CVE-2009-4020

Priority
Medium
Description
Stack-based buffer overflow in the hfs subsystem in the Linux kernel 2.6.32
allows remote attackers to have an unspecified impact via a crafted
Hierarchical File System (HFS) filesystem, related to the hfs_readdir
function in fs/hfs/dir.c.
Ubuntu-Description
Amerigo Wang discovered that HFS filesystem did not correctly validate
disk structures. If a user were tricked into mounting a specially crafted
HFS filesystem, a remote attacker could crash the system or gain root
privileges.
References
Assigned-to
ogasawara
Package
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):DNE
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (2.6.33)
Ubuntu 8.04 LTS (Hardy Heron):released (2.6.24-27.65)
Ubuntu 10.04 LTS (Lucid Lynx):not-affected
Patches:
Upstream:ec81aecb29668ad71f699f4e7b96ec46691895b6
More Information

Valid XHTML 1.0 Strict

Updated: 2012-06-01 15:20:23 UTC (commit 5347)