CVE-2022-20796: ClamAV Truncated File Denial of Service Vulnerability Affecting Cisco Products: April 2022
First published: Wed May 04 2022(Updated: )
On May 4, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in Clam AntiVirus (ClamAV) versions 0.103.4, 0.103.5, 0.104.1, and 0.104.2 could allow an authenticated, local attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog.
Credit: ykramarz@cisco.com ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Clamav Clamav | =0.103.4 | |
| Clamav Clamav | =0.103.5 | |
| Clamav Clamav | =0.104.1 | |
| Clamav Clamav | =0.104.2 | |
| Cisco Secure Endpoint | <1.16.3 | |
| Cisco Secure Endpoint | <1.17.2 | |
| Cisco Secure Endpoint | <7.5.5 | |
| Cisco Secure Endpoint | >=1.18.0<1.18.2 | |
| Cisco Secure Endpoint | >=1.18.0<1.18.2 | |
| Fedoraproject Fedora | =34 | |
| Fedoraproject Fedora | =35 | |
| Fedoraproject Fedora | =36 | |
| Debian Debian Linux | =9.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7RV6BLIATIJE74SQ6NG5ZC4JK5MMDQ2R/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BX5ZXNHP4NFYQ5BFSKY3WT7NTBZUYG7L/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N4NNBIJVG6Z4PDIKUZXTYXICYUAYAZ56/
- https://security.gentoo.org/glsa/202310-01
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-dos-vL9x58p4
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RV6BLIATIJE74SQ6NG5ZC4JK5MMDQ2R/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N4NNBIJVG6Z4PDIKUZXTYXICYUAYAZ56/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BX5ZXNHP4NFYQ5BFSKY3WT7NTBZUYG7L/
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2022-20796.
Which software versions are affected by this vulnerability?
The ClamAV scanning library versions 0.103.4, 0.103.5, 0.104.1, and 0.104.2 are affected by this vulnerability.
What is the severity of CVE-2022-20796?
The severity of CVE-2022-20796 is medium with a severity value of 5.5.
How can an attacker exploit this vulnerability?
An authenticated, local attacker can exploit this vulnerability to cause a denial of service.
Is there a fix available for this vulnerability?
Yes, patches and updates are available to fix this vulnerability. Please refer to the vendor's advisory for more information.
- collector/nvd-api
- collector/nvd-index
- agent/author
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/last-modified-date
- agent/title
- agent/severity
- agent/weakness
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- vendor/clamav
- canonical/clamav clamav
- version/clamav clamav/0.103.4
- version/clamav clamav/0.103.5
- version/clamav clamav/0.104.1
- version/clamav clamav/0.104.2
- vendor/cisco
- canonical/cisco secure endpoint
- version/cisco secure endpoint/1.18.0
- vendor/fedoraproject
- canonical/fedoraproject fedora
- version/fedoraproject fedora/34
- version/fedoraproject fedora/35
- version/fedoraproject fedora/36
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/9.0