Security update for clamav SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2019:1210-1 Final 1 1 2019-04-16T08:28:16Z current 2019-04-16T08:28:16Z 2019-04-16T08:28:16Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for clamav This update for clamav to version 0.100.3 fixes the following issues: Security issues fixed (bsc#1130721): - CVE-2019-1787: Fixed an out-of-bounds heap read condition which may occur when scanning PDF documents. - CVE-2019-1789: Fixed an out-of-bounds heap read condition which may occur when scanning PE files (i.e. Windows EXE and DLL files). - CVE-2019-1788: Fixed an out-of-bounds heap write condition which may occur when scanning OLE2 files such as Microsoft Office 97-2003 documents. This update was imported from the SUSE:SLE-15:Update update project. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-2019-1210 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-security-announce/2019-04/msg00062.html E-Mail link for openSUSE-SU-2019:1210-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1130721 SUSE Bug 1130721 https://www.suse.com/security/cve/CVE-2019-1787/ SUSE CVE CVE-2019-1787 page https://www.suse.com/security/cve/CVE-2019-1788/ SUSE CVE CVE-2019-1788 page https://www.suse.com/security/cve/CVE-2019-1789/ SUSE CVE CVE-2019-1789 page openSUSE Leap 15.0 clamav-0.100.3-lp150.2.10.1 clamav-devel-0.100.3-lp150.2.10.1 libclamav7-0.100.3-lp150.2.10.1 libclammspack0-0.100.3-lp150.2.10.1 clamav-0.100.3-lp150.2.10.1 as a component of openSUSE Leap 15.0 clamav-devel-0.100.3-lp150.2.10.1 as a component of openSUSE Leap 15.0 libclamav7-0.100.3-lp150.2.10.1 as a component of openSUSE Leap 15.0 libclammspack0-0.100.3-lp150.2.10.1 as a component of openSUSE Leap 15.0 A vulnerability in the Portable Document Format (PDF) scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of proper data handling mechanisms within the device buffer while indexing remaining file data on an affected device. An attacker could exploit this vulnerability by sending crafted PDF files to an affected device. A successful exploit could allow the attacker to cause a heap buffer out-of-bounds read condition, resulting in a crash that could result in a denial of service condition on an affected device. CVE-2019-1787 openSUSE Leap 15.0:clamav-0.100.3-lp150.2.10.1 openSUSE Leap 15.0:clamav-devel-0.100.3-lp150.2.10.1 openSUSE Leap 15.0:libclamav7-0.100.3-lp150.2.10.1 openSUSE Leap 15.0:libclammspack0-0.100.3-lp150.2.10.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/opensuse-security-announce/2019-04/msg00062.html https://www.suse.com/security/cve/CVE-2019-1787.html CVE-2019-1787 https://bugzilla.suse.com/1130721 SUSE Bug 1130721 A vulnerability in the Object Linking & Embedding (OLE2) file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a lack of proper input and validation checking mechanisms for OLE2 files sent an affected device. An attacker could exploit this vulnerability by sending malformed OLE2 files to the device running an affected version ClamAV Software. An exploit could allow the attacker to cause an out-of-bounds write condition, resulting in a crash that could result in a denial of service condition on an affected device. CVE-2019-1788 openSUSE Leap 15.0:clamav-0.100.3-lp150.2.10.1 openSUSE Leap 15.0:clamav-devel-0.100.3-lp150.2.10.1 openSUSE Leap 15.0:libclamav7-0.100.3-lp150.2.10.1 openSUSE Leap 15.0:libclammspack0-0.100.3-lp150.2.10.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/opensuse-security-announce/2019-04/msg00062.html https://www.suse.com/security/cve/CVE-2019-1788.html CVE-2019-1788 https://bugzilla.suse.com/1130721 SUSE Bug 1130721 ClamAV versions prior to 0.101.2 are susceptible to a denial of service (DoS) vulnerability. An out-of-bounds heap read condition may occur when scanning PE files. An example is Windows EXE and DLL files that have been packed using Aspack as a result of inadequate bound-checking. CVE-2019-1789 openSUSE Leap 15.0:clamav-0.100.3-lp150.2.10.1 openSUSE Leap 15.0:clamav-devel-0.100.3-lp150.2.10.1 openSUSE Leap 15.0:libclamav7-0.100.3-lp150.2.10.1 openSUSE Leap 15.0:libclammspack0-0.100.3-lp150.2.10.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/opensuse-security-announce/2019-04/msg00062.html https://www.suse.com/security/cve/CVE-2019-1789.html CVE-2019-1789 https://bugzilla.suse.com/1130721 SUSE Bug 1130721