Main Vulnerability Database Exploits ID:10062 - Exploit for Resource management errors in Linux kernel - CVE-2009-1046

ID:10062 - Exploit for Resource management errors in Linux kernel - CVE-2009-1046

Published: June 20, 2024

Vulnerability identifier: #VU92843

Vulnerability risk: Low

CVE-ID: CVE-2009-1046

CWE-ID: CWE-399

Exploitation vector: Local access

Vulnerable software:
Linux kernel

Link to public exploit:

https://www.exploit-db.com/exploits/9083/

Vulnerability description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The console selection feature in the Linux kernel 2.6.28 before 2.6.28.4, 2.6.25, and possibly earlier versions, when the UTF-8 console is used, allows physically proximate attackers to cause a denial of service (memory corruption) by selecting a small number of 3-byte UTF-8 characters, which triggers an 'off-by-two memory error.' NOTE: it is not clear whether this issue crosses privilege boundaries.

Remediation

Install update from vendor's repository.

ID:10062 - Exploit for Resource management errors in Linux kernel - CVE-2009-1046

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human