CVE-2009-1046

Name of the Vulnerable Software and Affected Versions SUSE Linux Enterprise kernel-default-base (affected versions not specified) openSUSE kernel-pseries64 (affected versions not specified) openSUSE kernel-s390-debug (affected versions not specified) openSUSE kernel-smp-debuginfo (affected versions not specified) SUSE Linux Enterprise kernel-pae (affected versions not specified) SUSE Linux Enterprise kernel-default-debugsource (affected versions not specified) openSUSE kernel-pmac64 (affected versions not specified) openSUSE kexec-tools (affected versions not specified) SUSE Linux Enterprise cluster-network-kmp-pae (affected versions not specified) openSUSE appleir-kmp-debug (affected versions not specified) SUSE Linux Enterprise kernel-pae-extra (affected versions not specified) openSUSE kernel-xenpae (affected versions not specified) SUSE Linux Enterprise kernel-pae-base (affected versions not specified) openSUSE kernel-s390x (affected versions not specified) openSUSE kernel-s390x-debug (affected versions not specified) openSUSE kernel-64k-pagesize (affected versions not specified) openSUSE acx-kmp-debug (affected versions not specified) openSUSE pcc-acpi-kmp-debug (affected versions not specified) openSUSE kexec-tools-debuginfo (affected versions not specified) Linux kernel versions prior to 2.6.28.4 (affected versions not specified) SUSE Linux Enterprise kernel-ec2-base (affected versions not specified) openSUSE um-host-install-initrd (affected versions not specified) openSUSE kernel-vmipae (affected versions not specified) SUSE Linux Enterprise ext4dev-kmp-default (affected versions not specified) openSUSE kernel-iseries64-debuginfo (affected versions not specified) openSUSE um-host-kernel (affected versions not specified) openSUSE kernel-smp (affected versions not specified) SUSE Linux Enterprise kernel-ec2 (affected versions not specified) SUSE Linux Enterprise ocfs2-kmp-xen (affected versions not specified) SUSE Linux Enterprise ocfs2-kmp-default (affected versions not specified) SUSE Linux Enterprise cluster-network-kmp-xen (affected versions not specified) openSUSE kernel-um (affected versions not specified) openSUSE uvcvideo-kmp-debug (affected versions not specified) SUSE Linux Enterprise ext4dev-kmp-ppc64 (affected versions not specified) openSUSE kernel-iseries64 (affected versions not specified) SUSE Linux Enterprise kernel-default-extra (affected versions not specified) openSUSE acerhk-kmp-debug (affected versions not specified) openSUSE kernel-sn2 (affected versions not specified) openSUSE kernel-s390 (affected versions not specified) openSUSE wlan-ng-kmp-debug (affected versions not specified) SUSE Linux Enterprise kernel-xen-base (affected versions not specified) SUSE Linux Enterprise kexec-tools-debuginfo (affected versions not specified) SUSE Linux Enterprise kernel-ppc64-debugsource (affected versions not specified) openSUSE kernel-xenpae-debuginfo (affected versions not specified) SUSE Linux Enterprise kernel-xen-extra (affected versions not specified) SUSE Linux Enterprise kernel-kdump-debugsource (affected versions not specified) openSUSE tpctl-kmp-debug (affected versions not specified) SUSE Linux Enterprise cluster-network-kmp-default (affected versions not specified) openSUSE gspcav-kmp-debug (affected versions not specified) openSUSE kernel-bigsmp (affected versions not specified) SUSE Linux Enterprise ocfs2-kmp-pae (affected versions not specified) openSUSE nouveau-kmp-debug (affected versions not specified) openSUSE kernel-bigsmp-debuginfo (affected versions not specified) SUSE Linux Enterprise kernel-ppc64-base (affected versions not specified) openSUSE at76 usb-kmp-debug (affected versions not specified) openSUSE atl2-kmp-debug (affected versions not specified)

Description The issue is related to multiple vulnerabilities in various kernel packages of SUSE Linux Enterprise and openSUSE operating systems. These vulnerabilities can be exploited remotely, potentially leading to a denial of service (memory corruption) and disruption of protected information availability. The console selection feature in the Linux kernel is also vulnerable when the UTF-8 console is used, allowing physically proximate attackers to cause a denial of service by selecting a small number of 3-byte UTF-8 characters.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.