, or None.
* gdb.PendingFrame.find_sal: Return a gdb.Symtab_and_line object for the current location within the pending frame, or None.
* gdb.PendingFrame.block: Return a gdb.Block for the current pending frame, or None.
* gdb.PendingFrame.function: Return a gdb.Symbol for the current pending frame, or None.
* The frame-id passed to gdb.PendingFrame.create_unwind_info can now use
either an integer or a gdb.Value object for each of its 'sp', 'pc', and
'special' attributes.
* A new class gdb.unwinder.FrameId has been added. Instances of this class are
constructed with 'sp' (stack-pointer) and 'pc' (program-counter) values, and
can be used as the frame-id when calling
gdb.PendingFrame.create_unwind_info.
* It is now no longer possible to sub-class the
gdb.disassembler.DisassemblerResult type.
* The Disassembler API from the gdb.disassembler module has been extended to
include styling support:
* The DisassemblerResult class can now be initialized with a list of parts. Each part represents part of the disassembled instruction along with the associated style information. This list of parts can be accessed with the new DisassemblerResult.parts property.
* New constants gdb.disassembler.STYLE_* representing all the different styles part of an instruction might have.
* New methods DisassembleInfo.text_part and DisassembleInfo.address_part which are used to create the new styled parts of a disassembled instruction.
* Changes are backwards compatible, the older API can still be used to disassemble instructions without styling.
* New function gdb.execute_mi(COMMAND, [ARG]...), that invokes a GDB/MI
command and returns the output as a Python dictionary.
* New function gdb.block_signals(). This returns a context manager that blocks
any signals that GDB needs to handle itself.
* New class gdb.Thread. This is a subclass of threading.Thread that calls
gdb.block_signals in its "start" method.
* gdb.parse_and_eval now has a new "global_context" parameter. This can be
used to request that the parse only examine global symbols.
* gdb.Inferior now has a new "arguments" attribute. This holds the command-
line arguments to the inferior, if known.
* gdb.Inferior now has a new "main_name" attribute. This holds the name of the
inferior's "main", if known.
* gdb.Inferior now has new methods "clear_env", "set_env", and "unset_env".
These can be used to modify the inferior's environment before it is started.
* gdb.Value now has the 'assign' method.
* gdb.Value now has the 'to_array' method. This converts an array-like Value
to an array.
* gdb.Progspace now has the new method "objfile_for_address". This returns the
gdb.Objfile, if any, that covers a given address.
* gdb.Breakpoint now has an "inferior" attribute. If the Breakpoint object is
inferior specific then this attribute holds the inferior-id (an integer). If
the Breakpoint object is not inferior specific, then this field contains
None. This field can be written too.
* gdb.Type now has the "is_array_like" and "is_string_like" methods. These
reflect GDB's internal idea of whether a type might be array- or string-
like, even if they do not have the corresponding type code.
* gdb.ValuePrinter is a new class that can be used as the base class for the
result of applying a pretty-printer. As a base class, it signals to gdb that
the printer may implement new pretty-printer methods.
* New attribute Progspace.symbol_file. This attribute holds the gdb.Objfile
that corresponds to Progspace.filename (when Progspace.filename is not
None), otherwise, this attribute is itself None.
* New attribute Progspace.executable_filename. This attribute holds a string
containing a file name set by the "exec-file" or "file" commands, or None if
no executable file is set. This isn't the exact string passed by the user to
these commands; the file name will have been partially resolved to an
absolute file name.
* A new executable_changed event registry is available. This event emits
ExecutableChangedEvent objects, which have 'progspace' (a gdb.Progspace) and
'reload' (a Boolean) attributes. This event is emitted when
gdb.Progspace.executable_filename changes.
* New event registries gdb.events.new_progspace and gdb.events.free_progspace,
these emit NewProgspaceEvent and FreeProgspaceEvent event types
respectively. Both of these event types have a single 'progspace' attribute,
which is the gdb.Progspace that is either being added to GDB, or removed
from GDB.
* gdb.LazyString now implements the **str** method.
* New method gdb.Frame.static_link that returns the outer frame of a nested
function frame.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2024-4414=1

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-4414=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2024-4414=1

* Development Tools Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-4414=1

* Development Tools Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-4414=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-4414=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-4414=1

* SUSE Linux Enterprise Desktop 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-4414=1

* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-4414=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-4414=1

## Package List:

* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* gdb-debugsource-14.2-150400.15.20.1
* gdb-debuginfo-14.2-150400.15.20.1
* gdbserver-14.2-150400.15.20.1
* gdb-14.2-150400.15.20.1
* gdbserver-debuginfo-14.2-150400.15.20.1
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586 nosrc)
* gdb-testresults-14.2-150400.15.20.1
* openSUSE Leap 15.4 (aarch64_ilp32)
* gdbserver-64bit-14.2-150400.15.20.1
* gdb-64bit-debuginfo-14.2-150400.15.20.1
* gdbserver-64bit-debuginfo-14.2-150400.15.20.1
* gdb-64bit-14.2-150400.15.20.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* gdb-debugsource-14.2-150400.15.20.1
* gdb-debuginfo-14.2-150400.15.20.1
* gdbserver-14.2-150400.15.20.1
* gdb-14.2-150400.15.20.1
* gdbserver-debuginfo-14.2-150400.15.20.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 nosrc)
* gdb-testresults-14.2-150400.15.20.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* gdb-debugsource-14.2-150400.15.20.1
* gdb-debuginfo-14.2-150400.15.20.1
* gdbserver-14.2-150400.15.20.1
* gdb-14.2-150400.15.20.1
* gdbserver-debuginfo-14.2-150400.15.20.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 nosrc)
* gdb-testresults-14.2-150400.15.20.1
* Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* gdb-debugsource-14.2-150400.15.20.1
* gdb-debuginfo-14.2-150400.15.20.1
* gdbserver-14.2-150400.15.20.1
* gdb-14.2-150400.15.20.1
* gdbserver-debuginfo-14.2-150400.15.20.1
* Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* gdb-debugsource-14.2-150400.15.20.1
* gdb-debuginfo-14.2-150400.15.20.1
* gdbserver-14.2-150400.15.20.1
* gdb-14.2-150400.15.20.1
* gdbserver-debuginfo-14.2-150400.15.20.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* gdb-debugsource-14.2-150400.15.20.1
* gdb-debuginfo-14.2-150400.15.20.1
* gdbserver-14.2-150400.15.20.1
* gdb-14.2-150400.15.20.1
* gdbserver-debuginfo-14.2-150400.15.20.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* gdb-debugsource-14.2-150400.15.20.1
* gdb-debuginfo-14.2-150400.15.20.1
* gdbserver-14.2-150400.15.20.1
* gdb-14.2-150400.15.20.1
* gdbserver-debuginfo-14.2-150400.15.20.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS (x86_64)
* gdb-debugsource-14.2-150400.15.20.1
* gdb-debuginfo-14.2-150400.15.20.1
* gdbserver-14.2-150400.15.20.1
* gdb-14.2-150400.15.20.1
* gdbserver-debuginfo-14.2-150400.15.20.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
* gdb-debugsource-14.2-150400.15.20.1
* gdb-debuginfo-14.2-150400.15.20.1
* gdbserver-14.2-150400.15.20.1
* gdb-14.2-150400.15.20.1
* gdbserver-debuginfo-14.2-150400.15.20.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* gdb-debugsource-14.2-150400.15.20.1
* gdb-debuginfo-14.2-150400.15.20.1
* gdbserver-14.2-150400.15.20.1
* gdb-14.2-150400.15.20.1
* gdbserver-debuginfo-14.2-150400.15.20.1

## References:

* https://www.suse.com/security/cve/CVE-2022-4806.html
* https://bugzilla.suse.com/show_bug.cgi?id=1220490
* https://jira.suse.com/browse/PED-10258
* https://jira.suse.com/browse/PED-10751