7.8
CVE-2009-4020
- EPSS 4.95%
- Veröffentlicht 04.12.2009 21:30:00
- Zuletzt bearbeitet 16.06.2026 23:12:50
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
Stack-based buffer overflow in the hfs subsystem in the Linux kernel 2.6.32 allows remote attackers to have an unspecified impact via a crafted Hierarchical File System (HFS) filesystem, related to the hfs_readdir function in fs/hfs/dir.c.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version2.6.32
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 4.95% | 0.911 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 10 | 6.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:C
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
http://support.avaya.com/css/P8/documents/100073666
https://rhn.redhat.com/errata/RHSA-2010-0046.html
https://rhn.redhat.com/errata/RHSA-2010-0095.html
http://www.debian.org/security/2010/dsa-2005
http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00005.html
http://secunia.com/advisories/38276
http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00007.html
http://marc.info/?l=linux-mm-commits&m=125987755823047&w=2
http://secunia.com/advisories/39742
http://userweb.kernel.org/~akpm/mmotm/broken-out/hfs-fix-a-potential-buffer-overflow.patch
http://www.novell.com/linux/security/advisories/2010_23_kernel.html
http://www.openwall.com/lists/oss-security/2009/12/04/1
https://bugzilla.redhat.com/show_bug.cgi?id=540736
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10091
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6750