Lucene search
UbuntuUSN-6303-1HistoryAug 21, 2023 - 12:00 a.m.
ClamAV vulnerability
2023-08-2100:00:00
ubuntu.com
30
clamav
ubuntu
vulnerability
hfs+
denial of service
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.6 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
27.0%
Releases
- Ubuntu 23.04
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
Packages
- clamav - Anti-virus utility for Unix
Details
It was discovered that ClamAV incorrectly handled parsing HFS+ files. A
remote attacker could possibly use this issue to cause ClamAV to crash,
resulting in a denial of service.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 23.04 | noarch | clamav | < 0.103.9+dfsg-0ubuntu0.23.04.1 | UNKNOWN |
| Ubuntu | 23.04 | noarch | clamav-base | < 0.103.9+dfsg-0ubuntu0.23.04.1 | UNKNOWN |
| Ubuntu | 23.04 | noarch | clamav-daemon | < 0.103.9+dfsg-0ubuntu0.23.04.1 | UNKNOWN |
| Ubuntu | 23.04 | noarch | clamav-daemon-dbgsym | < 0.103.9+dfsg-0ubuntu0.23.04.1 | UNKNOWN |
| Ubuntu | 23.04 | noarch | clamav-dbgsym | < 0.103.9+dfsg-0ubuntu0.23.04.1 | UNKNOWN |
| Ubuntu | 23.04 | noarch | clamav-docs | < 0.103.9+dfsg-0ubuntu0.23.04.1 | UNKNOWN |
| Ubuntu | 23.04 | noarch | clamav-freshclam | < 0.103.9+dfsg-0ubuntu0.23.04.1 | UNKNOWN |
| Ubuntu | 23.04 | noarch | clamav-freshclam-dbgsym | < 0.103.9+dfsg-0ubuntu0.23.04.1 | UNKNOWN |
| Ubuntu | 23.04 | noarch | clamav-milter | < 0.103.9+dfsg-0ubuntu0.23.04.1 | UNKNOWN |
| Ubuntu | 23.04 | noarch | clamav-milter-dbgsym | < 0.103.9+dfsg-0ubuntu0.23.04.1 | UNKNOWN |
References
Related
fedora
fedora
[SECURITY] Fedora 37 Update: clamav-0.103.9-1.fc37
2023-08-27 00:51:07
[SECURITY] Fedora 38 Update: clamav-1.0.2-1.fc38
2023-08-22 01:21:12
nessus
nessus
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : clamav (SUSE-SU-2023:3456-1)
2023-08-30 00:00:00
Ubuntu 16.04 ESM / 18.04 ESM : ClamAV vulnerability (USN-6303-2)
2023-08-21 00:00:00
Amazon Linux 2023 : clamav, clamav-data, clamav-devel (ALAS2023-2023-331)
2023-09-08 00:00:00
amazon
amazon
Important: clamav
2023-08-30 17:56:00
Important: clamav
2023-08-31 22:29:00
openvas
openvas
Fedora: Security Advisory for clamav (FEDORA-2023-bf72d8833e)
2023-08-23 00:00:00
Fedora: Security Advisory for clamav (FEDORA-2023-9f948bec13)
2023-08-27 00:00:00
Ubuntu: Security Advisory (USN-6303-1)
2023-08-22 00:00:00
veracode
veracode
Denial Of Service (DoS)
2023-08-19 02:43:38
alpinelinux
alpinelinux
CVE-2023-20197
2023-08-16 22:15:10
cisco
cisco
ClamAV HFS+ File Scanning Infinite Loop Denial of Service Vulnerability
2023-08-16 16:00:00
ubuntucve
ubuntucve
CVE-2023-20197
2023-08-17 00:00:00
osv
osv
clamav vulnerability
2023-08-21 11:32:44
clamav - security update
2023-08-28 00:00:00
clamav vulnerability
2023-08-21 16:38:51
cvelist
cvelist
CVE-2023-20197
2023-08-16 21:43:11
debian
debian
[SECURITY] [DLA 3544-1] clamav security update
2023-08-28 01:27:54
freebsd
freebsd
clamav -- Possible denial of service vulnerability in the HFS+ file parser
2023-08-15 00:00:00
prion
prion
Race condition
2023-08-16 22:15:00
cve
cve
CVE-2023-20197
2023-08-16 22:15:10
debiancve
debiancve
CVE-2023-20197
2023-08-16 22:15:10
ubuntu
ubuntu
ClamAV vulnerability
2023-08-21 00:00:00
nvd
nvd
CVE-2023-20197
2023-08-16 22:15:10
mageia
mageia
Updated clamav packages fix security vulnerability
2023-09-11 16:07:54
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.6 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
27.0%
Related for USN-6303-1