Debian LTS: DLA-2215-1 Critical: clamav Denial Of Service Issues
debian lts
May 20, 2020
The following CVE(s) were found in src:clamav package
Topics Covered
Summary
CVE-2020-3327
A vulnerability in the ARJ archive parsing module in Clam
AntiVirus (ClamAV) could allow an unauthenticated, remote
attacker to cause a denial of service condition on an affected
device. The vulnerability is due to a heap buffer overflow read.
An attacker could exploit this vulnerability by sending a crafted
ARJ file to an affected device. An exploit could allow the
attacker to cause the ClamAV scanning process crash, resulting
in a denial of service condition.
CVE-2020-3341
A vulnerability in the PDF archive parsing module in Clam
AntiVirus (ClamAV) could allow an unauthenticated, remote
attacker to cause a denial of service condition on an affected
device. The vulnerability is due to a stack buffer overflow read.
An attacker could exploit this vulnerability by sending a crafted
PDF file to an affected device. An exploit could allow the
attacker to cause the ClamAV scanning process crash, resulting
PREVIOUS 
NEXT Severity
critical
Lowest
Low
Medium
High
Critical
Package: clamav
Version: 0.101.5+dfsg-0+deb8u2
CVE ID: CVE-2020-3327 CVE-2020-3341
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!