CVE-2019-17652

Name of the Vulnerable Software and Affected Versions FortiClient for Linux versions 6.2.1 and below

Description A stack buffer overflow issue may allow a user with low privilege to cause FortiClient processes running under root privilege to crash via sending specially crafted "StartAvCustomScan" type IPC client requests to the fctsched process due to the argv data not being well sanitized. This is related to the handling of the argv array. The issue can be exploited by sending specially crafted IPC requests, potentially leading to a denial of service.

Recommendations For FortiClient for Linux versions 6.2.1 and below, consider disabling the StartAvCustomScan type IPC client requests to the fctsched process as a temporary workaround until a patch is available. Restrict access to the fctsched process to minimize the risk of exploitation. Avoid using the argv data in the affected IPC requests until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.