CVE-2022-20796 – ClamAV Truncated File Denial of Service Vulnerability Affecting Cisco Products: April 2022
https://notcve.org/view.php?id=CVE-2022-20796
On May 4, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in Clam AntiVirus (ClamAV) versions 0.103.4, 0.103.5, 0.104.1, and 0.104.2 could allow an authenticated, local attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog. El 4 de mayo de 2022, fue divulgada la siguiente vulnerabilidad en ClamAV scanning library versiones 0.103.5 y anteriores y 0.104.2 y anteriores: Una vulnerabilidad en versiones 0.103.4, 0.103.5, 0.104.1 y 0.104.2 de Clam AntiVirus (ClamAV) podría permitir a un atacante local autenticado causar una condición de denegación de servicio en un dispositivo afectado. Para una descripción de esta vulnerabilidad, vea el blog de ClamAV • https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RV6BLIATIJE74SQ6NG5ZC4JK5MMDQ2R https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BX5ZXNHP4NFYQ5BFSKY3WT7NTBZUYG7L https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N4NNBIJVG6Z4PDIKUZXTYXICYUAYAZ56 https://security.gentoo.org/glsa/202310-01 https://tools.cisco.com/security/center/content/CiscoSecuri • CWE-476: NULL Pointer Dereference CWE-822: Untrusted Pointer Dereference •
CVE-2022-20785 – ClamAV HTML Scanning Memory Leak Vulnerability Affecting Cisco Products: April 2022
https://notcve.org/view.php?id=CVE-2022-20785
On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in HTML file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog. This advisory will be updated as additional information becomes available. El 20 de abril de 2022, fue divulgada la siguiente vulnerabilidad en ClamAV scanning library versiones 0.103.5 y anteriores y 0.104.2 y anteriores: Una vulnerabilidad en el analizador de archivos HTML de Clam AntiVirus (ClamAV) versiones 0.104.0 a 0.104.2 y LTS versión 0.103.5 y anteriores, podría permitir a un atacante remoto no autenticado causar una condición de denegación de servicio en un dispositivo afectado. Para una descripción de esta vulnerabilidad, vea el blog de ClamAV. • https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RV6BLIATIJE74SQ6NG5ZC4JK5MMDQ2R https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BX5ZXNHP4NFYQ5BFSKY3WT7NTBZUYG7L https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N4NNBIJVG6Z4PDIKUZXTYXICYUAYAZ56 https://security.gentoo.org/glsa/202310-01 https://tools.cisco.com/security/center/content/CiscoSecuri • CWE-401: Missing Release of Memory after Effective Lifetime •
CVE-2022-20771 – ClamAV TIFF File Parsing Denial of Service Vulnerability Affecting Cisco Products: April 2022
https://notcve.org/view.php?id=CVE-2022-20771
On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in the TIFF file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog. This advisory will be updated as additional information becomes available. El 20 de abril de 2022, fue divulgada la siguiente vulnerabilidad en ClamAV scanning library versiones 0.103.5 y anteriores y 0.104.2 y anteriores: Una vulnerabilidad en el analizador de archivos TIFF de Clam AntiVirus (ClamAV) versiones 0.104.0 a 0.104.2 y LTS versión 0.103.5 y anteriores, podría permitir a un atacante remoto no autenticado causar una condición de denegación de servicio en un dispositivo afectado. Para una descripción de esta vulnerabilidad, vea el blog de ClamAV. • https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RV6BLIATIJE74SQ6NG5ZC4JK5MMDQ2R https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BX5ZXNHP4NFYQ5BFSKY3WT7NTBZUYG7L https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N4NNBIJVG6Z4PDIKUZXTYXICYUAYAZ56 https://security.gentoo.org/glsa/202310-01 https://tools.cisco.com/security/center/content/CiscoSecuri • CWE-399: Resource Management Errors •
CVE-2022-20770 – ClamAV CHM File Parsing Denial of Service Vulnerability Affecting Cisco Products: April 2022
https://notcve.org/view.php?id=CVE-2022-20770
On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in CHM file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog. This advisory will be updated as additional information becomes available. El 20 de abril de 2022, fue divulgada la siguiente vulnerabilidad en ClamAV scanning library versiones 0.103.5 y anteriores y 0.104.2 y anteriores: Una vulnerabilidad en el analizador de archivos CHM de Clam AntiVirus (ClamAV) versiones 0.104.0 hasta 0.104.2 y LTS versión 0.103.5 y anteriores, podría permitir a un atacante remoto no autenticado causar una condición de denegación de servicio en un dispositivo afectado. Para una descripción de esta vulnerabilidad, vea el blog de ClamAV. • https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RV6BLIATIJE74SQ6NG5ZC4JK5MMDQ2R https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BX5ZXNHP4NFYQ5BFSKY3WT7NTBZUYG7L https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N4NNBIJVG6Z4PDIKUZXTYXICYUAYAZ56 https://security.gentoo.org/glsa/202310-01 https://tools.cisco.com/security/center/content/CiscoSecuri • CWE-399: Resource Management Errors •
CVE-2022-20698 – Clam AntiVirus (ClamAV) Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2022-20698
A vulnerability in the OOXML parsing module in Clam AntiVirus (ClamAV) Software version 0.104.1 and LTS version 0.103.4 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper checks that may result in an invalid pointer read. An attacker could exploit this vulnerability by sending a crafted OOXML file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to crash, resulting in a denial of service condition. Una vulnerabilidad en el módulo de análisis de OOXML en el software Clam AntiVirus (ClamAV) versión 0.104.1 y LTS versiones 0.103.4 y anteriores, podría permitir a un atacante remoto no autenticado causar una condición de denegación de servicio en un dispositivo afectado. • https://blog.clamav.net/2022/01/clamav-01035-and-01042-security-patch.html https://security.gentoo.org/glsa/202310-01 • CWE-20: Improper Input Validation CWE-125: Out-of-bounds Read •