99 matches found
Advisory ROSA-SA-2024-2527
Software: clamav 0.103.11 OS: rosa-server79 packageevrstring: clamav-0.103.11-1.res7 CVE-ID: CVE-2023-20197 BDU-ID: 2023-04766 CVE-Crit: HIGH CVE-DESC.: A vulnerability in ClamAV's file system image parser for Hierarchical File System Plus HFS+ is related to incorrect resource scrubbing or freein...
Fedora: Security Advisory (FEDORA-2024-07342adb87)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2021-46989
In the Linux kernel, the following vulnerability has been resolved: hfsplus: prevent corruption in shrinking truncate I believe there are some issues introduced by commit 31651c607151 "hfsplus: avoid deadlock on file truncation" HFS+ has extent records which always contains 8 extents. In case the...
Updated clamav packages fix security vulnerability
A vulnerability in the filesystem image parser for Hierarchical File System Plus HFS+ of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to an incorrect check for completion when a file is...
Amazon Linux AMI : clamav (ALAS-2023-1820)
The version of clamav installed on the remote host is prior to 0.103.9-1.55. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1820 advisory. A vulnerability in the filesystem image parser for Hierarchical File System Plus HFS+ of ClamAV could allow an unauthenticated,...
Mageia: Security Advisory (MGASA-2023-0257)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6342-2: Linux kernel (Azure)
Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information. CVE-2023-20593 Zheng Zhang discovered that the device-mapper implementation in the Linux kernel...
Amazon Linux 2 : clamav (ALAS-2023-2233)
The version of clamav installed on the remote host is prior to 0.103.9-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2233 advisory. A vulnerability in the filesystem image parser for Hierarchical File System Plus HFS+ of ClamAV could allow an unauthenticated,...
Amazon Linux 2023 : clamav, clamav-data, clamav-devel (ALAS2023-2023-331)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-331 advisory. A vulnerability in the filesystem image parser for Hierarchical File System Plus HFS+ of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected...
Important: clamav
Issue Overview: A vulnerability in the filesystem image parser for Hierarchical File System Plus HFS+ of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to an incorrect check for completion when a...
Important: clamav
Issue Overview: A vulnerability in the filesystem image parser for Hierarchical File System Plus HFS+ of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to an incorrect check for completion when a...
ClamAV < 0.103.9 / 1.0.x < 1.0.2 / 1.1.x < 1.1.1 DoS
A vulnerability in the filesystem image parser for Hierarchical File System Plus HFS+ of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to an incorrect check for completion when a file is...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : clamav (SUSE-SU-2023:3456-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:3456-1 advisory. - A vulnerability in the filesystem image parser for Hierarchical File System Plus HFS+ of ClamAV could...
SUSE SLES12 Security Update : clamav (SUSE-SU-2023:3435-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:3435-1 advisory. - A vulnerability in the filesystem image parser for Hierarchical File System Plus HFS+ of ClamAV could allow an unauthenticated, remote...
SUSE: Security Advisory (SUSE-SU-2023:3456-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 3544-1] clamav security update
----------------------------------------------------------------------- Debian LTS Advisory DLA-3544-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta August 28, 2023 https://wiki.debian.org/LTS -...
Debian dla-3544 : clamav - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3544 advisory. - ----------------------------------------------------------------------- Debian LTS Advisory DLA-3544-1 [email protected] https://www.debian.org/lts/security/...
Fedora 37 : clamav (2023-9f948bec13)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-9f948bec13 advisory. CVE-2023-20197 ClamAV File Scanning Infinite Loop Denial of Service Vulnerability Tenable has extracted the preceding description block directly fro...
Fedora 38 : clamav (2023-bf72d8833e)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-bf72d8833e advisory. CVE-2023-20197 ClamAV File Scanning Infinite Loop Denial of Service Vulnerability Tenable has extracted the preceding description block directly fro...
USN-6303-1: ClamAV vulnerability
It was discovered that ClamAV incorrectly handled parsing HFS+ files. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service...