CVE-2024-20290

CVE-2024-20290

Name

CVE-2024-20290

Description

A vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an incorrect check for end-of-string values during scanning, which may result in a heap buffer over-read. An attacker could exploit this vulnerability by submitting a crafted file containing OLE2 content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software and consuming available system resources. For a description of this vulnerability, see the ClamAV blog .

NVD Severity

unknown

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
ykramarz@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-hDffu6t
ykramarz@cisco.com	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6MUDUPAHAAV6FPB2C2QIQCFJ4SHYBOTY/
ykramarz@cisco.com	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5FXZYVDNV66RNMNVJOHAJAYRZV4U64CQ/

Type

URI

ykramarz@cisco.com

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-hDffu6t

ykramarz@cisco.com

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6MUDUPAHAAV6FPB2C2QIQCFJ4SHYBOTY/

ykramarz@cisco.com

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5FXZYVDNV66RNMNVJOHAJAYRZV4U64CQ/

Match rules

CPE URI	Source package	Min version	Max version
`cpe:2.3:a:cisco:secure_endpoint::::::windows::*`	secure_endpoint	>= None	< 7.5.17
`cpe:2.3:a:cisco:secure_endpoint::::::windows::*`	secure_endpoint	>= 8.0.1.21160	< 8.2.3.30119
`cpe:2.3:a:cisco:secure_endpoint_private_cloud::::::::`	secure_endpoint_private_cloud	>= None	< 3.8.0

CPE URI

Source package

Min version

Max version

cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:windows:*:*

secure_endpoint

>= None

< 7.5.17

cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:windows:*:*

secure_endpoint

>= 8.0.1.21160

< 8.2.3.30119

cpe:2.3:a:cisco:secure_endpoint_private_cloud:*:*:*:*:*:*:*:*

secure_endpoint_private_cloud

>= None

< 3.8.0

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
clamav	3.19-community	1.2.2-r0	Carlo Landmeter <clandmeter@alpinelinux.org>	fixed
clamav	3.20-community	1.2.2-r0	Carlo Landmeter <clandmeter@alpinelinux.org>	fixed

Source package

Branch

Version

Maintainer

Status

clamav

3.19-community

1.2.2-r0

Carlo Landmeter <clandmeter@alpinelinux.org>

fixed

clamav

3.20-community

1.2.2-r0

Carlo Landmeter <clandmeter@alpinelinux.org>

fixed

References

Match rules

Vulnerable and fixed packages