First Last Prev Next    This bug is not in your last search results.
Bug 55188 - clamav: Multiple issues (5.0)
clamav: Multiple issues (5.0)
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: Security updates
UCS 5.0
All Linux
: P3 normal (vote)
: UCS 5.0-2-errata
Assigned To: Quality Assurance
Philipp Hahn
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2022-09-11 18:40 CEST by Quality Assurance
Modified: 2022-09-13 17:50 CEST (History)
0 users

See Also:
What kind of report is it?: Security Issue
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score: 7.8 (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) NVD

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Quality Assurance univentionstaff 2022-09-11 18:40:08 CEST 
New Debian clamav 0.103.6+dfsg-0+deb10u1A~5.0.2.202209111835 fixes:
This update addresses the following issues:
* On April 20, 2022, the following vulnerability in the ClamAV scanning  library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed:  A vulnerability in CHM file parser of Clam AntiVirus (ClamAV) versions  0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could  allow an unauthenticated, remote attacker to cause a denial of service  condition on an affected device. For a description of this vulnerability,  see the ClamAV blog. This advisory will be updated as additional  information becomes available. (CVE-2022-20770)
* On April 20, 2022, the following vulnerability in the ClamAV scanning  library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed:  A vulnerability in the TIFF file parser of Clam AntiVirus (ClamAV) versions  0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could  allow an unauthenticated, remote attacker to cause a denial of service  condition on an affected device. For a description of this vulnerability,  see the ClamAV blog. This advisory will be updated as additional  information becomes available. (CVE-2022-20771)
* On April 20, 2022, the following vulnerability in the ClamAV scanning  library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed:  A vulnerability in HTML file parser of Clam AntiVirus (ClamAV) versions  0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could  allow an unauthenticated, remote attacker to cause a denial of service  condition on an affected device. For a description of this vulnerability,  see the ClamAV blog. This advisory will be updated as additional  information becomes available. (CVE-2022-20785)
* A vulnerability in the regex module used by the signature database load  module of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS  version 0.103.5 and prior versions could allow an authenticated, local  attacker to crash ClamAV at database load time, and possibly gain code  execution. The vulnerability is due to improper bounds checking that may  result in a multi-byte heap buffer overwflow write. An attacker could  exploit this vulnerability by placing a crafted CDB ClamAV signature  database file in the ClamAV database directory. An exploit could allow the  attacker to run code as the clamav user. (CVE-2022-20792)
* On May 4, 2022, the following vulnerability in the ClamAV scanning library  versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A  vulnerability in Clam AntiVirus (ClamAV) versions 0.103.4, 0.103.5,  0.104.1, and 0.104.2 could allow an authenticated, local attacker to cause  a denial of service condition on an affected device. For a description of  this vulnerability, see the ClamAV blog. (CVE-2022-20796)
Comment 1 Quality Assurance univentionstaff 2022-09-12 09:04:26 CEST 
--- mirror/ftp/pool/main/c/clamav/clamav_0.103.5+dfsg-0+deb10u1A~5.0.1.202203271459.dsc
+++ apt/ucs_5.0-0-errata5.0-2/source/clamav_0.103.6+dfsg-0+deb10u1A~5.0.0.202209120853.dsc
@@ -1,7 +1,22 @@
-0.103.5+dfsg-0+deb10u1A~5.0.1.202203271459 [Mon, 28 Mar 2022 08:44:25 +0200] Univention builddaemon <buildd@univention.de>:
+0.103.6+dfsg-0+deb10u1A~5.0.0.202209120853 [Mon, 12 Sep 2022 08:53:34 +0200] Univention builddaemon <buildd@univention.de>:
 
   * UCS auto build. The following patches have been applied to the original source package
     030-silence-version-msg
+
+0.103.6+dfsg-0+deb10u1 [Thu, 26 May 2022 10:19:13 +0200] Sebastian Andrzej Siewior <sebastian@breakpoint.cc>:
+
+  * Import 0.103.6
+    - CVE-2022-20770 (Possible infinite loop vulnerability in the CHM file
+      parser).
+    - CVE-2022-20796 (Possible NULL-pointer dereference crash in the scan
+      verdict cache check).
+    - CVE-2022-20771 (Possible infinite loop vulnerability in the TIFF file
+      parser).
+    - CVE-2022-20785 (Possible memory leak in the HTML file parser/
+      Javascript normalizer).
+    - CVE-2022-20792 (Possible multi-byte heap buffer overflow write
+      vulnerability in the signature database load module.
+    - Update symbol file.
 
 0.103.5+dfsg-0+deb10u1 [Thu, 13 Jan 2022 21:51:03 +0100] Sebastian Andrzej Siewior <sebastian@breakpoint.cc>:
 

<http://piuparts.knut.univention.de/5.0-2/#1721682631646228144>
Comment 2 Philipp Hahn univentionstaff 2022-09-13 11:34:38 CEST 
OK: yaml
OK: announce_errata
OK: patch
OK: piuparts

[5.0-2] 110b7482f2 Bug #55188: clamav 0.103.6+dfsg-0+deb10u1A~5.0.0.202209120853
 doc/errata/staging/clamav.yaml | 32 ++++++++++++++++++++++++++++++++
 1 file changed, 32 insertions(+)
First Last Prev Next    This bug is not in your last search results.