JVNVU#97704455
ServerProtect for Linux vulnerable to heap-based buffer overflow
Overview
ServerProtect for Linux provided by Trend Micro Incorporated contains a heap-based buffer overflow vulnerability.
Products Affected
- ServerProtect for Linux Version 3.0
Description
Kernel Hook Module for ServerProtect for Linux provided by Trend Micro Incorporated contains a heap-based buffer overflow vulnerability (CWE-122).
Impact
An attacker who can execute high-privileged code may escalate privileges.
Solution
Update the software
Update Kernel Hook Module to the latest version according to the information provided by the developer.
The developer has released the version listed below that contains a fix for this vulnerability.
- KHM 3.0.1.0022
The developer also recommends that users should update the Kernel Hook Module to the version above KHM 3.0.1.0022 if available.
Apply workaroundApplying the following workaround may mitigate the impacts of this vulnerability.
- Restrict physical and remote access to the sever where the product is running to trusted users only
Vendor Status
| Vendor | Link |
| Trend Micro Incorporated | SECURITY BULLETIN: Trend Micro ServerProtect for Linux Heap-based Buffer Overflow Privilege Escalation Vulnerability |
References
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
| Attack Vector(AV) | Physical (P) | Local (L) | Adjacent (A) | Network (N) |
|---|---|---|---|---|
| Attack Complexity(AC) | High (H) | Low (L) | ||
| Privileges Required(PR) | High (H) | Low (L) | None (N) | |
| User Interaction(UI) | Required (R) | None (N) | ||
| Scope(S) | Unchanged (U) | Changed (C) | ||
| Confidentiality Impact(C) | None (N) | Low (L) | High (H) | |
| Integrity Impact(I) | None (N) | Low (L) | High (H) | |
| Availability Impact(A) | None (N) | Low (L) | High (H) |
Credit
Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the solutions through JVN.
Other Information
| JPCERT Alert |
|
| JPCERT Reports |
|
| CERT Advisory |
|
| CPNI Advisory |
|
| TRnotes |
|
| CVE |
CVE-2020-28575 |
| JVN iPedia |
|