PT-2021-2688 · Clamav+4 · Clamav+4

Published

2021-04-08

·

Updated

2026-02-06

·

CVE-2021-1252

CVSS v3.1

9.8

Critical

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1
Description A vulnerability in the Excel XLM macro parsing module could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The issue is due to improper error handling that may result in an infinite loop. An attacker could exploit this by sending a crafted Excel file to an affected device, potentially causing the ClamAV scanning process to hang.
Recommendations For versions 0.103.0 and 0.103.1, consider disabling the Excel XLM macro parsing module until a patch is available to prevent exploitation. As a temporary workaround, restrict the handling of crafted Excel files to minimize the risk of denial of service conditions. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

RCE

Infinite Loop

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-20CWE-835

Related Identifiers

ALT-PU-2021-1627
ALT-PU-2021-1635
ALT-PU-2022-1152
BDU:2021-02219
CLEANSTART-2026-LA13761
CLEANSTART-2026-NJ87139
CLEANSTART-2026-TC95380
CLEANSTART-2026-WX01708
CVE-2021-1252
OPENSUSE-SU-2021:0555-1
OPENSUSE-SU-2021_0555-1
OPENSUSE-SU-2024:10685-1
SUSE-SU-2021:1174-1
SUSE-SU-2021:1189-1
SUSE-SU-2021:1190-1
SUSE-SU-2021:14692-1
SUSE-SU-2021_1174-1
SUSE-SU-2021_1189-1
SUSE-SU-2021_1190-1
SUSE-SU-2021_14692-1
USN-4918-1
USN-4918-2
USN-4918-3

Affected Products

Alt Linux
Clamav
Linuxmint
Suse
Ubuntu