CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-15293 – Memory corruption in Bitdefender Hypervisor Introspection (VA-9336)
https://notcve.org/view.php?id=CVE-2020-15293
17 Dec 2020 — Memory corruption in IntLixCrashDumpDmesg, IntLixTaskFetchCmdLine, IntLixFileReadDentry and IntLixFileGetPath due to insufficient guest-data input validation may lead to denial of service conditions. Una corrupción de la memoria en IntLixCrashDumpDmesg, IntLixTaskFetchCmdLine, IntLixFileReadDentry e IntLixFileGetPath, debido a una comprobación insuficiente de entrada de datos del invitado puede conllevar a unas condiciones de denegación de servicio • https://www.bitdefender.com/support/security-advisories/memory-corruption-bitdefender-hypervisor-introspection-va-9336 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-15294 – Compiler Optimization Removal or Modification of Security-Critical Code vulnerability in Bitdefender Hypervisor Introspection (VA-9339)
https://notcve.org/view.php?id=CVE-2020-15294
17 Dec 2020 — Compiler Optimization Removal or Modification of Security-critical Code vulnerability in IntPeParseUnwindData() results in multiple dereferences to the same pointer. If the pointer is located in memory-mapped from the guest space, this may cause a race-condition where the generated code would dereference the same address twice, thus obtaining different values, which may lead to arbitrary code execution. This issue affects: Bitdefender Hypervisor Introspection versions prior to 1.132.2. Una vulnerabilidad de... • https://www.bitdefender.com/support/security-advisories/compiler-optimization-removal-modification-security-critical-code-vulnerability-bitdefender-hypervisor-introspection-va-9339 • CWE-733: Compiler Optimization Removal or Modification of Security-critical Code •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-15292 – Lack of validation on data read from guest memory in Bitdefender HVI (VA-9333)
https://notcve.org/view.php?id=CVE-2020-15292
17 Dec 2020 — Lack of validation on data read from guest memory in IntPeGetDirectory, IntPeParseUnwindData, IntLogExceptionRecord, IntKsymExpandSymbol and IntLixTaskDumpTree may lead to out-of-bounds read or it could cause DoS due to integer-overflor (IntPeGetDirectory), TOCTOU (IntPeParseUnwindData) or insufficient validations. Una falta de comprobación en los datos leídos desde la memoria del invitado en IntPeGetDirectory, IntPeParseUnwindData, IntLogExceptionRecord, IntKsymExpandSymbol e IntLixTaskDumpTree, puede conl... • https://www.bitdefender.com/support/security-advisories/lack-validation-data-read-guest-memory-bitdefender-hvi-va-9333 • CWE-20: Improper Input Validation •