MGASA-2023-0257 - Updated clamav packages fix security vulnerability

Publication date: 11 Sep 2023
URL: https://advisories.mageia.org/MGASA-2023-0257.html
Type: security
Affected Mageia releases: 8, 9
CVE: CVE-2023-20197,
     CVE-2023-20212

A vulnerability in the filesystem image parser for Hierarchical File
System Plus (HFS+) of ClamAV could allow an unauthenticated, remote
attacker to cause a denial of service (DoS) condition on an affected
device. This vulnerability is due to an incorrect check for completion
when a file is decompressed, which may result in a loop condition that
could cause the affected software to stop responding. An attacker could
exploit this vulnerability by submitting a crafted HFS+ filesystem image
to be scanned by ClamAV on an affected device. A successful exploit could
allow the attacker to cause the ClamAV scanning process to stop
responding, resulting in a DoS condition on the affected software and
consuming available system resources. (CVE-2023-20197)

A vulnerability in the AutoIt module of ClamAV could allow an
unauthenticated, remote attacker to cause a denial of service (DoS)
condition on an affected device. This vulnerability is due to a logic
error in the memory management of an affected device. An attacker could
exploit this vulnerability by submitting a crafted AutoIt file to be
scanned by ClamAV on the affected device. A successful exploit could
allow the attacker to cause the ClamAV scanning process to restart
unexpectedly, resulting in a DoS condition. (CVE-2023-20212)

References:
- https://bugs.mageia.org/show_bug.cgi?id=32204
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20197
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20212

SRPMS:
- 9/core/clamav-1.0.3-1.mga9
- 8/core/clamav-0.103.10-1.mga8