FSC-2020-3
Multiple Buffer Overflow Vulnerabilities in F-Secure Linux Security
More information
A vulnerability was discovered in F-Secure Linux Security whereby the FSAVD component used in certain F-Secure products allows multiple buffer overflows if the input is larger than the destination. The exploit can be triggered locally by an attacker. A successful attack can lead to local privilege escalation.
This issue was reported to F-Secure through the Vulnerability Reward Program. No known exploit or attack has been seen in the wild.
Contributors
F-Secure Corporation would like to thank Gustav Larsson (https://gustavlarsson.fi) for bringing this issue to our attention.