Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2008-1367
HistoryMar 17, 2008 - 11:44 p.m.

CVE-2008-1367

2008-03-1723:44:00
CWE-399
[email protected]
web.nvd.nist.gov
40
cve-2008-1367
gcc 4.3.x
cld instruction
data corruption
linux kernel
memory corruption
abi conventions
x86
i386
memcpy
memmove

5.9 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.015 Low

EPSS

Percentile

86.7%

JSON

gcc 4.3.x does not generate a cld instruction while compiling functions used for string manipulation such as memcpy and memmove on x86 and i386, which can prevent the direction flag (DF) from being reset in violation of ABI conventions and cause data to be copied in the wrong direction during signal handling in the Linux kernel, which might allow context-dependent attackers to trigger memory corruption. NOTE: this issue was originally reported for CPU consumption in SBCL.

CPENameOperatorVersion
gnu:gccgnu gcceq4.3

References

Related

prion 1
debiancve 1
veracode 1
ubuntucve 1
openvas 20
nessus 17
centos 3
redhat 3
suse 3
oraclelinux 4
vmware 2
prion
prion
Memory corruption
2008-03-17 23:44:00
debiancve
debiancve
CVE-2008-1367
2008-03-17 23:44:00
veracode
veracode
Privilege Escalation
2020-04-10 00:27:34
ubuntucve
ubuntucve
CVE-2008-1367
2008-03-17 00:00:00
openvas
openvas
RedHat Update for kernel RHSA-2008:0508-01
2009-03-06 00:00:00
CentOS Update for kernel CESA-2008:0508 centos4 i386
2009-02-27 00:00:00
SuSE Update for kernel SUSE-SA:2008:031
2009-01-23 00:00:00
nessus
nessus
RHEL 4 : kernel (RHSA-2008:0508)
2008-07-02 00:00:00
Scientific Linux Security Update : kernel on SL4.x i386/x86_64
2012-08-01 00:00:00
Oracle Linux 4 : kernel (ELSA-2008-0508)
2013-07-12 00:00:00
centos
centos
kernel security update
2008-06-27 10:43:30
kernel security update
2008-05-09 09:41:42
kernel security update
2008-05-07 14:58:01
redhat
redhat
(RHSA-2008:0508) Important: kernel security and bug fix update
2008-06-25 00:00:00
(RHSA-2008:0233) Important: kernel security and bug fix update
2008-05-07 00:00:00
(RHSA-2008:0211) Important: kernel security and bug fix update
2008-05-07 00:00:00
suse
suse
remote denial of service in kernel
2008-07-02 13:19:53
remote denial of service in kernel
2008-07-07 14:54:24
remote denial of service in kernel
2008-06-20 16:05:15
oraclelinux
oraclelinux
kernel security and bug fix update
2008-05-08 00:00:00
kernel security and bug fix update
2008-06-26 00:00:00
kernel security and bug fix update
2008-05-07 00:00:00
vmware
vmware
Updated ESX service console packages for Samba and vmnix
2008-07-28 00:00:00
Updated ESX service console packages for Samba and vmnix
2008-07-28 00:00:00

5.9 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.015 Low

EPSS

Percentile

86.7%

JSON
Related for CVE-2008-1367
prion1debiancve1veracode1ubuntucve1openvas20nessus17centos3redhat3suse3oraclelinux4vmware2