CVE-2021-25224

Name of the Vulnerable Software and Affected Versions: Trend Micro ServerProtect for Linux version 3.0

Description: A memory exhaustion issue could allow a local attacker to craft specific files that can cause a denial-of-service on the affected product. The specific flaw exists within a manual scan component. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this issue.

Recommendations: For Trend Micro ServerProtect for Linux version 3.0, consider restricting access to the manual scan component as a temporary workaround until a patch is available. Additionally, ensure that low-privileged code execution on the target system is properly secured to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.