CVE-2022-20792

EPSS 0.09%
Veröffentlicht 10.08.2022 09:15:08
Zuletzt bearbeitet 21.11.2024 06:43:33
Quelle psirt@cisco.com
Teams Watchlist Login
Unerledigt Login

A vulnerability in the regex module used by the signature database load module of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an authenticated, local attacker to crash ClamAV at database load time, and possibly gain code execution. The vulnerability is due to improper bounds checking that may result in a multi-byte heap buffer overwflow write. An attacker could exploit this vulnerability by placing a crafted CDB ClamAV signature database file in the ClamAV database directory. An exploit could allow the attacker to run code as the clamav user.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 2 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Clamav ≫ Clamav Version <= 0.103.5

Clamav ≫ Clamav Version >= 0.104.0 <= 0.104.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.09%	0.274

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
psirt@cisco.com	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

https://security.gentoo.org/glsa/202310-01

https://blog.clamav.net/2022/05/clamav-01050-01043-01036-released.html

Vendor Advisory

Release Notes

https://nvd.nist.gov/vuln/detail/CVE-2022-20792

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-20792

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-20792

EUVD