Compiler Optimization Removal or Modification of Security-critical Code vulnerability in IntPeParseUnwindData() results in multiple dereferences to the same pointer. If the pointer is located in memory-mapped from the guest space, this may cause a race-condition where the generated code would dereference the same address twice, thus obtaining different values, which may lead to arbitrary code execution. This issue affects: Bitdefender Hypervisor Introspection versions prior to 1.132.2.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HBitdefender Hypervisor Introspection
APPBitdefender< 1.132.2
Related vulnerabilities
Lack of validation on data read from guest memory in IntPeGetDirectory, IntPeParseUnwindData, IntLogExceptionR...
Memory corruption in IntLixCrashDumpDmesg, IntLixTaskFetchCmdLine, IntLixFileReadDentry and IntLixFileGetPath ...
Stored XSS w Psono Client / Bitdefender SecurePass via zΕoΕliwe URL w magazynie haseΕ
Niebezpieczna deserializacja PHP w Bitdefender GravityZone Console (RCE)
Command injection w Bitdefender Box 1 β nieuwierzytelniony RCE