Unrated severityNVD Advisory· Published Dec 4, 2009· Updated Apr 23, 2026

CVE-2009-4020

Description

Stack-based buffer overflow in the hfs subsystem in the Linux kernel 2.6.32 allows remote attackers to have an unspecified impact via a crafted Hierarchical File System (HFS) filesystem, related to the hfs_readdir function in fs/hfs/dir.c.

Affected products

Linux/Kernel
cpe:2.3:o:linux:linux_kernel:2.6.32:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

userweb.kernel.org/~akpm/mmotm/broken-out/hfs-fix-a-potential-buffer-overflow.patchnvdPatch
lists.opensuse.org/opensuse-security-announce/2010-01/msg00005.htmlnvd
lists.opensuse.org/opensuse-security-announce/2010-03/msg00007.htmlnvd
marc.infonvd
secunia.com/advisories/38276nvd
secunia.com/advisories/39742nvd
support.avaya.com/css/P8/documents/100073666nvd
www.debian.org/security/2010/dsa-2005nvd
www.novell.com/linux/security/advisories/2010_23_kernel.htmlnvd
www.openwall.com/lists/oss-security/2009/12/04/1nvd
bugzilla.redhat.com/show_bug.cginvd
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10091nvd
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6750nvd
rhn.redhat.com/errata/RHSA-2010-0046.htmlnvd
rhn.redhat.com/errata/RHSA-2010-0095.htmlnvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.003
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000