VYPR
Unrated severityNVD Advisory· Published Mar 23, 2009· Updated Jun 16, 2026

CVE-2009-1046

CVE-2009-1046

Description

The console selection feature in the Linux kernel 2.6.28 before 2.6.28.4, 2.6.25, and possibly earlier versions, when the UTF-8 console is used, allows physically proximate attackers to cause a denial of service (memory corruption) by selecting a small number of 3-byte UTF-8 characters, which triggers an "off-by-two memory error." NOTE: it is not clear whether this issue crosses privilege boundaries.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

6
  • Linux/Kernel6 versions
    cpe:2.3:o:linux:linux_kernel:2.6.25:*:*:*:*:*:*:*+ 5 more
    • cpe:2.3:o:linux:linux_kernel:2.6.25:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:2.6.28:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:2.6.28.1:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:2.6.28.2:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:2.6.28.3:*:*:*:*:*:*:*
    • (no CPE)range: <2.6.28.4, <=2.6.25

Patches

Vulnerability mechanics

References

14

News mentions

0

No linked articles in our index yet.