ClamAV Double-free Vulnerability in the OLE2 File Parser
CVE-2022-20803

8.6HIGH

Key Information:

Vendor: Cisco
Status: Clamav
Vendor: CVE Published:; 17 February 2023

Summary

Clam AntiVirus versions 0.104.0 through 0.104.2 contain a vulnerability in the OLE2 file parser that may be exploited by unauthenticated remote attackers. By crafting a malicious OLE2 file and submitting it for scanning, an attacker can trigger a double-free condition due to improper handling of the realloc function, resulting in a crash of the scanning process. This could lead to a denial of service, disrupting the functionality of ClamAV on the affected device.

Affected Version(s)

ClamAV 0.104.0

References

https://blog.clamav.net/2022/05/clamav-01050-01043-01036-...

vendor-advisory

https://security.gentoo.org/glsa/202310-01

vendor-advisory

CVSS V3.1

Score:

8.6

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Feb 17, 2023
Vulnerability Reserved
Nov 2, 2021