ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper input validation checking mechanisms of .tar (Tape Archive) files sent to an affected device. A successful exploit could cause a checksum buffer over-read condition when ClamAV scans the malicious .tar file, potentially allowing the attacker to cause a DoS condition on the affected device.
{ "ubuntu_priority": "medium", "availability": "No subscription required", "binaries": [ { "binary_name": "clamav", "binary_version": "0.99.3+addedllvm-0ubuntu0.14.04.1" }, { "binary_name": "clamav-base", "binary_version": "0.99.3+addedllvm-0ubuntu0.14.04.1" }, { "binary_name": "clamav-daemon", "binary_version": "0.99.3+addedllvm-0ubuntu0.14.04.1" }, { "binary_name": "clamav-daemon-dbgsym", "binary_version": "0.99.3+addedllvm-0ubuntu0.14.04.1" }, { "binary_name": "clamav-dbg", "binary_version": "0.99.3+addedllvm-0ubuntu0.14.04.1" }, { "binary_name": "clamav-dbgsym", "binary_version": "0.99.3+addedllvm-0ubuntu0.14.04.1" }, { "binary_name": "clamav-docs", "binary_version": "0.99.3+addedllvm-0ubuntu0.14.04.1" }, { "binary_name": "clamav-freshclam", "binary_version": "0.99.3+addedllvm-0ubuntu0.14.04.1" }, { "binary_name": "clamav-freshclam-dbgsym", "binary_version": "0.99.3+addedllvm-0ubuntu0.14.04.1" }, { "binary_name": "clamav-milter", "binary_version": "0.99.3+addedllvm-0ubuntu0.14.04.1" }, { "binary_name": "clamav-milter-dbgsym", "binary_version": "0.99.3+addedllvm-0ubuntu0.14.04.1" }, { "binary_name": "clamav-testfiles", "binary_version": "0.99.3+addedllvm-0ubuntu0.14.04.1" }, { "binary_name": "libclamav-dev", "binary_version": "0.99.3+addedllvm-0ubuntu0.14.04.1" }, { "binary_name": "libclamav-dev-dbgsym", "binary_version": "0.99.3+addedllvm-0ubuntu0.14.04.1" }, { "binary_name": "libclamav7", "binary_version": "0.99.3+addedllvm-0ubuntu0.14.04.1" }, { "binary_name": "libclamav7-dbgsym", "binary_version": "0.99.3+addedllvm-0ubuntu0.14.04.1" } ] }
{ "ubuntu_priority": "medium", "availability": "No subscription required", "binaries": [ { "binary_name": "clamav", "binary_version": "0.99.3+addedllvm-0ubuntu0.16.04.1" }, { "binary_name": "clamav-base", "binary_version": "0.99.3+addedllvm-0ubuntu0.16.04.1" }, { "binary_name": "clamav-daemon", "binary_version": "0.99.3+addedllvm-0ubuntu0.16.04.1" }, { "binary_name": "clamav-daemon-dbgsym", "binary_version": "0.99.3+addedllvm-0ubuntu0.16.04.1" }, { "binary_name": "clamav-dbg", "binary_version": "0.99.3+addedllvm-0ubuntu0.16.04.1" }, { "binary_name": "clamav-dbgsym", "binary_version": "0.99.3+addedllvm-0ubuntu0.16.04.1" }, { "binary_name": "clamav-docs", "binary_version": "0.99.3+addedllvm-0ubuntu0.16.04.1" }, { "binary_name": "clamav-freshclam", "binary_version": "0.99.3+addedllvm-0ubuntu0.16.04.1" }, { "binary_name": "clamav-freshclam-dbgsym", "binary_version": "0.99.3+addedllvm-0ubuntu0.16.04.1" }, { "binary_name": "clamav-milter", "binary_version": "0.99.3+addedllvm-0ubuntu0.16.04.1" }, { "binary_name": "clamav-milter-dbgsym", "binary_version": "0.99.3+addedllvm-0ubuntu0.16.04.1" }, { "binary_name": "clamav-testfiles", "binary_version": "0.99.3+addedllvm-0ubuntu0.16.04.1" }, { "binary_name": "clamdscan", "binary_version": "0.99.3+addedllvm-0ubuntu0.16.04.1" }, { "binary_name": "clamdscan-dbgsym", "binary_version": "0.99.3+addedllvm-0ubuntu0.16.04.1" }, { "binary_name": "libclamav-dev", "binary_version": "0.99.3+addedllvm-0ubuntu0.16.04.1" }, { "binary_name": "libclamav-dev-dbgsym", "binary_version": "0.99.3+addedllvm-0ubuntu0.16.04.1" }, { "binary_name": "libclamav7", "binary_version": "0.99.3+addedllvm-0ubuntu0.16.04.1" }, { "binary_name": "libclamav7-dbgsym", "binary_version": "0.99.3+addedllvm-0ubuntu0.16.04.1" } ] }