Privilege Escalation Vulnerability in Kaspersky Anti-Virus for Linux File Server

Privilege Escalation Vulnerability in Kaspersky Anti-Virus for Linux File Server

CVE-2017-9811 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

The kluser is able to interact with the kav4fs-control binary in Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312). By abusing the quarantine read and write operations, it is possible to elevate the privileges to root.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.