CVE-2008-1367 (CNNVD-200803-258)

HIGH
中文标题:
Linux Kernel Direction Flag本地内存崩溃漏洞
英文标题:
gcc 4.3.x does not generate a cld instruction while compiling functions used for string manipulation...
CVSS分数: 7.5
发布时间: 2008-03-17 23:00:00
漏洞类型: 资源管理错误
状态: PUBLISHED
数据质量分数: 0.30
数据版本: v3
漏洞描述
中文描述:

gcc 在编辑用于如memcpy 和 memmove on x86 以及 i386那样的字符串处理函数时,不会产生一个cld指令,这会阻止direction flag (DF)违背ABI惯例时重新启动并造成在Linux内核程序处理信号的时候把数据拷贝在错误的方向从而允许依靠内容的攻击者处罚内存破坏。注意:该漏洞原本被报道成会引起SBCL中的CPU损耗。

英文描述:

gcc 4.3.x does not generate a cld instruction while compiling functions used for string manipulation such as memcpy and memmove on x86 and i386, which can prevent the direction flag (DF) from being reset in violation of ABI conventions and cause data to be copied in the wrong direction during signal handling in the Linux kernel, which might allow context-dependent attackers to trigger memory corruption. NOTE: this issue was originally reported for CPU consumption in SBCL.

CWE类型:
CWE-399
标签:
(暂无数据)
受影响产品
厂商 产品 版本 版本范围 平台 CPE
gnu gcc 4.3 - - cpe:2.3:a:gnu:gcc:4.3:*:*:*:*:*:*:*
解决方案
中文解决方案:
(暂无数据)
英文解决方案:
(暂无数据)
临时解决方案:
(暂无数据)
参考链接
30962 third-party-advisory
cve.org
访问
[gcc-patches] 20080307 Re: [PATCH, i386]: Emit cld instruction when stringops are used mailing-list
cve.org
访问
[gcc-patches] 20080306 Re: [PATCH, i386]: Emit cld instruction when stringops are used mailing-list
cve.org
访问
[gcc-patches] 20080306 Re: [PATCH, i386]: Emit cld instruction when stringops are used mailing-list
cve.org
访问
无标题 x_refsource_CONFIRM
cve.org
访问
[linux-kernel] 20080305 Linux doesn't follow x86/x86-64 ABI wrt direction flag mailing-list
cve.org
访问
30850 third-party-advisory
cve.org
访问
30116 third-party-advisory
cve.org
访问
RHSA-2008:0233 vendor-advisory
cve.org
访问
30110 third-party-advisory
cve.org
访问
SUSE-SA:2008:031 vendor-advisory
cve.org
访问
ADV-2008-2222 vdb-entry
cve.org
访问
[git-commits-head] 20080307 x86: clear DF before calling signal handler mailing-list
cve.org
访问
29084 vdb-entry
cve.org
访问
gcc-cld-dos(41340) vdb-entry
cve.org
访问
无标题 x_refsource_CONFIRM
cve.org
访问
无标题 x_refsource_MISC
cve.org
访问
RHSA-2008:0211 vendor-advisory
cve.org
访问
oval:org.mitre.oval:def:11108 vdb-entry
cve.org
访问
30890 third-party-advisory
cve.org
访问
RHSA-2008:0508 vendor-advisory
cve.org
访问
[Security-announce] 20080728 VMSA-2008-00011 Updated ESX service console packages for Samba and vmnix mailing-list
cve.org
访问
SUSE-SA:2008:030 vendor-advisory
cve.org
访问
无标题 x_refsource_CONFIRM
cve.org
访问
31246 third-party-advisory
cve.org
访问
[gcc-patches] 20080306 [PATCH, i386]: Emit cld instruction when stringops are used mailing-list
cve.org
访问
30818 third-party-advisory
cve.org
访问
SUSE-SA:2008:032 vendor-advisory
cve.org
访问
CVSS评分详情
7.5
HIGH
CVSS向量: AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS版本: 2.0
机密性
PARTIAL
完整性
PARTIAL
可用性
PARTIAL
时间信息
发布时间:
2008-03-17 23:00:00
修改时间:
2024-08-07 08:17:34
创建时间:
2025-11-11 15:32:51
更新时间:
2025-11-11 15:49:24
利用信息
暂无可利用代码信息
数据源详情
数据源 记录ID 版本 提取时间
CVE cve_CVE-2008-1367 2025-11-11 15:17:59 2025-11-11 07:32:51
NVD nvd_CVE-2008-1367 2025-11-11 14:52:33 2025-11-11 07:41:37
CNNVD cnnvd_CNNVD-200803-258 2025-11-11 15:09:00 2025-11-11 07:49:24
版本与语言
当前版本: v3
主要语言: EN
支持语言:
EN ZH
安全公告
暂无安全公告信息
变更历史
v3 CNNVD
2025-11-11 15:49:24
vulnerability_type: 未提取 → 资源管理错误; cnnvd_id: 未提取 → CNNVD-200803-258; data_sources: ['cve', 'nvd'] → ['cnnvd', 'cve', 'nvd']
查看详细变更
  • vulnerability_type: 未提取 -> 资源管理错误
  • cnnvd_id: 未提取 -> CNNVD-200803-258
  • data_sources: ['cve', 'nvd'] -> ['cnnvd', 'cve', 'nvd']
v2 NVD
2025-11-11 15:41:37
severity: SeverityLevel.MEDIUM → SeverityLevel.HIGH; cvss_score: 未提取 → 7.5; cvss_vector: NOT_EXTRACTED → AV:N/AC:L/Au:N/C:P/I:P/A:P; cvss_version: NOT_EXTRACTED → 2.0; affected_products_count: 0 → 1; data_sources: ['cve'] → ['cve', 'nvd']
查看详细变更
  • severity: SeverityLevel.MEDIUM -> SeverityLevel.HIGH
  • cvss_score: 未提取 -> 7.5
  • cvss_vector: NOT_EXTRACTED -> AV:N/AC:L/Au:N/C:P/I:P/A:P
  • cvss_version: NOT_EXTRACTED -> 2.0
  • affected_products_count: 0 -> 1
  • data_sources: ['cve'] -> ['cve', 'nvd']