CVE-2008-1367

N/A Unknown
Published: March 17, 2008 Modified: April 23, 2026
View on NVD

Description

gcc 4.3.x does not generate a cld instruction while compiling functions used for string manipulation such as memcpy and memmove on x86 and i386, which can prevent the direction flag (DF) from being reset in violation of ABI conventions and cause data to be copied in the wrong direction during signal handling in the Linux kernel, which might allow context-dependent attackers to trigger memory corruption. NOTE: this issue was originally reported for CPU consumption in SBCL.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469058
Source: cve@mitre.org
http://gcc.gnu.org/ml/gcc-patches/2008-03/msg00417.html
Source: cve@mitre.org
http://gcc.gnu.org/ml/gcc-patches/2008-03/msg00428.html
Source: cve@mitre.org
http://gcc.gnu.org/ml/gcc-patches/2008-03/msg00432.html
Source: cve@mitre.org
http://gcc.gnu.org/ml/gcc-patches/2008-03/msg00499.html
Source: cve@mitre.org
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e40cd10ccff3d9fbffd57b93780bee4b7b9bff51
Source: cve@mitre.org
http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00006.html
Source: cve@mitre.org
http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00000.html
Source: cve@mitre.org
http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00002.html
Source: cve@mitre.org
http://lists.vmware.com/pipermail/security-announce/2008/000023.html
Source: cve@mitre.org
http://lkml.org/lkml/2008/3/5/207
Source: cve@mitre.org
Exploit
http://lwn.net/Articles/272048/#Comments
Source: cve@mitre.org
http://marc.info/?l=git-commits-head&m=120492000901739&w=2
Source: cve@mitre.org
http://rhn.redhat.com/errata/RHSA-2008-0508.html
Source: cve@mitre.org
http://secunia.com/advisories/30110
Source: cve@mitre.org
http://secunia.com/advisories/30116
Source: cve@mitre.org
http://secunia.com/advisories/30818
Source: cve@mitre.org
http://secunia.com/advisories/30850
Source: cve@mitre.org
http://secunia.com/advisories/30890
Source: cve@mitre.org
http://secunia.com/advisories/30962
Source: cve@mitre.org
http://secunia.com/advisories/31246
Source: cve@mitre.org
http://www.redhat.com/support/errata/RHSA-2008-0211.html
Source: cve@mitre.org
http://www.redhat.com/support/errata/RHSA-2008-0233.html
Source: cve@mitre.org
http://www.securityfocus.com/bid/29084
Source: cve@mitre.org
http://www.vupen.com/english/advisories/2008/2222/references
Source: cve@mitre.org
https://bugzilla.redhat.com/show_bug.cgi?id=437312
Source: cve@mitre.org
https://exchange.xforce.ibmcloud.com/vulnerabilities/41340
Source: cve@mitre.org
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11108
Source: cve@mitre.org
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469058
Source: af854a3a-2127-422b-91ae-364da2661108
http://gcc.gnu.org/ml/gcc-patches/2008-03/msg00417.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://gcc.gnu.org/ml/gcc-patches/2008-03/msg00428.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://gcc.gnu.org/ml/gcc-patches/2008-03/msg00432.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://gcc.gnu.org/ml/gcc-patches/2008-03/msg00499.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e40cd10ccff3d9fbffd57b93780bee4b7b9bff51
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00006.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00000.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00002.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.vmware.com/pipermail/security-announce/2008/000023.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://lkml.org/lkml/2008/3/5/207
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit
http://lwn.net/Articles/272048/#Comments
Source: af854a3a-2127-422b-91ae-364da2661108
http://marc.info/?l=git-commits-head&m=120492000901739&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
http://rhn.redhat.com/errata/RHSA-2008-0508.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/30110
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/30116
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/30818
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/30850
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/30890
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/30962
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/31246
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.redhat.com/support/errata/RHSA-2008-0211.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.redhat.com/support/errata/RHSA-2008-0233.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/29084
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.vupen.com/english/advisories/2008/2222/references
Source: af854a3a-2127-422b-91ae-364da2661108
https://bugzilla.redhat.com/show_bug.cgi?id=437312
Source: af854a3a-2127-422b-91ae-364da2661108
https://exchange.xforce.ibmcloud.com/vulnerabilities/41340
Source: af854a3a-2127-422b-91ae-364da2661108
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11108
Source: af854a3a-2127-422b-91ae-364da2661108

56 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
2.8%
85th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-399

Affected Vendors

gnu

Related CVEs

CVE-2026-9677 N/A
CVE-2026-13245 6.1
CVE-2026-12404 5.3
CVE-2026-10820 N/A
CVE-2026-12415 9.8