CVE-2009-1046

Common Vulnerabilities and Exposures

Upstream information

CVE-2009-1046 at MITRE

Description

The console selection feature in the Linux kernel 2.6.28 before 2.6.28.4, 2.6.25, and possibly earlier versions, when the UTF-8 console is used, allows physically proximate attackers to cause a denial of service (memory corruption) by selecting a small number of 3-byte UTF-8 characters, which triggers an "an off-by-two memory error." NOTE: it is not clear whether this issue crosses privilege boundaries.

NVD CVSS v2 Base Score: 4.7 (AV:L/AC:M/Au:N/C:N/I:N/A:C)

Novell/SUSE information

Novell Bugzilla entry: 478699

SUSE Security Advisories:

SUSE-SA:2009:017, published Fri, 03 Apr 2009 12:00:00 +0000
SUSE-SA:2009:045, published Thu, 20 Aug 2009 13:00:00 +0000

List of released packages

Product(s)	Fixed package version(s)	References
SUSE Linux Enterprise Desktop 10 SP2 for AMD64 and Intel EM64T	`kernel-default >= 2.6.16.60-0.37_f594963d` `kernel-smp >= 2.6.16.60-0.37_f594963d` `kernel-source >= 2.6.16.60-0.37_f594963d` `kernel-syms >= 2.6.16.60-0.37_f594963d` `kernel-xen >= 2.6.16.60-0.37_f594963d`	sle10-sp2-sdk.x86-64 sles10-sp2-debuginfo.x86-64 sles10-sp2.x86-64 sled10-sp2.x86-64 ZYPP Patch Nr: 6113
SUSE Linux Enterprise 10 SP2 DEBUGINFO for AMD64 and Intel EM64T	`kernel-debug-debuginfo >= 2.6.16.60-0.37_f594963d` `kernel-default-debuginfo >= 2.6.16.60-0.37_f594963d` `kernel-kdump-debuginfo >= 2.6.16.60-0.37_f594963d` `kernel-smp-debuginfo >= 2.6.16.60-0.37_f594963d` `kernel-source-debuginfo >= 2.6.16.60-0.37_f594963d` `kernel-xen-debuginfo >= 2.6.16.60-0.37_f594963d`	sle10-sp2-sdk.x86-64 sles10-sp2-debuginfo.x86-64 sles10-sp2.x86-64 sled10-sp2.x86-64 ZYPP Patch Nr: 6113
SUSE Linux Enterprise Server 10 SP2 for AMD64 and Intel EM64T	`kernel-debug >= 2.6.16.60-0.37_f594963d` `kernel-default >= 2.6.16.60-0.37_f594963d` `kernel-kdump >= 2.6.16.60-0.37_f594963d` `kernel-smp >= 2.6.16.60-0.37_f594963d` `kernel-source >= 2.6.16.60-0.37_f594963d` `kernel-syms >= 2.6.16.60-0.37_f594963d` `kernel-xen >= 2.6.16.60-0.37_f594963d`	sle10-sp2-sdk.x86-64 sles10-sp2-debuginfo.x86-64 sles10-sp2.x86-64 sled10-sp2.x86-64 ZYPP Patch Nr: 6113
SUSE Linux Enterprise 10 SP2 DEBUGINFO for IBM zSeries 64bit	`kernel-default-debuginfo >= 2.6.16.60-0.37_f594963d`	sles10-sp2.s390x sles10-sp2-debuginfo.s390x ZYPP Patch Nr: 6112
SUSE Linux Enterprise Server 10 SP2 for IBM zSeries 64bit	`kernel-default >= 2.6.16.60-0.37_f594963d` `kernel-source >= 2.6.16.60-0.37_f594963d` `kernel-syms >= 2.6.16.60-0.37_f594963d`	sles10-sp2.s390x sles10-sp2-debuginfo.s390x ZYPP Patch Nr: 6112
SUSE Linux Enterprise 10 SP2 DEBUGINFO for IBM POWER	`kernel-default-debuginfo >= 2.6.16.60-0.37_f594963d` `kernel-iseries64-debuginfo >= 2.6.16.60-0.37_f594963d` `kernel-kdump-debuginfo >= 2.6.16.60-0.37_f594963d` `kernel-ppc64-debuginfo >= 2.6.16.60-0.37_f594963d`	sle10-sp2-sdk.ppc sles10-sp2-debuginfo.ppc sles10-sp2.ppc ZYPP Patch Nr: 6111
SUSE Linux Enterprise Server 10 SP2 for IBM POWER	`kernel-default >= 2.6.16.60-0.37_f594963d` `kernel-iseries64 >= 2.6.16.60-0.37_f594963d` `kernel-kdump >= 2.6.16.60-0.37_f594963d` `kernel-ppc64 >= 2.6.16.60-0.37_f594963d` `kernel-source >= 2.6.16.60-0.37_f594963d` `kernel-syms >= 2.6.16.60-0.37_f594963d`	sle10-sp2-sdk.ppc sles10-sp2-debuginfo.ppc sles10-sp2.ppc ZYPP Patch Nr: 6111
SUSE Linux Enterprise 10 SP2 DEBUGINFO for IPF	`kernel-debug-debuginfo >= 2.6.16.60-0.37_f594963d` `kernel-default-debuginfo >= 2.6.16.60-0.37_f594963d` `kernel-source-debuginfo >= 2.6.16.60-0.37_f594963d`	sle10-sp2-sdk.ia64 sles10-sp2.ia64 sles10-sp2-debuginfo.ia64 ZYPP Patch Nr: 6110
SUSE Linux Enterprise Server 10 SP2 for IPF	`kernel-debug >= 2.6.16.60-0.37_f594963d` `kernel-default >= 2.6.16.60-0.37_f594963d` `kernel-source >= 2.6.16.60-0.37_f594963d` `kernel-syms >= 2.6.16.60-0.37_f594963d`	sle10-sp2-sdk.ia64 sles10-sp2.ia64 sles10-sp2-debuginfo.ia64 ZYPP Patch Nr: 6110
SUSE Linux Enterprise Desktop 10 SP2 for x86	`kernel-bigsmp >= 2.6.16.60-0.37_f594963d` `kernel-default >= 2.6.16.60-0.37_f594963d` `kernel-smp >= 2.6.16.60-0.37_f594963d` `kernel-source >= 2.6.16.60-0.37_f594963d` `kernel-syms >= 2.6.16.60-0.37_f594963d` `kernel-xen >= 2.6.16.60-0.37_f594963d` `kernel-xenpae >= 2.6.16.60-0.37_f594963d`	sles10-sp2.x86 sled10-sp2.x86 sle10-sp2-sdk.x86 sles10-sp2-debuginfo.x86 ZYPP Patch Nr: 6109
SUSE Linux Enterprise 10 SP2 DEBUGINFO for x86	`kernel-bigsmp-debuginfo >= 2.6.16.60-0.37_f594963d` `kernel-debug-debuginfo >= 2.6.16.60-0.37_f594963d` `kernel-default-debuginfo >= 2.6.16.60-0.37_f594963d` `kernel-kdump-debuginfo >= 2.6.16.60-0.37_f594963d` `kernel-smp-debuginfo >= 2.6.16.60-0.37_f594963d` `kernel-source-debuginfo >= 2.6.16.60-0.37_f594963d` `kernel-xen-debuginfo >= 2.6.16.60-0.37_f594963d` `kernel-xenpae-debuginfo >= 2.6.16.60-0.37_f594963d`	sles10-sp2.x86 sled10-sp2.x86 sle10-sp2-sdk.x86 sles10-sp2-debuginfo.x86 ZYPP Patch Nr: 6109
SUSE Linux Enterprise Server 10 SP2 for x86	`kernel-bigsmp >= 2.6.16.60-0.37_f594963d` `kernel-debug >= 2.6.16.60-0.37_f594963d` `kernel-default >= 2.6.16.60-0.37_f594963d` `kernel-kdump >= 2.6.16.60-0.37_f594963d` `kernel-smp >= 2.6.16.60-0.37_f594963d` `kernel-source >= 2.6.16.60-0.37_f594963d` `kernel-syms >= 2.6.16.60-0.37_f594963d` `kernel-vmi >= 2.6.16.60-0.37_f594963d` `kernel-vmipae >= 2.6.16.60-0.37_f594963d` `kernel-xen >= 2.6.16.60-0.37_f594963d` `kernel-xenpae >= 2.6.16.60-0.37_f594963d`	sles10-sp2.x86 sled10-sp2.x86 sle10-sp2-sdk.x86 sles10-sp2-debuginfo.x86 ZYPP Patch Nr: 6109

Markets

Products By Category

Novell

NetIQ (Moving soon to NetIQ.com)

A-Z

Contribute