Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2009-4020
Modified
More InfoOfficial Page
Source-secalert@redhat.com
View Known Exploited Vulnerability (KEV) details
Published At-04 Dec, 2009 | 21:30
Updated At-13 Feb, 2023 | 02:20

Stack-based buffer overflow in the hfs subsystem in the Linux kernel 2.6.32 allows remote attackers to have an unspecified impact via a crafted Hierarchical File System (HFS) filesystem, related to the hfs_readdir function in fs/hfs/dir.c.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.07.8HIGH
AV:N/AC:L/Au:N/C:N/I:N/A:C
CPE Matches
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.32
cpe:2.3:o:linux:linux_kernel:2.6.32:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-119Primarynvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
Organization : Red Hat
Last Modified : 2010-02-04T00:00:00

This issue did not affect the version of the Linux kernel as shipped with Red Hat Enterprise MRG as the affected driver is not enabled in this kernel. It was addressed in Red Hat Enterprise Linux 4 and 5 via https://rhn.redhat.com/errata/RHSA-2010-0076.html and https://rhn.redhat.com/errata/RHSA-2010-0046.html respectively. Red Hat Enterprise Linux 3 is now in Production 3 of the maintenance life-cycle, http://www.redhat.com/security/updates/errata, and this issue is rated as having low impact, therefore the fix for this issue is not currently planned to be included in the future updates.

References
HyperlinkSourceResource
http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00005.htmlsecalert@redhat.com
N/A
http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00007.htmlsecalert@redhat.com
N/A
http://marc.info/?l=linux-mm-commits&m=125987755823047&w=2secalert@redhat.com
N/A
http://secunia.com/advisories/38276secalert@redhat.com
N/A
http://secunia.com/advisories/39742secalert@redhat.com
N/A
http://support.avaya.com/css/P8/documents/100073666secalert@redhat.com
N/A
http://userweb.kernel.org/~akpm/mmotm/broken-out/hfs-fix-a-potential-buffer-overflow.patchsecalert@redhat.com
Patch
http://www.debian.org/security/2010/dsa-2005secalert@redhat.com
N/A
http://www.novell.com/linux/security/advisories/2010_23_kernel.htmlsecalert@redhat.com
N/A
http://www.openwall.com/lists/oss-security/2009/12/04/1secalert@redhat.com
N/A
https://bugzilla.redhat.com/show_bug.cgi?id=540736secalert@redhat.com
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10091secalert@redhat.com
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6750secalert@redhat.com
N/A
https://rhn.redhat.com/errata/RHSA-2010-0046.htmlsecalert@redhat.com
N/A
https://rhn.redhat.com/errata/RHSA-2010-0095.htmlsecalert@redhat.com
N/A
Change History
0Changes found
Details not found