CVE-2020-3123

A vulnerability in the Data-Loss-Prevention (DLP) module in Clam AntiVirus (ClamAV) Software versions 0.102.1 and 0.102.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to an out-of-bounds read affecting users that have enabled the optional DLP feature. An attacker could exploit this vulnerability by sending a crafted email file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition.

packagechannelchannel versionpkg versionstatus
clamav
nixos-unstable
2020-02-09 19:20:46 UTC (8130f3)0.102.1vulnerable
2020-01-31 22:35:47 UTC (a21c2f)0.102.1vulnerable
2020-01-31 03:40:27 UTC (8539d5)0.102.1vulnerable
2020-01-27 15:15:42 UTC (e59dcf)0.102.1vulnerable
2020-01-26 13:55:23 UTC (73a59a)0.102.1vulnerable
2020-01-26 02:00:18 UTC (8a9807)0.102.1vulnerable
2020-01-24 12:40:44 UTC (05626c)0.102.1vulnerable
2020-01-23 12:40:25 UTC (d1ba7d)0.102.1vulnerable
2020-01-22 11:20:35 UTC (90441b)0.102.1vulnerable
2020-01-22 02:25:38 UTC (f37db1)0.102.1vulnerable
2020-01-21 07:35:39 UTC (a65f33)0.102.1vulnerable
2020-01-20 03:15:32 UTC (bea1a2)0.102.1vulnerable
2020-01-18 10:35:34 UTC (c438ce)0.102.1vulnerable
2020-01-17 08:15:31 UTC (2628f2)0.102.1vulnerable
2020-01-16 20:30:28 UTC (d5e9b7)0.102.1vulnerable
2020-01-15 07:35:45 UTC (7184df)0.102.1vulnerable
2020-01-12 17:10:37 UTC (100012)0.102.1vulnerable
2020-01-12 04:35:18 UTC (aa561c)0.102.1vulnerable
2020-01-11 08:25:20 UTC (e41347)0.102.1vulnerable
2020-01-09 02:55:25 UTC (e1eedf)0.102.1vulnerable
2020-01-07 08:20:27 UTC (9beb0d)0.102.1vulnerable
2020-01-05 23:45:32 UTC (2e8fc9)0.102.1vulnerable
2020-01-04 10:30:42 UTC (e0470e)0.102.1vulnerable
2019-12-27 17:25:29 UTC (b0bbac)0.102.1vulnerable
2019-12-24 14:15:43 UTC (a06925)0.102.1vulnerable
2019-12-23 15:10:32 UTC (eeaf1f)0.102.1vulnerable
2019-12-23 01:55:35 UTC (00915d)0.102.1vulnerable
2019-12-22 01:45:20 UTC (f5bb6c)0.102.1vulnerable
2019-12-18 17:15:45 UTC (d94268)0.102.1vulnerable
2019-12-18 02:35:23 UTC (352f03)0.102.1vulnerable
2019-12-17 09:50:29 UTC (863658)0.102.1vulnerable
2019-12-09 12:37:43 UTC (3140fa)0.102.1vulnerable
2019-11-19 17:55:36 UTC (e89b21)0.102.0vulnerable
2019-11-16 10:50:41 UTC (c19665)0.102.0vulnerable
2019-11-04 02:05:14 UTC (7827d3)0.102.0vulnerable
2019-11-01 05:45:36 UTC (471869)0.102.0vulnerable
2019-10-24 17:20:29 UTC (4cd2cb)0.102.0vulnerable
2019-10-21 20:05:44 UTC (f35f08)0.102.0vulnerable
2019-10-16 07:35:21 UTC (1c40ee)0.102.0vulnerable
2019-10-14 09:05:43 UTC (94500c)0.102.0vulnerable
2019-10-11 17:35:31 UTC (b94333)0.102.0vulnerable
2019-10-11 08:50:35 UTC (8b46dc)0.102.0vulnerable
2019-10-11 08:00:33 UTC (d8aae8)0.102.0vulnerable
2019-10-08 18:30:37 UTC (07d4df)0.102.0vulnerable