Strix
26.1K

CVE-2004-0554

UnknownEPSS 0.87%

Last modified

CVE-2004-0554 is a vulnerability of currently unknown severity. Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a "crash.c" program.. EPSS estimates a 0.87% chance of exploitation in the next 30 days.

Description

Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a "crash.c" program.

Metrics

EPSS Probability
0.87%

54.1th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

VendorProductVersions
AvayaConverged Communications Server2.0
AvayaModular Messaging Message Storage Servers3400
GentooLinux1.4
LinuxLinux Kernel2.4.18
LinuxLinux Kernel2.4.19
LinuxLinux Kernel2.4.21
LinuxLinux Kernel2.4.22
LinuxLinux Kernel2.4.23
LinuxLinux Kernel2.4.24
LinuxLinux Kernel2.4.25
LinuxLinux Kernel2.4.26
LinuxLinux Kernel2.6.0
LinuxLinux Kernel2.6.1
LinuxLinux Kernel2.6.2
LinuxLinux Kernel2.6.3
LinuxLinux Kernel2.6.4
LinuxLinux Kernel2.6.5
LinuxLinux Kernel2.6.6
LinuxLinux Kernel2.6.7
RedhatEnterprise Linux2.1
RedhatEnterprise Linux3.0
SuseSuse Linux7
SuseSuse Linux8
SuseSuse Linux8.0
SuseSuse Linux8.1
SuseSuse Linux8.2
SuseSuse Linux9.0
SuseSuse Linux9.1
AvayaIntuity AudixAll versions
SuseSuse Email Server3.1
SuseSuse Email Serveriii
SuseSuse Linux Admin-Cd For FirewallAll versions
SuseSuse Linux Connectivity ServerAll versions
SuseSuse Linux Database ServerAll versions
SuseSuse Linux Firewall CdAll versions
SuseSuse Linux Office ServerAll versions
SuseSuse Office ServerAll versions
AvayaS8300r2.0.0
AvayaS8300r2.0.1
AvayaS8500r2.0.0
AvayaS8500r2.0.1
AvayaS8700r2.0.0
AvayaS8700r2.0.1
ConectivaLinux8.0
ConectivaLinux9.0

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2004-0554?
Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a "crash.c" program.
How severe is CVE-2004-0554?
Severity scoring for CVE-2004-0554 is pending analysis. The EPSS model estimates a 0.87% probability of exploitation in the next 30 days.
How do I fix CVE-2004-0554?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2004-0554?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST