Lucene search

UbuntuUSN-3722-5

HistorySep 18, 2018 - 12:00 a.m.

ClamAV regression

2018-09-1800:00:00

ubuntu.com

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

5.5 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.003 Low

EPSS

Percentile

65.1%

JSON

Releases

Ubuntu 18.04 ESM
Ubuntu 16.04 ESM
Ubuntu 14.04 ESM

Packages

clamav - Anti-virus utility for Unix

Details

USN-3722-1 fixed vulnerabilities in ClamAV. The new package introduced an
issue which caused dpkg-reconfigure to enter an infinite loop. This update
fixes the problem.

We apologize for the inconvenience.

Original advisory details:

It was discovered that ClamAV incorrectly handled parsing certain HWP
files. A remote attacker could use this issue to cause ClamAV to hang,
resulting in a denial of service. (CVE-2018-0360)

It was discovered that ClamAV incorrectly handled parsing certain PDF
files. A remote attacker could use this issue to cause ClamAV to hang,
resulting in a denial of service. (CVE-2018-0361)

OSVersionArchitecturePackageVersionFilename
Ubuntu18.04noarchclamav< 0.100.1+dfsg-1ubuntu0.18.04.3UNKNOWN
Ubuntu18.04noarchclamav-base< 0.100.1+dfsg-1ubuntu0.18.04.3UNKNOWN
Ubuntu18.04noarchclamav-daemon< 0.100.1+dfsg-1ubuntu0.18.04.3UNKNOWN
Ubuntu18.04noarchclamav-daemon-dbgsym< 0.100.1+dfsg-1ubuntu0.18.04.3UNKNOWN
Ubuntu18.04noarchclamav-dbgsym< 0.100.1+dfsg-1ubuntu0.18.04.3UNKNOWN
Ubuntu18.04noarchclamav-docs< 0.100.1+dfsg-1ubuntu0.18.04.3UNKNOWN
Ubuntu18.04noarchclamav-freshclam< 0.100.1+dfsg-1ubuntu0.18.04.3UNKNOWN
Ubuntu18.04noarchclamav-freshclam-dbgsym< 0.100.1+dfsg-1ubuntu0.18.04.3UNKNOWN
Ubuntu18.04noarchclamav-milter< 0.100.1+dfsg-1ubuntu0.18.04.3UNKNOWN
Ubuntu18.04noarchclamav-milter-dbgsym< 0.100.1+dfsg-1ubuntu0.18.04.3UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Ubuntu	18.04	noarch	clamav	< 0.100.1+dfsg-1ubuntu0.18.04.3	UNKNOWN
Ubuntu	18.04	noarch	clamav-base	< 0.100.1+dfsg-1ubuntu0.18.04.3	UNKNOWN
Ubuntu	18.04	noarch	clamav-daemon	< 0.100.1+dfsg-1ubuntu0.18.04.3	UNKNOWN
Ubuntu	18.04	noarch	clamav-daemon-dbgsym	< 0.100.1+dfsg-1ubuntu0.18.04.3	UNKNOWN
Ubuntu	18.04	noarch	clamav-dbgsym	< 0.100.1+dfsg-1ubuntu0.18.04.3	UNKNOWN
Ubuntu	18.04	noarch	clamav-docs	< 0.100.1+dfsg-1ubuntu0.18.04.3	UNKNOWN
Ubuntu	18.04	noarch	clamav-freshclam	< 0.100.1+dfsg-1ubuntu0.18.04.3	UNKNOWN
Ubuntu	18.04	noarch	clamav-freshclam-dbgsym	< 0.100.1+dfsg-1ubuntu0.18.04.3	UNKNOWN
Ubuntu	18.04	noarch	clamav-milter	< 0.100.1+dfsg-1ubuntu0.18.04.3	UNKNOWN
Ubuntu	18.04	noarch	clamav-milter-dbgsym	< 0.100.1+dfsg-1ubuntu0.18.04.3	UNKNOWN