Heap Buffer Overflow in ClamAV Affects Local Users
CVE-2022-20792

7.8HIGH

Key Information:

Vendor: Cisco
Status: Clam Antivirus (clamav)
Vendor: CVE Published:; 4 May 2022

What is CVE-2022-20792?

A vulnerability exists in the regex module used by the Clam AntiVirus signature database load module, allowing an authenticated local attacker to potentially crash the service and execute arbitrary code. This arises from improper bounds checking leading to a multi-byte heap buffer overflow. By placing a maliciously crafted CDB signature database file in the ClamAV database directory, an attacker can exploit the flaw, potentially gaining the ability to run code as the clamav user, threatening system integrity.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Clam AntiVirus (ClamAV) <= 0.104.2

Clam AntiVirus (ClamAV) 0.104.0

Clam AntiVirus (ClamAV) <= 0.103.5

References

https://blog.clamav.net/2022/05/clamav-01050-01043-01036-...

vendor-advisory

https://security.gentoo.org/glsa/202310-01

vendor-advisory

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
May 4, 2022
Vulnerability Reserved
Nov 2, 2021

JSON

Cisco

What is CVE-2022-20792?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.