| Summary: | clamav new security issue CVE-2022-20698 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | David Walser <luigiwalser> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | Sec team <security> |
| Severity: | normal | ||
| Priority: | Normal | CC: | andrewsfarm, davidwhodgins, herman.viaene, nicolas.salguero, sysadmin-bugs |
| Version: | 8 | Keywords: | advisory, validated_update |
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | MGA8-64-OK | ||
| Source RPM: | clamav-0.103.4-1.mga8.src.rpm | CVE: | CVE-2022-20698 |
| Status comment: | |||
|
Description
David Walser
2022-01-16 17:07:06 CET
David Walser
2022-01-16 17:07:25 CET
Whiteboard:
(none) =>
MGA8TOO Assigning rather than CC'ing NicolasS, the main committer of this SRPM. Assignee:
bugsquad =>
nicolas.salguero Suggested advisory: ======================== The updated packages fix a security vulnerability: A vulnerability in the OOXML parsing module in Clam AntiVirus (ClamAV) Software version 0.104.1 and LTS version 0.103.4 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper checks that may result in an invalid pointer read. An attacker could exploit this vulnerability by sending a crafted OOXML file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to crash, resulting in a denial of service condition. (CVE-2022-20698) References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20698 https://blog.clamav.net/2022/01/clamav-01035-and-01042-security-patch.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/CKHVIDDT45SUTNVD3ODK2FDXJFJ3ETJH/ ======================== Updated packages in core/updates_testing: ======================== clamav-0.103.5-1.mga8 clamav-db-0.103.5-1.mga8 clamav-milter-0.103.5-1.mga8 clamd-0.103.5-1.mga8 lib(64)clamav9-0.103.5-1.mga8 lib(64)clamav-devel-0.103.5-1.mga8 from SRPM: clamav-0.103.5-1.mga8.src.rpm Status:
NEW =>
ASSIGNED
Nicolas Salguero
2022-01-17 09:20:16 CET
CC:
(none) =>
nicolas.salguero MGA8-64 Plasma on Lenovo B50 in Dutch No installation issues. Ref bug 29663 for tests # freshclam Current working dir is /var/lib/clamav/ Loaded freshclam.dat: version: 1 uuid: 744e501c-975d-4059-97aa-a11076e25aef ClamAV update process started at Tue Jan 18 14:33:16 2022 Current working dir is /var/lib/clamav/ Querying current.cvd.clamav.net TTL: 1800 etc ..... till check_for_new_database_version: Local copy of bytecode found: bytecode.cvd. query_remote_database_version: bytecode.cvd version from DNS: 333 bytecode.cvd database is up-to-date (version: 333, sigs: 92, f-level: 63, builder: awillia2) fc_update_database: bytecode.cvd already up-to-date. $ clamscan /home/tester8/.ICEauthority: Empty file /home/tester8/.xscreensaver: OK /home/tester8/.Xauthority: OK etc....till ----------- SCAN SUMMARY ----------- Known viruses: 8603993 Engine version: 0.103.5 Scanned directories: 1 Scanned files: 27 Infected files: 0 Data scanned: 0.08 MB Data read: 202.71 MB (ratio 0.00:1) Time: 19.316 sec (0 m 19 s) Start Date: 2022:01:18 14:33:58 End Date: 2022:01:18 14:34:18 # systemctl -l status clamav-daemon ● clamav-daemon.service - Clam AntiVirus userspace daemon Loaded: loaded (/usr/lib/systemd/system/clamav-daemon.service; disabled; vendor preset: disabled) Active: inactive (dead) TriggeredBy: ● clamav-daemon.socket Docs: man:clamd(8) man:clamd.conf(5) https://docs.clamav.net/ jan 18 14:34:51 mach5.hviaene.thuis systemd[1]: /usr/lib/systemd/system/clamav-daemon.service:13: Standard output type syslog is obsolete, automatically updating to journal. Please update your unit file, and cons> jan 18 14:34:51 mach5.hviaene.thuis systemd[1]: /usr/lib/systemd/system/clamav-daemon.service:13: Standard output type syslog is obsolete, automatically updating to journal. Please update your unit file, and cons> jan 18 14:34:51 mach5.hviaene.thuis systemd[1]: /usr/lib/systemd/system/clamav-daemon.service:13: Standard output type syslog is obsolete, automatically updating to journal. Please update your unit file, and cons> jan 18 14:36:22 mach5.hviaene.thuis systemd[1]: /usr/lib/systemd/system/clamav-daemon.service:13: Standard output type syslog is obsolete, automatically updating to journal. Please update your unit file, and cons> jan 18 14:36:22 mach5.hviaene.thuis systemd[1]: /usr/lib/systemd/system/clamav-daemon.service:13: Standard output type syslog is obsolete, automatically updating to journal. Please update your unit file, and cons> # systemctl start clamav-daemon # systemctl -l status clamav-daemon ● clamav-daemon.service - Clam AntiVirus userspace daemon Loaded: loaded (/usr/lib/systemd/system/clamav-daemon.service; disabled; vendor preset: disabled) Active: active (running) since Tue 2022-01-18 14:36:45 CET; 3s ago TriggeredBy: ● clamav-daemon.socket Docs: man:clamd(8) man:clamd.conf(5) https://docs.clamav.net/ Main PID: 7859 (clamd) Tasks: 1 (limit: 9397) Memory: 552.6M CPU: 3.544s CGroup: /system.slice/clamav-daemon.service └─7859 /usr/sbin/clamd --foreground=true jan 18 14:36:45 mach5.hviaene.thuis systemd[1]: Started Clam AntiVirus userspace daemon. So all looks OK to me. Whiteboard:
(none) =>
MGA8-64-OK Validating. Advisory in Comment 2. CC:
(none) =>
andrewsfarm, sysadmin-bugs
Dave Hodgins
2022-01-18 19:12:59 CET
Keywords:
(none) =>
advisory An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2022-0024.html Status:
ASSIGNED =>
RESOLVED |