ID

VAR-202205-0220


CVE

CVE-2022-20785


TITLE

ClamAV  Vulnerability regarding lack of memory release after expiration in

Trust: 0.8

sources: JVNDB: JVNDB-2022-010292

DESCRIPTION

On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in HTML file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog. This advisory will be updated as additional information becomes available. ClamAV Contains a vulnerability regarding the lack of free memory after expiration.Service operation interruption (DoS) It may be in a state. Clam AntiVirus is an open source antivirus engine for detecting Trojans, viruses, malware and other malicious threats. ========================================================================== Ubuntu Security Notice USN-5423-2 May 17, 2022 clamav vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 ESM - Ubuntu 14.04 ESM Summary: Several security issues were fixed in ClamAV. Software Description: - clamav: Anti-virus utility for Unix Details: USN-5423-1 fixed several vulnerabilities in ClamAV. This update provides the corresponding update for Ubuntu 14.04 ESM and 16.04 ESM. Original advisory details: Michał Dardas discovered that ClamAV incorrectly handled parsing CHM files. A remote attacker could possibly use this issue to cause ClamAV to stop responding, resulting in a denial of service. (CVE-2022-20770) Michał Dardas discovered that ClamAV incorrectly handled parsing TIFF files. A remote attacker could possibly use this issue to cause ClamAV to stop responding, resulting in a denial of service. (CVE-2022-20771) Michał Dardas discovered that ClamAV incorrectly handled parsing HTML files. A remote attacker could possibly use this issue to cause ClamAV to consume resources, resulting in a denial of service. (CVE-2022-20785) Michał Dardas discovered that ClamAV incorrectly handled loading the signature database. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-20792) Alexander Patrakov and Antoine Gatineau discovered that ClamAV incorrectly handled the scan verdict cache check. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service, or possibly execute arbitrary code.(CVE-2022-20796) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 ESM: clamav 0.103.6+dfsg-0ubuntu0.16.04.1+esm1 Ubuntu 14.04 ESM: clamav 0.103.6+dfsg-0ubuntu0.14.04.1+esm1 This update uses a new upstream release, which includes additional bug fixes. In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-5423-2 https://ubuntu.com/security/notices/USN-5423-1 CVE-2022-20770, CVE-2022-20771, CVE-2022-20785, CVE-2022-20792, CVE-2022-20796 . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202310-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: ClamAV: Multiple Vulnerabilities Date: October 01, 2023 Bugs: #831083, #842813, #894672 ID: 202310-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been discovered in ClamAV, the worst of which could result in remote code execution. Background ========== ClamAV is a GPL virus scanner. Affected packages ================= Package Vulnerable Unaffected -------------------- ------------ ------------ app-antivirus/clamav < 0.103.7 >= 0.103.7 Description =========== Multiple vulnerabilities have been discovered in ClamAV. Please review the CVE identifiers referenced below for details. Impact ====== Please review the referenced CVE identifiers for details. Workaround ========== There is no known workaround at this time. Resolution ========== All ClamAV users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=app-antivirus/clamav-0.103.7" References ========== [ 1 ] CVE-2022-20698 https://nvd.nist.gov/vuln/detail/CVE-2022-20698 [ 2 ] CVE-2022-20770 https://nvd.nist.gov/vuln/detail/CVE-2022-20770 [ 3 ] CVE-2022-20771 https://nvd.nist.gov/vuln/detail/CVE-2022-20771 [ 4 ] CVE-2022-20785 https://nvd.nist.gov/vuln/detail/CVE-2022-20785 [ 5 ] CVE-2022-20792 https://nvd.nist.gov/vuln/detail/CVE-2022-20792 [ 6 ] CVE-2022-20796 https://nvd.nist.gov/vuln/detail/CVE-2022-20796 [ 7 ] CVE-2022-20803 https://nvd.nist.gov/vuln/detail/CVE-2022-20803 [ 8 ] CVE-2023-20032 https://nvd.nist.gov/vuln/detail/CVE-2023-20032 [ 9 ] CVE-2023-20052 https://nvd.nist.gov/vuln/detail/CVE-2023-20052 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202310-01 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2023 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5

Trust: 2.07

sources: NVD: CVE-2022-20785 // JVNDB: JVNDB-2022-010292 // VULHUB: VHN-405338 // VULMON: CVE-2022-20785 // PACKETSTORM: 167211 // PACKETSTORM: 167199 // PACKETSTORM: 174873

AFFECTED PRODUCTS

vendor:fedoraprojectmodel:fedorascope:eqversion:34

Trust: 1.0

vendor:clamavmodel:clamavscope:ltversion:0.103.5

Trust: 1.0

vendor:ciscomodel:secure endpointscope:gteversion:1.18.0

Trust: 1.0

vendor:ciscomodel:secure endpointscope:ltversion:1.18.2

Trust: 1.0

vendor:ciscomodel:secure endpointscope:ltversion:1.16.3

Trust: 1.0

vendor:ciscomodel:secure endpointscope:ltversion:7.5.5

Trust: 1.0

vendor:fedoraprojectmodel:fedorascope:eqversion:36

Trust: 1.0

vendor:clamavmodel:clamavscope:gteversion:0.104.0

Trust: 1.0

vendor:fedoraprojectmodel:fedorascope:eqversion:35

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:9.0

Trust: 1.0

vendor:clamavmodel:clamavscope:ltversion:0.104.2

Trust: 1.0

vendor:ciscomodel:secure endpointscope:ltversion:1.17.2

Trust: 1.0

vendor:clamavmodel:clamavscope:lteversion:0.103.5

Trust: 1.0

vendor:シスコシステムズmodel:cisco secure endpointscope: - version: -

Trust: 0.8

vendor:clamavmodel:clamavscope: - version: -

Trust: 0.8

vendor:fedoramodel:fedorascope: - version: -

Trust: 0.8

vendor:debianmodel:gnu/linuxscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2022-010292 // NVD: CVE-2022-20785

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-20785
value: HIGH

Trust: 1.0

ykramarz@cisco.com: CVE-2022-20785
value: HIGH

Trust: 1.0

NVD: CVE-2022-20785
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202205-2063
value: HIGH

Trust: 0.6

VULHUB: VHN-405338
value: HIGH

Trust: 0.1

VULMON: CVE-2022-20785
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2022-20785
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-405338
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2022-20785
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 2.0

NVD: CVE-2022-20785
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-405338 // VULMON: CVE-2022-20785 // JVNDB: JVNDB-2022-010292 // CNNVD: CNNVD-202205-2063 // NVD: CVE-2022-20785 // NVD: CVE-2022-20785

PROBLEMTYPE DATA

problemtype:CWE-401

Trust: 1.1

problemtype:Lack of memory release after expiration (CWE-401) [NVD evaluation ]

Trust: 0.8

sources: VULHUB: VHN-405338 // JVNDB: JVNDB-2022-010292 // NVD: CVE-2022-20785

THREAT TYPE

remote

Trust: 0.9

sources: PACKETSTORM: 167211 // PACKETSTORM: 167199 // PACKETSTORM: 174873 // CNNVD: CNNVD-202205-2063

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202205-2063

PATCH

title:FEDORA-2022-0ac71a8f3a Cisco Systems Cisco Security Advisoryurl:https://www.clamav.net/

Trust: 0.8

title:ClamAV Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=191377

Trust: 0.6

title:Cisco: ClamAV HTML Scanning Memory Leak Vulnerability Affecting Cisco Products: May 2022url:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-clamav-html-XAuOK8mR

Trust: 0.1

title:Red Hat: url:https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=CVE-2022-20785

Trust: 0.1

title:Arch Linux Issues: url:https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues&qid=CVE-2022-20785

Trust: 0.1

title:Ubuntu Security Notice: USN-5423-1: ClamAV vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-5423-1

Trust: 0.1

title:Ubuntu Security Notice: USN-5423-2: ClamAV vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-5423-2

Trust: 0.1

title:Amazon Linux AMI: ALAS-2022-1621url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2022-1621

Trust: 0.1

title:Amazon Linux 2022: ALAS2022-2022-090url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux2022&qid=ALAS2022-2022-090

Trust: 0.1

title:Amazon Linux 2022: ALAS-2022-229url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux2022&qid=ALAS-2022-229

Trust: 0.1

title:CVE-2022-XXXXurl:https://github.com/AlphabugX/CVE-2022-23305

Trust: 0.1

title:CVE-2022-XXXXurl:https://github.com/AlphabugX/CVE-2022-RCE

Trust: 0.1

sources: VULMON: CVE-2022-20785 // JVNDB: JVNDB-2022-010292 // CNNVD: CNNVD-202205-2063

EXTERNAL IDS

db:NVDid:CVE-2022-20785

Trust: 3.7

db:PACKETSTORMid:167211

Trust: 0.8

db:PACKETSTORMid:167199

Trust: 0.8

db:JVNDBid:JVNDB-2022-010292

Trust: 0.8

db:AUSCERTid:ESB-2022.2431

Trust: 0.6

db:AUSCERTid:ESB-2022.2362

Trust: 0.6

db:AUSCERTid:ESB-2022.2784

Trust: 0.6

db:CS-HELPid:SB2022051836

Trust: 0.6

db:CS-HELPid:SB2022051732

Trust: 0.6

db:CS-HELPid:SB2022050437

Trust: 0.6

db:CNNVDid:CNNVD-202205-2063

Trust: 0.6

db:CNVDid:CNVD-2022-64260

Trust: 0.1

db:VULHUBid:VHN-405338

Trust: 0.1

db:VULMONid:CVE-2022-20785

Trust: 0.1

db:PACKETSTORMid:174873

Trust: 0.1

sources: VULHUB: VHN-405338 // VULMON: CVE-2022-20785 // JVNDB: JVNDB-2022-010292 // PACKETSTORM: 167211 // PACKETSTORM: 167199 // PACKETSTORM: 174873 // CNNVD: CNNVD-202205-2063 // NVD: CVE-2022-20785

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-clamav-html-xauok8mr

Trust: 2.5

url:https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html

Trust: 1.8

url:https://security.gentoo.org/glsa/202310-01

Trust: 1.2

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7rv6bliatije74sq6ng5zc4jk5mmdq2r/

Trust: 1.1

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/n4nnbijvg6z4pdikuzxtyxicyuayaz56/

Trust: 1.1

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/bx5zxnhp4nfyq5bfsky3wt7ntbzuyg7l/

Trust: 1.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-20785

Trust: 1.1

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/n4nnbijvg6z4pdikuzxtyxicyuayaz56/

Trust: 0.7

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/bx5zxnhp4nfyq5bfsky3wt7ntbzuyg7l/

Trust: 0.7

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7rv6bliatije74sq6ng5zc4jk5mmdq2r/

Trust: 0.7

url:https://www.cybersecurity-help.cz/vdb/sb2022050437

Trust: 0.6

url:https://vigilance.fr/vulnerability/clamav-multiple-vulnerabilities-38245

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022051836

Trust: 0.6

url:https://cxsecurity.com/cveshow/cve-2022-20785/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.2362

Trust: 0.6

url:https://packetstormsecurity.com/files/167199/ubuntu-security-notice-usn-5423-1.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.2431

Trust: 0.6

url:https://packetstormsecurity.com/files/167211/ubuntu-security-notice-usn-5423-2.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.2784

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022051732

Trust: 0.6

url:https://ubuntu.com/security/notices/usn-5423-1

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2022-20770

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2022-20771

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2022-20796

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2022-20792

Trust: 0.3

url:https://cwe.mitre.org/data/definitions/401.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://ubuntu.com/security/notices/usn-5423-2

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/clamav/0.103.6+dfsg-0ubuntu0.22.04.1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/clamav/0.103.6+dfsg-0ubuntu0.21.10.1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/clamav/0.103.6+dfsg-0ubuntu0.18.04.1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/clamav/0.103.6+dfsg-0ubuntu0.20.04.1

Trust: 0.1

url:https://security.gentoo.org/

Trust: 0.1

url:https://bugs.gentoo.org.

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-20052

Trust: 0.1

url:https://creativecommons.org/licenses/by-sa/2.5

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-20803

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-20032

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-20698

Trust: 0.1

sources: VULHUB: VHN-405338 // VULMON: CVE-2022-20785 // JVNDB: JVNDB-2022-010292 // PACKETSTORM: 167211 // PACKETSTORM: 167199 // PACKETSTORM: 174873 // CNNVD: CNNVD-202205-2063 // NVD: CVE-2022-20785

CREDITS

Ubuntu

Trust: 0.2

sources: PACKETSTORM: 167211 // PACKETSTORM: 167199

SOURCES

db:VULHUBid:VHN-405338
db:VULMONid:CVE-2022-20785
db:JVNDBid:JVNDB-2022-010292
db:PACKETSTORMid:167211
db:PACKETSTORMid:167199
db:PACKETSTORMid:174873
db:CNNVDid:CNNVD-202205-2063
db:NVDid:CVE-2022-20785

LAST UPDATE DATE

2024-08-14T14:02:36.736000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-405338date:2022-07-01T00:00:00
db:VULMONid:CVE-2022-20785date:2023-11-07T00:00:00
db:JVNDBid:JVNDB-2022-010292date:2023-08-14T07:56:00
db:CNNVDid:CNNVD-202205-2063date:2022-06-06T00:00:00
db:NVDid:CVE-2022-20785date:2023-11-07T03:42:56.707

SOURCES RELEASE DATE

db:VULHUBid:VHN-405338date:2022-05-04T00:00:00
db:VULMONid:CVE-2022-20785date:2022-05-04T00:00:00
db:JVNDBid:JVNDB-2022-010292date:2023-08-14T00:00:00
db:PACKETSTORMid:167211date:2022-05-18T16:36:26
db:PACKETSTORMid:167199date:2022-05-17T17:12:26
db:PACKETSTORMid:174873date:2023-10-02T15:09:41
db:CNNVDid:CNNVD-202205-2063date:2022-05-04T00:00:00
db:NVDid:CVE-2022-20785date:2022-05-04T17:15:08.680