NVD脆弱性詳細

CVE-2004-0554

概要	Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a "crash.c" program.
公表日	2004年8月6日13:00
登録日	2021年1月29日18:00
最終更新日	2017年10月11日10:29

CVSS2.0 : LOW
スコア	2.1
ベクター	AV:L/AC:L/Au:N/C:N/I:N/A:P
攻撃元区分(AV)	ローカル
攻撃条件の複雑さ(AC)	低
攻撃前の認証要否(Au)	不要
機密性への影響(C)	なし
完全性への影響(I)	なし
可用性への影響(A)	低
全ての特権を取得	いいえ
ユーザー権限を取得	いいえ
その他の権限を取得	いいえ
ユーザー操作が必要	いいえ

影響を受けるソフトウェアの構成

構成1	以上	以下	より上	未満
cpe:2.3:h:avaya:converged_communications_server:2.0:::::::*
cpe:2.3:o:avaya:modular_messaging_message_storage_server:s3400:::::::*
cpe:2.3:o:gentoo:linux:1.4:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.18:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.19:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.21:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.22:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.23:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.24:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.25:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.26:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.0:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.1:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.1:rc1::::::
cpe:2.3:o:linux:linux_kernel:2.6.1:rc2::::::
cpe:2.3:o:linux:linux_kernel:2.6.2:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.3:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.4:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.5:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.6:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.6:rc1::::::
cpe:2.3:o:linux:linux_kernel:2.6.7:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.7:rc1::::::
cpe:2.3:o:redhat:enterprise_linux:2.1::advanced_server:::::
cpe:2.3:o:redhat:enterprise_linux:2.1::enterprise_server:::::
cpe:2.3:o:redhat:enterprise_linux:2.1::workstation:::::
cpe:2.3:o:redhat:enterprise_linux:3.0::advanced_servers:::::
cpe:2.3:o:redhat:enterprise_linux:3.0::enterprise_server:::::
cpe:2.3:o:redhat:enterprise_linux:3.0::workstation:::::
cpe:2.3:o:suse:suse_linux:7::enterprise_server:::::
cpe:2.3:o:suse:suse_linux:8::enterprise_server:::::
cpe:2.3:o:suse:suse_linux:8.0:::::::*
cpe:2.3:o:suse:suse_linux:8.0::i386:::::
cpe:2.3:o:suse:suse_linux:8.1:::::::*
cpe:2.3:o:suse:suse_linux:8.2:::::::*
cpe:2.3:o:suse:suse_linux:9.0:::::::*
cpe:2.3:o:suse:suse_linux:9.0::x86_64:::::
cpe:2.3:o:suse:suse_linux:9.1:::::::*

構成2	以上	以下	より上	未満
cpe:2.3:a:avaya:intuity_audix:::lx:::::*
cpe:2.3:a:suse:suse_email_server:3.1:::::::*
cpe:2.3:a:suse:suse_email_server:iii:::::::*
cpe:2.3:a:suse:suse_linux_admin-cd_for_firewall::::::::
cpe:2.3:a:suse:suse_linux_connectivity_server::::::::
cpe:2.3:a:suse:suse_linux_database_server::::::::
cpe:2.3:a:suse:suse_linux_firewall_cd::::::::
cpe:2.3:a:suse:suse_linux_office_server::::::::
cpe:2.3:a:suse:suse_office_server::::::::
cpe:2.3:h:avaya:s8300:r2.0.0:::::::*
cpe:2.3:h:avaya:s8300:r2.0.1:::::::*
cpe:2.3:h:avaya:s8500:r2.0.0:::::::*
cpe:2.3:h:avaya:s8500:r2.0.1:::::::*
cpe:2.3:h:avaya:s8700:r2.0.0:::::::*
cpe:2.3:h:avaya:s8700:r2.0.1:::::::*
cpe:2.3:o:conectiva:linux:8.0:::::::*
cpe:2.3:o:conectiva:linux:9.0:::::::*

関連情報、対策とツール

No	URL	refsource	タグ
1	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000845	CONECTIVA
2	http://gcc.gnu.org/bugzilla/show_bug.cgi?id=15905	MISC
3	http://linuxreviews.org/news/2004-06-11_kernel_crash/index.html	MISC
4	http://lwn.net/Articles/91155/	FEDORA
5	http://marc.info/?l=bugtraq&m=108786114032681&w=2	BUGTRAQ
6	http://marc.info/?l=bugtraq&m=108793699910896&w=2	ENGARDE
7	http://marc.info/?l=linux-kernel&m=108681568931323&w=2	MLIST
8	http://secunia.com/advisories/20162	SECUNIA
9	http://secunia.com/advisories/20163	SECUNIA
10	http://secunia.com/advisories/20202	SECUNIA
11	http://secunia.com/advisories/20338	SECUNIA
12	http://security.gentoo.org/glsa/glsa-200407-02.xml	GENTOO
13	http://www.debian.org/security/2006/dsa-1067	DEBIAN
14	http://www.debian.org/security/2006/dsa-1069	DEBIAN
15	http://www.debian.org/security/2006/dsa-1070	DEBIAN
16	http://www.debian.org/security/2006/dsa-1082	DEBIAN
17	http://www.kb.cert.org/vuls/id/973654	CERT-VN	Third Party Advisory US Government Resource
18	http://www.mandriva.com/security/advisories?name=MDKSA-2004:062	MANDRAKE
19	http://www.novell.com/linux/security/advisories/2004_17_kernel.html	SUSE
20	http://www.redhat.com/support/errata/RHSA-2004-255.html	REDHAT
21	http://www.redhat.com/support/errata/RHSA-2004-260.html	REDHAT
22	http://www.securityfocus.com/bid/10538	BID
23	http://www.trustix.net/errata/2004/0034/	TRUSTIX
24	https://exchange.xforce.ibmcloud.com/vulnerabilities/16412	XF
25	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2915	OVAL
26	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9426	OVAL

共通脆弱性一覧

構成1	以上	以下	より上	未満
cpe:2.3:h:avaya:converged_communications_server:2.0:::::::*
cpe:2.3:o:avaya:modular_messaging_message_storage_server:s3400:::::::*
cpe:2.3:o:gentoo:linux:1.4:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.18:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.19:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.21:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.22:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.23:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.24:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.25:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.26:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.0:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.1:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.1:rc1::::::
cpe:2.3:o:linux:linux_kernel:2.6.1:rc2::::::
cpe:2.3:o:linux:linux_kernel:2.6.2:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.3:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.4:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.5:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.6:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.6:rc1::::::
cpe:2.3:o:linux:linux_kernel:2.6.7:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.7:rc1::::::
cpe:2.3:o:redhat:enterprise_linux:2.1::advanced_server:::::
cpe:2.3:o:redhat:enterprise_linux:2.1::enterprise_server:::::
cpe:2.3:o:redhat:enterprise_linux:2.1::workstation:::::
cpe:2.3:o:redhat:enterprise_linux:3.0::advanced_servers:::::
cpe:2.3:o:redhat:enterprise_linux:3.0::enterprise_server:::::
cpe:2.3:o:redhat:enterprise_linux:3.0::workstation:::::
cpe:2.3:o:suse:suse_linux:7::enterprise_server:::::
cpe:2.3:o:suse:suse_linux:8::enterprise_server:::::
cpe:2.3:o:suse:suse_linux:8.0:::::::*
cpe:2.3:o:suse:suse_linux:8.0::i386:::::
cpe:2.3:o:suse:suse_linux:8.1:::::::*
cpe:2.3:o:suse:suse_linux:8.2:::::::*
cpe:2.3:o:suse:suse_linux:9.0:::::::*
cpe:2.3:o:suse:suse_linux:9.0::x86_64:::::
cpe:2.3:o:suse:suse_linux:9.1:::::::*

構成2	以上	以下	より上	未満
cpe:2.3:a:avaya:intuity_audix:::lx:::::*
cpe:2.3:a:suse:suse_email_server:3.1:::::::*
cpe:2.3:a:suse:suse_email_server:iii:::::::*
cpe:2.3:a:suse:suse_linux_admin-cd_for_firewall::::::::
cpe:2.3:a:suse:suse_linux_connectivity_server::::::::
cpe:2.3:a:suse:suse_linux_database_server::::::::
cpe:2.3:a:suse:suse_linux_firewall_cd::::::::
cpe:2.3:a:suse:suse_linux_office_server::::::::
cpe:2.3:a:suse:suse_office_server::::::::
cpe:2.3:h:avaya:s8300:r2.0.0:::::::*
cpe:2.3:h:avaya:s8300:r2.0.1:::::::*
cpe:2.3:h:avaya:s8500:r2.0.0:::::::*
cpe:2.3:h:avaya:s8500:r2.0.1:::::::*
cpe:2.3:h:avaya:s8700:r2.0.0:::::::*
cpe:2.3:h:avaya:s8700:r2.0.1:::::::*
cpe:2.3:o:conectiva:linux:8.0:::::::*
cpe:2.3:o:conectiva:linux:9.0:::::::*