CVE-2004-0554

Description

Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a "crash.c" program.

Affected products

• Avaya / converged_communications_server2.0 – 2.0
• Avaya / intuity_audix
• Avaya / modular_messaging_message_storage_servers3400 – s3400
• Avaya / s8300r2.0.1 – r2.0.1
• Avaya / s8300r2.0.0 – r2.0.0
• Avaya / s8500r2.0.1 – r2.0.1
• Avaya / s8500r2.0.0 – r2.0.0
• Avaya / s8700r2.0.1 – r2.0.1
• Avaya / s8700r2.0.0 – r2.0.0
• conectiva / linux9.0 – 9.0
• conectiva / linux8.0 – 8.0
• gentoo / linux1.4 – 1.4
• Linux / Linux kernel2.6.2 – 2.6.2
• Linux / Linux kernel2.6.3 – 2.6.3
• Linux / Linux kernel2.6.4 – 2.6.4
• Linux / Linux kernel2.6.5 – 2.6.5
• Linux / Linux kernel2.6.6 – 2.6.6
• Linux / Linux kernel2.6.6 – 2.6.6
• Linux / Linux kernel2.6.7 – 2.6.7
• Linux / Linux kernel2.6.7 – 2.6.7
• Linux / Linux kernel2.6.1 – 2.6.1
• Linux / Linux kernel2.4.18 – 2.4.18
• Linux / Linux kernel2.4.19 – 2.4.19
• Linux / Linux kernel2.4.21 – 2.4.21
• Linux / Linux kernel2.4.22 – 2.4.22
• Linux / Linux kernel2.4.23 – 2.4.23
• Linux / Linux kernel2.4.24 – 2.4.24
• Linux / Linux kernel2.4.25 – 2.4.25
• Linux / Linux kernel2.4.26 – 2.4.26
• Linux / Linux kernel2.6.0 – 2.6.0
• Linux / Linux kernel2.6.1 – 2.6.1
• Linux / Linux kernel2.6.1 – 2.6.1
• RedHat / enterprise_linux2.1 – 2.1
• RedHat / enterprise_linux2.1 – 2.1
• RedHat / enterprise_linux2.1 – 2.1
• RedHat / enterprise_linux3.0 – 3.0
• RedHat / enterprise_linux3.0 – 3.0
• RedHat / enterprise_linux3.0 – 3.0
• SUSE / suse_email_server3.1 – 3.1
• SUSE / suse_email_serveriii – iii
• SUSE / suse_linux7 – 7
• SUSE / suse_linux8.0 – 8.0
• SUSE / suse_linux8.1 – 8.1
• SUSE / suse_linux8.2 – 8.2
• SUSE / suse_linux9.0 – 9.0
• SUSE / suse_linux9.0 – 9.0
• SUSE / suse_linux9.1 – 9.1
• SUSE / suse_linux8.0 – 8.0
• SUSE / suse_linux8 – 8
• SUSE / suse_linux_admin-cd_for_firewall
• SUSE / suse_linux_connectivity_server
• SUSE / suse_linux_database_server
• SUSE / suse_linux_firewall_cd
• SUSE / suse_linux_office_server
• SUSE / suse_office_server

References

• VENDOR_ADVISORYhttp://secunia.com/advisories/20163
• MISChttp://www.kb.cert.org/vuls/id/973654
• MISChttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9426
• VENDOR_ADVISORYhttp://www.debian.org/security/2006/dsa-1082
• MISChttp://www.redhat.com/support/errata/RHSA-2004-255.html
• MISChttp://linuxreviews.org/news/2004-06-11_kernel_crash/index.html
• MISChttp://www.securityfocus.com/bid/10538
• MISChttp://www.redhat.com/support/errata/RHSA-2004-260.html
• MISChttp://gcc.gnu.org/bugzilla/show_bug.cgi?id=15905
• VENDOR_ADVISORYhttp://www.novell.com/linux/security/advisories/2004_17_kernel.html
• MISChttp://www.trustix.net/errata/2004/0034/
• VENDOR_ADVISORYhttp://www.debian.org/security/2006/dsa-1070
• MISChttp://lwn.net/Articles/91155/
• VENDOR_ADVISORYhttp://secunia.com/advisories/20162
• MAILING_LISThttp://marc.info/?l=bugtraq&m=108786114032681&w=2
• MAILING_LISThttp://marc.info/?l=bugtraq&m=108793699910896&w=2
• MISChttp://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000845
• VENDOR_ADVISORYhttp://www.debian.org/security/2006/dsa-1067
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/16412
• VENDOR_ADVISORYhttp://www.debian.org/security/2006/dsa-1069
• MISChttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2915
• VENDOR_ADVISORYhttp://www.mandriva.com/security/advisories?name=MDKSA-2004:062
• VENDOR_ADVISORYhttp://secunia.com/advisories/20202
• MISChttp://security.gentoo.org/glsa/glsa-200407-02.xml
• MAILING_LISThttp://marc.info/?l=linux-kernel&m=108681568931323&w=2
• VENDOR_ADVISORYhttp://secunia.com/advisories/20338