CVE-2022-20796
ClamAV Truncated File Denial of Service Vulnerability Affecting Cisco Products: April 2022
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
On May 4, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in Clam AntiVirus (ClamAV) versions 0.103.4, 0.103.5, 0.104.1, and 0.104.2 could allow an authenticated, local attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog.
El 4 de mayo de 2022, fue divulgada la siguiente vulnerabilidad en ClamAV scanning library versiones 0.103.5 y anteriores y 0.104.2 y anteriores: Una vulnerabilidad en versiones 0.103.4, 0.103.5, 0.104.1 y 0.104.2 de Clam AntiVirus (ClamAV) podría permitir a un atacante local autenticado causar una condición de denegación de servicio en un dispositivo afectado. Para una descripción de esta vulnerabilidad, vea el blog de ClamAV
Michał Dardas discovered that ClamAV incorrectly handled parsing CHM files. A remote attacker could possibly use this issue to cause ClamAV to stop responding, resulting in a denial of service. Michał Dardas discovered that ClamAV incorrectly handled parsing TIFF files. A remote attacker could possibly use this issue to cause ClamAV to stop responding, resulting in a denial of service. Michał Dardas discovered that ClamAV incorrectly handled parsing HTML files. A remote attacker could possibly use this issue to cause ClamAV to consume resources, resulting in a denial of service.
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2021-11-02 CVE Reserved
- 2022-05-04 CVE Published
- 2024-11-06 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-476: NULL Pointer Dereference
- CWE-822: Untrusted Pointer Dereference
CAPEC
References (6)
| URL | Tag | Source |
|---|---|---|
| https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html | Mailing List |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Clamav Search vendor "Clamav" | Clamav Search vendor "Clamav" for product "Clamav" | 0.103.4 Search vendor "Clamav" for product "Clamav" and version "0.103.4" | - |
Affected
| ||||||
| Clamav Search vendor "Clamav" | Clamav Search vendor "Clamav" for product "Clamav" | 0.103.5 Search vendor "Clamav" for product "Clamav" and version "0.103.5" | - |
Affected
| ||||||
| Clamav Search vendor "Clamav" | Clamav Search vendor "Clamav" for product "Clamav" | 0.104.1 Search vendor "Clamav" for product "Clamav" and version "0.104.1" | - |
Affected
| ||||||
| Clamav Search vendor "Clamav" | Clamav Search vendor "Clamav" for product "Clamav" | 0.104.2 Search vendor "Clamav" for product "Clamav" and version "0.104.2" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Secure Endpoint Search vendor "Cisco" for product "Secure Endpoint" | < 1.16.3 Search vendor "Cisco" for product "Secure Endpoint" and version " < 1.16.3" | macos |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Secure Endpoint Search vendor "Cisco" for product "Secure Endpoint" | < 1.17.2 Search vendor "Cisco" for product "Secure Endpoint" and version " < 1.17.2" | linux |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Secure Endpoint Search vendor "Cisco" for product "Secure Endpoint" | < 7.5.5 Search vendor "Cisco" for product "Secure Endpoint" and version " < 7.5.5" | windows |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Secure Endpoint Search vendor "Cisco" for product "Secure Endpoint" | >= 1.18.0 < 1.18.2 Search vendor "Cisco" for product "Secure Endpoint" and version " >= 1.18.0 < 1.18.2" | linux |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Secure Endpoint Search vendor "Cisco" for product "Secure Endpoint" | >= 1.18.0 < 1.18.2 Search vendor "Cisco" for product "Secure Endpoint" and version " >= 1.18.0 < 1.18.2" | macos |
Affected
| ||||||
| Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 34 Search vendor "Fedoraproject" for product "Fedora" and version "34" | - |
Affected
| ||||||
| Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 35 Search vendor "Fedoraproject" for product "Fedora" and version "35" | - |
Affected
| ||||||
| Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 36 Search vendor "Fedoraproject" for product "Fedora" and version "36" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 9.0 Search vendor "Debian" for product "Debian Linux" and version "9.0" | - |
Affected
| ||||||