Avast Virtualization alization aswSnx. sys Buffer Overflow Vulnerability (CVE-2015-8620)

Avast Virtualization alization aswSnx. sys Buffer Overflow Vulnerability (CVE-2015-8620)
Avast Virtualization alization aswSnx. sys Buffer Overflow Vulnerability (CVE-2015-8620)

Release date:
Updated on:

Affected Systems:

Avast InternetSecurity <= v11.1.2245
Avast ProAntivirus <= v11.1.2245
Avast Premier <=  v11.1.2245
Avast Free Antivirus <= v11.1.2245

Description:

CVE (CAN) ID: CVE-2015-8620

AswSnx. sys processes the 'sandbox' and 'demoscreen 'functions of all Avast Windows products.

The Avast Virtualization alization Driver (aswSnx. sys) v11.1.2245 and earlier versions have the permission Escalation Vulnerability. After successful exploitation, local attackers can execute arbitrary code with the system permission to completely control the affected hosts. This vulnerability is caused by aswSnx. sys does not verify the absolute path length of some Unicode files requested by IOCTL in the user space. After copying to a fixed-size paging pool memory, the related kernel paging pool allocated data block overflow is triggered, destroys neighboring kernel objects.

<* Source: Nettitude
*>

Suggestion:

Vendor patch:

Avast
-----
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:

Https://www.avast.com/internet-security

Refer:
Https://www.nettitude.co.uk/exploiting-a-kernel-paged-pool-buffer-overflow-in-avast-virtualization-driver? Platform = hootsuite

This article permanently updates the link address: