It was discovered [1],[2] the the GNU Debugger (gdb) would load untrusted files from the current working directory when .debug_gdb_scripts was defined. While this was a design decision, it is an insecure one and users who do not pre-inspect untrusted files may execute arbitrary code with their privileges. [1] http://sourceware.org/ml/gdb-patches/2011-04/msg00559.html [2] http://sourceware.org/ml/gdb-patches/2011-05/msg00202.html
Created gdb tracking bugs for this issue Affects: fedora-all [bug 756117]
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2013:0522 https://rhn.redhat.com/errata/RHSA-2013-0522.html