Headline
Ubuntu Security Notice USN-6303-1
Ubuntu Security Notice 6303-1 - It was discovered that ClamAV incorrectly handled parsing HFS+ files. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service.
==========================================================================
Ubuntu Security Notice USN-6303-1
August 21, 2023
clamav vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 23.04
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
Summary:
ClamAV could be made to crash if it opened a specially crafted file.
Software Description:
- clamav: Anti-virus utility for Unix
Details:
It was discovered that ClamAV incorrectly handled parsing HFS+ files. A
remote attacker could possibly use this issue to cause ClamAV to crash,
resulting in a denial of service.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 23.04:
clamav 0.103.9+dfsg-0ubuntu0.23.04.1
Ubuntu 22.04 LTS:
clamav 0.103.9+dfsg-0ubuntu0.22.04.1
Ubuntu 20.04 LTS:
clamav 0.103.9+dfsg-0ubuntu0.20.04.1
This update uses a new upstream release, which includes additional bug
fixes. In general, a standard system update will make all the necessary
changes.
References:
https://ubuntu.com/security/notices/USN-6303-1
CVE-2023-20197
Package Information:
https://launchpad.net/ubuntu/+source/clamav/0.103.9+dfsg-0ubuntu0.23.04.1
https://launchpad.net/ubuntu/+source/clamav/0.103.9+dfsg-0ubuntu0.22.04.1
https://launchpad.net/ubuntu/+source/clamav/0.103.9+dfsg-0ubuntu0.20.04.1
Related news
Dell vApp Manger, versions prior to 9.2.4.x contain an arbitrary file read vulnerability. A remote attacker could potentially exploit this vulnerability to read arbitrary files from the target system.
Ubuntu Security Notice 6303-2 - USN-6303-1 fixed a vulnerability in ClamAV. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS. It was discovered that ClamAV incorrectly handled parsing HFS+ files. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service.
A vulnerability in the filesystem image parser for Hierarchical File System Plus (HFS+) of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an incorrect check for completion when a file is decompressed, which may result in a loop condition that could cause the affected software to stop responding. An attacker could exploit this vulnerability by submitting a crafted HFS+ filesystem image to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to stop responding, resulting in a DoS condition on the affected software and consuming available system resources. For a description of this vulnerability, see the ClamAV blog .