Back

Memory corruption in Bitdefender Hypervisor Introspection (VA-9336)

Publication date: December 17th, 2020

CVE ID:

CVE-2020-15293

CVSS scrore:

6.1 - https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H

Affected vendors:

Bitdefender

Affected products:

Bidefender Hypervisor Introspection

Vulnerability details:

Memory corruption in IntLixCrashDumpDmesg, IntLixTaskFetchCmdLine, IntLixFileReadDentry and IntLixFileGetPath due to insufficient guest-data input validation may lead to denial of service conditions.

Additional details:

The issue has been fixed in Introcore 1.132.2.

Credit:

Ilja Van Sprundel from IOActive