PT-2023-1388 · Clamav+5 · Clamav+5

Simon Scannell

Published

2023-02-15

Updated

2024-06-15

CVE-2023-20032

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions ClamAV versions 1.0.0 and earlier ClamAV versions 0.105.1 and earlier ClamAV versions 0.103.7 and earlier

Description The issue is related to a missing buffer size check in the HFS+ partition file parser of ClamAV, which may result in a heap buffer overflow write. An attacker could exploit this by submitting a crafted HFS+ partition file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the ClamAV scanning process or crash the process, resulting in a denial of service condition.

Recommendations For ClamAV versions 1.0.0 and earlier, update to version 1.0.1 or later. For ClamAV versions 0.105.1 and earlier, update to version 0.105.3 or later. For ClamAV versions 0.103.7 and earlier, update to version 0.103.8 or later. As a temporary workaround, consider restricting access to the HFS+ partition file parser until a patch is available.

Exploit

Fix

DoS

Buffer Overflow

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-787CWE-120

Related Identifiers

ALT-PU-2023-1400

ALT-PU-2023-1436

ALT-PU-2023-1459

ALT-PU-2023-1474

AZL-13724

BDU:2023-00757

CVE-2023-20032

DLA-3328-1

MGASA-2023-0068

OESA-2023-1169

OPENSUSE-SU-2024:12696-1

SUSE-SU-2023:0453-1

SUSE-SU-2023:0470-1

SUSE-SU-2023:0471-1

USN-5887-1

Affected Products

Alt Linux

Clamav

Linuxmint

Red Os

Suse

Ubuntu

PT-2023-1388 · Clamav+5 · Clamav+5

CVE-2023-20032

Weakness Enumeration

Related Identifiers

Affected Products

References · 44