Vulnerability from csaf_opensuse
Published
2019-04-16 08:28
Modified
2019-04-16 08:28
Summary
Security update for clamav
Notes
Title of the patch
Security update for clamav
Description of the patch
This update for clamav to version 0.100.3 fixes the following issues:
Security issues fixed (bsc#1130721):
- CVE-2019-1787: Fixed an out-of-bounds heap read condition which may occur
when scanning PDF documents.
- CVE-2019-1789: Fixed an out-of-bounds heap read condition which may occur
when scanning PE files (i.e. Windows EXE and DLL files).
- CVE-2019-1788: Fixed an out-of-bounds heap write condition which may occur
when scanning OLE2 files such as Microsoft Office 97-2003 documents.
This update was imported from the SUSE:SLE-15:Update update project.
Patchnames
openSUSE-2019-1210
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for clamav", title: "Title of the patch", }, { category: "description", text: "This update for clamav to version 0.100.3 fixes the following issues:\n\nSecurity issues fixed (bsc#1130721): \t \n\n- CVE-2019-1787: Fixed an out-of-bounds heap read condition which may occur\n when scanning PDF documents. \n- CVE-2019-1789: Fixed an out-of-bounds heap read condition which may occur\n when scanning PE files (i.e. Windows EXE and DLL files).\n- CVE-2019-1788: Fixed an out-of-bounds heap write condition which may occur\n when scanning OLE2 files such as Microsoft Office 97-2003 documents. \n\nThis update was imported from the SUSE:SLE-15:Update update project.", title: "Description of the patch", }, { category: "details", text: "openSUSE-2019-1210", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2019_1210-1.json", }, { category: "self", summary: "URL for openSUSE-SU-2019:1210-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/PWHS62LRI5JGU5I3MMXYXSAXRSB23UE7/#PWHS62LRI5JGU5I3MMXYXSAXRSB23UE7", }, { category: "self", summary: "E-Mail link for openSUSE-SU-2019:1210-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/PWHS62LRI5JGU5I3MMXYXSAXRSB23UE7/#PWHS62LRI5JGU5I3MMXYXSAXRSB23UE7", }, { category: "self", summary: "SUSE Bug 1130721", url: "https://bugzilla.suse.com/1130721", }, { category: "self", summary: "SUSE CVE CVE-2019-1787 page", url: "https://www.suse.com/security/cve/CVE-2019-1787/", }, { category: "self", summary: "SUSE CVE CVE-2019-1788 page", url: "https://www.suse.com/security/cve/CVE-2019-1788/", }, { category: "self", summary: "SUSE CVE CVE-2019-1789 page", url: "https://www.suse.com/security/cve/CVE-2019-1789/", }, ], title: "Security update for clamav", tracking: { current_release_date: "2019-04-16T08:28:16Z", generator: { date: "2019-04-16T08:28:16Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2019:1210-1", initial_release_date: "2019-04-16T08:28:16Z", revision_history: [ { date: "2019-04-16T08:28:16Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "clamav-0.100.3-lp150.2.10.1.x86_64", product: { name: "clamav-0.100.3-lp150.2.10.1.x86_64", product_id: "clamav-0.100.3-lp150.2.10.1.x86_64", }, }, { category: "product_version", name: "clamav-devel-0.100.3-lp150.2.10.1.x86_64", product: { name: "clamav-devel-0.100.3-lp150.2.10.1.x86_64", product_id: "clamav-devel-0.100.3-lp150.2.10.1.x86_64", }, }, { category: "product_version", name: "libclamav7-0.100.3-lp150.2.10.1.x86_64", product: { name: "libclamav7-0.100.3-lp150.2.10.1.x86_64", product_id: "libclamav7-0.100.3-lp150.2.10.1.x86_64", }, }, { category: "product_version", name: "libclammspack0-0.100.3-lp150.2.10.1.x86_64", product: { name: "libclammspack0-0.100.3-lp150.2.10.1.x86_64", product_id: "libclammspack0-0.100.3-lp150.2.10.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Leap 15.0", product: { name: "openSUSE Leap 15.0", product_id: "openSUSE Leap 15.0", product_identification_helper: { cpe: "cpe:/o:opensuse:leap:15.0", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "clamav-0.100.3-lp150.2.10.1.x86_64 as component of openSUSE Leap 15.0", product_id: "openSUSE Leap 15.0:clamav-0.100.3-lp150.2.10.1.x86_64", }, product_reference: "clamav-0.100.3-lp150.2.10.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.0", }, { category: "default_component_of", full_product_name: { name: "clamav-devel-0.100.3-lp150.2.10.1.x86_64 as component of openSUSE Leap 15.0", product_id: "openSUSE Leap 15.0:clamav-devel-0.100.3-lp150.2.10.1.x86_64", }, product_reference: "clamav-devel-0.100.3-lp150.2.10.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.0", }, { category: "default_component_of", full_product_name: { name: "libclamav7-0.100.3-lp150.2.10.1.x86_64 as component of openSUSE Leap 15.0", product_id: "openSUSE Leap 15.0:libclamav7-0.100.3-lp150.2.10.1.x86_64", }, product_reference: "libclamav7-0.100.3-lp150.2.10.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.0", }, { category: "default_component_of", full_product_name: { name: "libclammspack0-0.100.3-lp150.2.10.1.x86_64 as component of openSUSE Leap 15.0", product_id: "openSUSE Leap 15.0:libclammspack0-0.100.3-lp150.2.10.1.x86_64", }, product_reference: "libclammspack0-0.100.3-lp150.2.10.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.0", }, ], }, vulnerabilities: [ { cve: "CVE-2019-1787", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-1787", }, ], notes: [ { category: "general", text: "A vulnerability in the Portable Document Format (PDF) scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of proper data handling mechanisms within the device buffer while indexing remaining file data on an affected device. An attacker could exploit this vulnerability by sending crafted PDF files to an affected device. A successful exploit could allow the attacker to cause a heap buffer out-of-bounds read condition, resulting in a crash that could result in a denial of service condition on an affected device.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.0:clamav-0.100.3-lp150.2.10.1.x86_64", "openSUSE Leap 15.0:clamav-devel-0.100.3-lp150.2.10.1.x86_64", "openSUSE Leap 15.0:libclamav7-0.100.3-lp150.2.10.1.x86_64", "openSUSE Leap 15.0:libclammspack0-0.100.3-lp150.2.10.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-1787", url: "https://www.suse.com/security/cve/CVE-2019-1787", }, { category: "external", summary: "SUSE Bug 1130721 for CVE-2019-1787", url: "https://bugzilla.suse.com/1130721", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.0:clamav-0.100.3-lp150.2.10.1.x86_64", "openSUSE Leap 15.0:clamav-devel-0.100.3-lp150.2.10.1.x86_64", "openSUSE Leap 15.0:libclamav7-0.100.3-lp150.2.10.1.x86_64", "openSUSE Leap 15.0:libclammspack0-0.100.3-lp150.2.10.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Leap 15.0:clamav-0.100.3-lp150.2.10.1.x86_64", "openSUSE Leap 15.0:clamav-devel-0.100.3-lp150.2.10.1.x86_64", "openSUSE Leap 15.0:libclamav7-0.100.3-lp150.2.10.1.x86_64", "openSUSE Leap 15.0:libclammspack0-0.100.3-lp150.2.10.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-04-16T08:28:16Z", details: "important", }, ], title: "CVE-2019-1787", }, { cve: "CVE-2019-1788", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-1788", }, ], notes: [ { category: "general", text: "A vulnerability in the Object Linking & Embedding (OLE2) file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a lack of proper input and validation checking mechanisms for OLE2 files sent an affected device. An attacker could exploit this vulnerability by sending malformed OLE2 files to the device running an affected version ClamAV Software. An exploit could allow the attacker to cause an out-of-bounds write condition, resulting in a crash that could result in a denial of service condition on an affected device.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.0:clamav-0.100.3-lp150.2.10.1.x86_64", "openSUSE Leap 15.0:clamav-devel-0.100.3-lp150.2.10.1.x86_64", "openSUSE Leap 15.0:libclamav7-0.100.3-lp150.2.10.1.x86_64", "openSUSE Leap 15.0:libclammspack0-0.100.3-lp150.2.10.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-1788", url: "https://www.suse.com/security/cve/CVE-2019-1788", }, { category: "external", summary: "SUSE Bug 1130721 for CVE-2019-1788", url: "https://bugzilla.suse.com/1130721", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.0:clamav-0.100.3-lp150.2.10.1.x86_64", "openSUSE Leap 15.0:clamav-devel-0.100.3-lp150.2.10.1.x86_64", "openSUSE Leap 15.0:libclamav7-0.100.3-lp150.2.10.1.x86_64", "openSUSE Leap 15.0:libclammspack0-0.100.3-lp150.2.10.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "openSUSE Leap 15.0:clamav-0.100.3-lp150.2.10.1.x86_64", "openSUSE Leap 15.0:clamav-devel-0.100.3-lp150.2.10.1.x86_64", "openSUSE Leap 15.0:libclamav7-0.100.3-lp150.2.10.1.x86_64", "openSUSE Leap 15.0:libclammspack0-0.100.3-lp150.2.10.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-04-16T08:28:16Z", details: "important", }, ], title: "CVE-2019-1788", }, { cve: "CVE-2019-1789", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-1789", }, ], notes: [ { category: "general", text: "ClamAV versions prior to 0.101.2 are susceptible to a denial of service (DoS) vulnerability. An out-of-bounds heap read condition may occur when scanning PE files. An example is Windows EXE and DLL files that have been packed using Aspack as a result of inadequate bound-checking.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.0:clamav-0.100.3-lp150.2.10.1.x86_64", "openSUSE Leap 15.0:clamav-devel-0.100.3-lp150.2.10.1.x86_64", "openSUSE Leap 15.0:libclamav7-0.100.3-lp150.2.10.1.x86_64", "openSUSE Leap 15.0:libclammspack0-0.100.3-lp150.2.10.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-1789", url: "https://www.suse.com/security/cve/CVE-2019-1789", }, { category: "external", summary: "SUSE Bug 1130721 for CVE-2019-1789", url: "https://bugzilla.suse.com/1130721", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.0:clamav-0.100.3-lp150.2.10.1.x86_64", "openSUSE Leap 15.0:clamav-devel-0.100.3-lp150.2.10.1.x86_64", "openSUSE Leap 15.0:libclamav7-0.100.3-lp150.2.10.1.x86_64", "openSUSE Leap 15.0:libclammspack0-0.100.3-lp150.2.10.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Leap 15.0:clamav-0.100.3-lp150.2.10.1.x86_64", "openSUSE Leap 15.0:clamav-devel-0.100.3-lp150.2.10.1.x86_64", "openSUSE Leap 15.0:libclamav7-0.100.3-lp150.2.10.1.x86_64", "openSUSE Leap 15.0:libclammspack0-0.100.3-lp150.2.10.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-04-16T08:28:16Z", details: "important", }, ], title: "CVE-2019-1789", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.