CVE-2021-1405

Name of the Vulnerable Software and Affected Versions Clam AntiVirus (ClamAV) Software versions 0.103.1 and all prior versions Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1

Description A vulnerability in the email parsing module and PDF parsing module in Clam AntiVirus (ClamAV) Software could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper variable initialization and buffer size tracking that may result in a NULL pointer read or heap buffer over-read. An attacker could exploit this vulnerability by sending a crafted email or PDF file to an affected device, allowing the attacker to cause the ClamAV scanning process to crash, resulting in a denial of service condition.

Recommendations For Clam AntiVirus (ClamAV) Software versions 0.103.1 and all prior versions, update to a version that fixes the improper variable initialization issue. For Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1, update to a version that fixes the improper buffer size tracking issue. As a temporary workaround, consider restricting the input to the email and PDF parsing modules to minimize the risk of exploitation.