PT-2021-2687 · Clamav+4 · Clamav+4

Published

2021-04-08

Updated

2026-02-06

CVE-2021-1404

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions ClamAV versions 0.103.0 and 0.103.1 ClamAV versions prior to 0.103.2

Description The issue exists due to insufficient input validation in the PDF parsing module of ClamAV, allowing a remote attacker to cause a denial of service condition. This can be achieved by sending a crafted PDF file to an affected device, potentially causing the ClamAV scanning process to crash. The vulnerability is also due to improper buffer size tracking, which may result in a heap buffer over-read.

Recommendations For ClamAV versions 0.103.0 and 0.103.1, update to a version that includes the fix for this issue. For ClamAV versions prior to 0.103.2, update to version 0.103.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the PDF parsing module until a patch is available.

Fix

DoS

Out of bounds Read

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125CWE-20

Related Identifiers

ALT-PU-2021-1627

ALT-PU-2021-1635

ALT-PU-2022-1152

BDU:2021-02218

CLEANSTART-2026-LA13761

CLEANSTART-2026-NJ87139

CLEANSTART-2026-TC95380

CLEANSTART-2026-WX01708

CVE-2021-1404

OPENSUSE-SU-2021:0555-1

OPENSUSE-SU-2021_0555-1

OPENSUSE-SU-2024:10685-1

SUSE-SU-2021:1174-1

SUSE-SU-2021:1189-1

SUSE-SU-2021:1190-1

SUSE-SU-2021:14692-1

SUSE-SU-2021_14692-1

USN-4918-1

USN-4918-2

USN-4918-3

Affected Products

Alt Linux

Clamav

Linuxmint

Suse

Ubuntu

PT-2021-2687 · Clamav+4 · Clamav+4

CVE-2021-1404

Weakness Enumeration

Related Identifiers

Affected Products

References · 175