CVE-2022-20796Untrusted Pointer Dereference in Clamav

CWE-822Untrusted Pointer DereferenceCWE-476NULL Pointer DereferenceCWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer9 documents8 sources
Severity
5.5MEDIUMNVD
CNA6.5
EPSS
0.0%
top 90.61%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
ClamavCisco Secure EndpointCisco AMP FOR Endpoints+2 more
Timeline
PublishedMay 4
Latest updateMay 17

Description

On May 4, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in Clam AntiVirus (ClamAV) versions 0.103.4, 0.103.5, 0.104.1, and 0.104.2 could allow an authenticated, local attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

Debianclamav/clamav< 0.103.6+dfsg-0+deb11u1+3
NVDclamav/clamav4 versions+3
NVDcisco/secure_endpoint1.18.01.18.2+3

Also affects: Debian Linux 9.0, Fedora 34, 35, 36

🔴Vulnerability Details

3
GHSA
GHSA-mp8h-qmxp-c39w: On May 4, 2022, the following vulnerability in the ClamAV scanning library versions 02022-05-05
CVEList
ClamAV Truncated File Denial of Service Vulnerability Affecting Cisco Products: April 20222022-05-04
OSV
CVE-2022-20796: On May 4, 2022, the following vulnerability in the ClamAV scanning library versions 02022-05-04

📋Vendor Advisories

5
Ubuntu
ClamAV vulnerabilities2022-05-17
Ubuntu
ClamAV vulnerabilities2022-05-17
Microsoft
ClamAV Truncated File Denial of Service Vulnerability Affecting Cisco Products: April 20222022-05-10
Cisco
ClamAV Truncated File Denial of Service Vulnerability Affecting Cisco Products: May 20222022-05-04
Debian
CVE-2022-20796: clamav - On May 4, 2022, the following vulnerability in the ClamAV scanning library versi...2022
CVE-2022-20796 — Untrusted Pointer Dereference | cvebase