CVE-2009-4020

Name of the Vulnerable Software and Affected Versions openSUSE kernel-ps3-debuginfo (affected versions not specified) openSUSE kernel-ps3-debugsource (affected versions not specified) Linux kernel version 2.6.32

Description The issue involves multiple vulnerabilities in the kernel-ps3-debuginfo and kernel-ps3-debugsource packages of the openSUSE operating system, as well as a stack-based buffer overflow in the hfs subsystem of the Linux kernel. These vulnerabilities can be exploited remotely and may lead to a disruption of confidentiality, integrity, and availability of protected information. The buffer overflow is related to the hfs readdir function in fs/hfs/dir.c and can be triggered by a crafted Hierarchical File System (HFS) filesystem.

Recommendations For openSUSE kernel-ps3-debuginfo, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For openSUSE kernel-ps3-debugsource, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For Linux kernel version 2.6.32, consider upgrading to a newer version to address the stack-based buffer overflow in the hfs subsystem. As a temporary workaround, consider restricting access to HFS filesystems to minimize the risk of exploitation.