Details
The console selection feature in the Linux kernel 2.6.28 before 2.6.28.4, 2.6.25, and possibly earlier versions, when the UTF-8 console is used, allows physically proximate attackers to cause a denial of service (memory corruption) by selecting a small number of 3-byte UTF-8 characters, which triggers an "an off-by-two memory error." NOTE: it is not clear whether this issue crosses privilege boundaries.Novell Bugzilla entry: 478699 SUSE Security Advisories:
- SUSE-SA:2009:017 , published Fri, 03 Apr 2009 12:00:00 +0000
- SUSE-SA:2009:045 , published Thu, 20 Aug 2009 13:00:00 +0000
| Product(s) | Fixed package version(s) | References |
|---|---|---|
| SUSE Linux Enterprise Desktop 10 SP2 for AMD64 and Intel EM64T |
| sles10-sp2-sdk. x86-64 sles10-sp2-debuginfo. x86-64 sles10-sp2-debuginfo. x86-64 sled10-sp2-debuginfo. x86-64 ZYPP Patch Nr: 6113 |
| SUSE Linux Enterprise 10 SP2 DEBUGINFO for AMD64 and Intel EM64T |
| sles10-sp2-sdk. x86-64 sles10-sp2-debuginfo. x86-64 sles10-sp2-debuginfo. x86-64 sled10-sp2-debuginfo. x86-64 ZYPP Patch Nr: 6113 |
| SLE SDK 10 SP2 for X86-64 |
| sles10-sp2-sdk. x86-64 sles10-sp2-debuginfo. x86-64 sles10-sp2-debuginfo. x86-64 sled10-sp2-debuginfo. x86-64 ZYPP Patch Nr: 6113 |
| SUSE Linux Enterprise Server 10 SP2 for AMD64 and Intel EM64T |
| sles10-sp2-sdk. x86-64 sles10-sp2-debuginfo. x86-64 sles10-sp2-debuginfo. x86-64 sled10-sp2-debuginfo. x86-64 ZYPP Patch Nr: 6113 |
| SUSE Linux Enterprise 10 SP2 DEBUGINFO for IBM zSeries 64bit |
| sles10-sp2-debuginfo. s390x sles10-sp2-debuginfo. s390x ZYPP Patch Nr: 6112 |
| SUSE Linux Enterprise Server 10 SP2 for IBM zSeries 64bit |
| sles10-sp2-debuginfo. s390x sles10-sp2-debuginfo. s390x ZYPP Patch Nr: 6112 |
| SUSE Linux Enterprise 10 SP2 DEBUGINFO for IBM POWER |
| sles10-sp2-sdk. ppc sles10-sp2-debuginfo. ppc sles10-sp2-debuginfo. ppc ZYPP Patch Nr: 6111 |
| SLE SDK 10 SP2 for IBM iSeries and IBM pSeries |
| sles10-sp2-sdk. ppc sles10-sp2-debuginfo. ppc sles10-sp2-debuginfo. ppc ZYPP Patch Nr: 6111 |
| SUSE Linux Enterprise Server 10 SP2 for IBM POWER |
| sles10-sp2-sdk. ppc sles10-sp2-debuginfo. ppc sles10-sp2-debuginfo. ppc ZYPP Patch Nr: 6111 |
| openSUSE 11.0 |
| SAT Patch Nr: 1211 |
| openSUSE 11.0 |
| SAT Patch Nr: 1211 |
| SUSE Linux Enterprise 10 SP2 DEBUGINFO for IPF |
| sles10-sp2-sdk. ia64 sles10-sp2-debuginfo. ia64 sles10-sp2-debuginfo. ia64 ZYPP Patch Nr: 6110 |
| SLE SDK 10 SP2 for IPF |
| sles10-sp2-sdk. ia64 sles10-sp2-debuginfo. ia64 sles10-sp2-debuginfo. ia64 ZYPP Patch Nr: 6110 |
| SUSE Linux Enterprise Server 10 SP2 for IPF |
| sles10-sp2-sdk. ia64 sles10-sp2-debuginfo. ia64 sles10-sp2-debuginfo. ia64 ZYPP Patch Nr: 6110 |
| SUSE Linux Enterprise Desktop 10 SP2 for x86 |
| sles10-sp2-debuginfo. x86 sled10-sp2-debuginfo. x86 sles10-sp2-sdk. x86 sles10-sp2-debuginfo. x86 ZYPP Patch Nr: 6109 |
| SUSE Linux Enterprise 10 SP2 DEBUGINFO for x86 |
| sles10-sp2-debuginfo. x86 sled10-sp2-debuginfo. x86 sles10-sp2-sdk. x86 sles10-sp2-debuginfo. x86 ZYPP Patch Nr: 6109 |
| SLE SDK 10 SP2 for x86 |
| sles10-sp2-debuginfo. x86 sled10-sp2-debuginfo. x86 sles10-sp2-sdk. x86 sles10-sp2-debuginfo. x86 ZYPP Patch Nr: 6109 |
| SUSE Linux Enterprise Server 10 SP2 for x86 |
| sles10-sp2-debuginfo. x86 sled10-sp2-debuginfo. x86 sles10-sp2-sdk. x86 sles10-sp2-debuginfo. x86 ZYPP Patch Nr: 6109 |