Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-0213

A buffer overflow vulnerability in TA for Linux and TA for MacOS prior to 5.8.1 allows a local user to gain elevated permissions, or cause a Denial of Service (DoS), through exploiting a memory corruption issue in the TA service, which runs as root. This may also result in the disabling of event reporting to ePO, caused by failure to validate input from the file correctly.

Published

2024-01-09T14:15:46.763

Last Modified

2024-11-21T08:46:04.773

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 8.2 (HIGH)

Weaknesses

Type: Secondary
CWE-120
Type: Primary
CWE-120

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	trellix	agent	< 5.8.1	Yes
Application	trellix	agent	< 5.8.1	Yes

References

https://kcm.trellix.com/corporate/index?page=content&id=SB10416 Patch, Vendor Advisory ([email protected])
https://kcm.trellix.com/corporate/index?page=content&id=SB10416 Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)