Contents x
Buffer Error Protection
  • 14 Sep 2023
  • 1 Minute to read
  • Print
  • Dark
    Light
  • PDF
Contents

Buffer Error Protection

  • Updated on 14 Sep 2023
  • 1 Minute to read
  • Print
  • Dark
    Light
  • PDF
Article summary

About this Article
This article provides information about how to enable inline protection for Buffer Errors.


Memory inline protection provides the ability to stop a Buffer Error (BE) attack prior to its execution at the Probe itself. Inline protection of binary applications ensures that the errant instruction does not jump to the desired destination address, thereby, completely stopping the BE attack.

Below are the steps to enable Inline Protection:

  1. During Step 2 (Add Process Info) of Create Application / Modify Application, when the selected Process Type is Binary and Buffer Error is selected in Vulnerability, VSP provides an option to enable inline protection
  2. There are two protection modes available: 
    1. Detect – Detect only; do not perform any inline protection action
    2. Protect – After detection; stop the process PRIOR to the execution of the errant command
  3. There are two protection actions available:
    1. Kill Process – The process is killed upon BE detection
    2. Restart Process (Linux ONLY) –The process is restarted upon BE detection


Was this article helpful?
What's Next