FEDORA-2020-dd0c20d985 created by orion 2 months ago for Fedora 31
stable

ClamAV 0.102.4 is a bug patch release to address the following issues:

CVE-2020-3350 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3350 Fixed a vulnerability a malicious user could exploit to replace a scan target's directory with a symlink to another path to trick clamscan, clamdscan, or clamonacc into removing or moving a different file (such as a critical system file). The issue would affect users that use the --move or --remove options for clamscan, clamdscan and clamonacc.

For more information about AV quarantine attacks using links, see RACK911 Lab's report https://www.rack911labs.com/research/exploiting-almost-every-antivirus-software.

CVE-2020-3327 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3327 Fixed a vulnerability in the ARJ archive-parsing module in ClamAV 0.102.3 that could cause a denial-of-service (DoS) condition. Improper bounds checking resulted in an out-of-bounds read that could cause a crash. The previous fix for this CVE in version 0.102.3 was incomplete. This fix correctly resolves the issue.

CVE-2020-3481 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3481 Fixed a vulnerability in the EGG archive module in ClamAV 0.102.0 - 0.102.3 that could cause a denial-of-service (DoS) condition. Improper error handling could cause a crash due to a NULL pointer dereference. This vulnerability is mitigated for those using the official ClamAV signature databases because the file type signatures in daily.cvd will not enable the EGG archive parser in affected versions.

How to install

sudo dnf upgrade --advisory=FEDORA-2020-dd0c20d985

This update has been submitted for testing by orion.

2 months ago

This update's test gating status has been changed to 'ignored'.

2 months ago

This update's test gating status has been changed to 'waiting'.

2 months ago

This update's test gating status has been changed to 'ignored'.

2 months ago

This update has been pushed to testing.

2 months ago

This update can be pushed to stable now if the maintainer wishes

2 months ago

This update has been submitted for stable by bodhi.

2 months ago

This update has been pushed to stable.

2 months ago

Please login to add feedback.

Metadata
Type
security
Severity
high
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
7 days
Dates
submitted
2 months ago
in testing
2 months ago
in stable
2 months ago
BZ#1858261 CVE-2020-3350 clamav: malicious user exploit to replace scan target's directory with symlink
0
0
BZ#1858262 CVE-2020-3350 clamav: malicious user exploit to replace scan target's directory with symlink [fedora-all]
0
0
BZ#1858264 CVE-2020-3481 clamav: improper error handling causing crash due to NULL pointer dereference
0
0
BZ#1858265 CVE-2020-3481 clamav: improper error handling causing crash due to NULL pointer dereference [fedora-all]
0
0

Automated Test Results

Test Cases

0 0 Test Case ClamAV