1. CVE-Search
  2. CVE-2008-1367
ID CVE-2008-1367
Summary gcc 4.3.x does not generate a cld instruction while compiling functions used for string manipulation such as memcpy and memmove on x86 and i386, which can prevent the direction flag (DF) from being reset in violation of ABI conventions and cause data to be copied in the wrong direction during signal handling in the Linux kernel, which might allow context-dependent attackers to trigger memory corruption. NOTE: this issue was originally reported for CPU consumption in SBCL. Subscription required to access Link 1014774
References
Vulnerable Configurations
  • cpe:2.3:a:gnu:gcc:4.3:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gcc:4.3:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 29-09-2017 - 01:30)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
oval via4
accepted 2013-04-29T04:11:33.596-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 3
    oval oval:org.mitre.oval:def:11782
  • comment CentOS Linux 3.x
    oval oval:org.mitre.oval:def:16651
  • comment The operating system installed on the system is Red Hat Enterprise Linux 4
    oval oval:org.mitre.oval:def:11831
  • comment CentOS Linux 4.x
    oval oval:org.mitre.oval:def:16636
  • comment Oracle Linux 4.x
    oval oval:org.mitre.oval:def:15990
  • comment The operating system installed on the system is Red Hat Enterprise Linux 5
    oval oval:org.mitre.oval:def:11414
  • comment The operating system installed on the system is CentOS Linux 5.x
    oval oval:org.mitre.oval:def:15802
  • comment Oracle Linux 5.x
    oval oval:org.mitre.oval:def:15459
description gcc 4.3.x does not generate a cld instruction while compiling functions used for string manipulation such as memcpy and memmove on x86 and i386, which can prevent the direction flag (DF) from being reset in violation of ABI conventions and cause data to be copied in the wrong direction during signal handling in the Linux kernel, which might allow context-dependent attackers to trigger memory corruption. NOTE: this issue was originally reported for CPU consumption in SBCL.
family unix
id oval:org.mitre.oval:def:11108
status accepted
submitted 2010-07-09T03:56:16-04:00
title gcc 4.3.x does not generate a cld instruction while compiling functions used for string manipulation such as memcpy and memmove on x86 and i386, which can prevent the direction flag (DF) from being reset in violation of ABI conventions and cause data to be copied in the wrong direction during signal handling in the Linux kernel, which might allow context-dependent attackers to trigger memory corruption. NOTE: this issue was originally reported for CPU consumption in SBCL.
version 30
redhat via4
advisories
  • rhsa
    id RHSA-2008:0211
  • rhsa
    id RHSA-2008:0233
  • rhsa
    id RHSA-2008:0508
rpms
  • kernel-0:2.4.21-57.EL
  • kernel-BOOT-0:2.4.21-57.EL
  • kernel-debuginfo-0:2.4.21-57.EL
  • kernel-doc-0:2.4.21-57.EL
  • kernel-hugemem-0:2.4.21-57.EL
  • kernel-hugemem-unsupported-0:2.4.21-57.EL
  • kernel-smp-0:2.4.21-57.EL
  • kernel-smp-unsupported-0:2.4.21-57.EL
  • kernel-source-0:2.4.21-57.EL
  • kernel-unsupported-0:2.4.21-57.EL
  • kernel-0:2.6.18-53.1.19.el5
  • kernel-PAE-0:2.6.18-53.1.19.el5
  • kernel-PAE-debuginfo-0:2.6.18-53.1.19.el5
  • kernel-PAE-devel-0:2.6.18-53.1.19.el5
  • kernel-debug-0:2.6.18-53.1.19.el5
  • kernel-debug-debuginfo-0:2.6.18-53.1.19.el5
  • kernel-debug-devel-0:2.6.18-53.1.19.el5
  • kernel-debuginfo-0:2.6.18-53.1.19.el5
  • kernel-debuginfo-common-0:2.6.18-53.1.19.el5
  • kernel-devel-0:2.6.18-53.1.19.el5
  • kernel-doc-0:2.6.18-53.1.19.el5
  • kernel-headers-0:2.6.18-53.1.19.el5
  • kernel-kdump-0:2.6.18-53.1.19.el5
  • kernel-kdump-debuginfo-0:2.6.18-53.1.19.el5
  • kernel-kdump-devel-0:2.6.18-53.1.19.el5
  • kernel-xen-0:2.6.18-53.1.19.el5
  • kernel-xen-debuginfo-0:2.6.18-53.1.19.el5
  • kernel-xen-devel-0:2.6.18-53.1.19.el5
  • kernel-0:2.6.9-67.0.20.EL
  • kernel-debuginfo-0:2.6.9-67.0.20.EL
  • kernel-devel-0:2.6.9-67.0.20.EL
  • kernel-doc-0:2.6.9-67.0.20.EL
  • kernel-hugemem-0:2.6.9-67.0.20.EL
  • kernel-hugemem-devel-0:2.6.9-67.0.20.EL
  • kernel-largesmp-0:2.6.9-67.0.20.EL
  • kernel-largesmp-devel-0:2.6.9-67.0.20.EL
  • kernel-smp-0:2.6.9-67.0.20.EL
  • kernel-smp-devel-0:2.6.9-67.0.20.EL
  • kernel-xenU-0:2.6.9-67.0.20.EL
  • kernel-xenU-devel-0:2.6.9-67.0.20.EL
refmap via4
bid 29084
confirm
misc http://lwn.net/Articles/272048/#Comments
mlist
  • [Security-announce] 20080728 VMSA-2008-00011 Updated ESX service console packages for Samba and vmnix
  • [gcc-patches] 20080306 Re: [PATCH, i386]: Emit cld instruction when stringops are used
  • [gcc-patches] 20080306 [PATCH, i386]: Emit cld instruction when stringops are used
  • [gcc-patches] 20080307 Re: [PATCH, i386]: Emit cld instruction when stringops are used
  • [git-commits-head] 20080307 x86: clear DF before calling signal handler
  • [linux-kernel] 20080305 Linux doesn't follow x86/x86-64 ABI wrt direction flag
secunia
  • 30110
  • 30116
  • 30818
  • 30850
  • 30890
  • 30962
  • 31246
suse
  • SUSE-SA:2008:030
  • SUSE-SA:2008:031
  • SUSE-SA:2008:032
vupen ADV-2008-2222
xf gcc-cld-dos(41340)
Last major update 29-09-2017 - 01:30
Published 17-03-2008 - 23:44
Last modified 29-09-2017 - 01:30
Back to Top