National Cyber-Alert System

Vulnerability Summary for CVE-2004-0554

Overview

Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a "crash.c" program.

Impact

CVSS Severity (version 2.0):

CVSS Version 2 Metrics:

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

US-CERT Vulnerability Note: VU#973654

Name: VU#973654

Type: Advisory

Hyperlink:http://www.kb.cert.org/vuls/id/973654

External Source: XF

Name: linux-dos(16412)

Type: Advisory

Hyperlink:http://xforce.iss.net/xforce/xfdb/16412

External Source: TRUSTIX

Name: 2004-0034

Hyperlink:http://www.trustix.net/errata/2004/0034/

External Source: REDHAT

Name: RHSA-2004:260

Hyperlink:http://www.redhat.com/support/errata/RHSA-2004-260.html

External Source: REDHAT

Name: RHSA-2004:255

Hyperlink:http://www.redhat.com/support/errata/RHSA-2004-255.html

External Source: SUSE

Name: SuSE-SA:2004:017

Hyperlink:http://www.novell.com/linux/security/advisories/2004_17_kernel.html

External Source: GENTOO

Name: GLSA-200407-02

Hyperlink:http://security.gentoo.org/glsa/glsa-200407-02.xml

External Source: MLIST

Name: [linux-kernel] 20040609 timer + fpu stuff locks my console race

Hyperlink:http://marc.theaimsgroup.com/?l=linux-kernel&m=108681568931323&w=2

External Source: ENGARDE

Name: ESA-20040621-005

Hyperlink:http://marc.theaimsgroup.com/?l=bugtraq&m=108793699910896&w=2

External Source: FEDORA

Name: FEDORA-2004-186

Hyperlink:http://lwn.net/Articles/91155/

External Source: MISC

Name: http://linuxreviews.org/news/2004-06-11_kernel_crash/index.html

Hyperlink:http://linuxreviews.org/news/2004-06-11_kernel_crash/index.html

External Source: MISC

Name: http://gcc.gnu.org/bugzilla/show_bug.cgi?id=15905

Hyperlink:http://gcc.gnu.org/bugzilla/show_bug.cgi?id=15905

External Source: CONECTIVA

Name: CLA-2004:845

Hyperlink:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000845

External Source: BID

Name: 10538

Hyperlink:http://www.securityfocus.com/bid/10538

External Source: MANDRAKE

Name: MDKSA-2004:062

Hyperlink:http://www.mandriva.com/security/advisories?name=MDKSA-2004:062

External Source: DEBIAN

Name: DSA-1082

Hyperlink:http://www.debian.org/security/2006/dsa-1082

External Source: DEBIAN

Name: DSA-1070

Hyperlink:http://www.debian.org/security/2006/dsa-1070

External Source: DEBIAN

Name: DSA-1069

Hyperlink:http://www.debian.org/security/2006/dsa-1069

External Source: DEBIAN

Name: DSA-1067

Hyperlink:http://www.debian.org/security/2006/dsa-1067

External Source: SECUNIA

Name: 20338

Hyperlink:http://secunia.com/advisories/20338

External Source: SECUNIA

Name: 20202

Hyperlink:http://secunia.com/advisories/20202

External Source: SECUNIA

Name: 20163

Hyperlink:http://secunia.com/advisories/20163

External Source: SECUNIA

Name: 20162

Hyperlink:http://secunia.com/advisories/20162

External Source: BUGTRAQ

Name: 20040620 TSSA-2004-011 - kernel

Hyperlink:http://marc.theaimsgroup.com/?l=bugtraq&m=108786114032681&w=2

US Government Resource: oval:org.mitre.oval:def:2915

Name: oval:org.mitre.oval:def:2915

Type: Tool Signature

Hyperlink:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:2915