FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

clamav -- Denial-of-Service (DoS) vulnerability

Affected packages
clamav < 0.102.2,1

Details

VuXML ID e7bc2b99-485a-11ea-bff9-9c5c8e75236a
Discovery 2020-02-05
Entry 2020-02-05

Micah Snyder reports:

A denial-of-service (DoS) condition may occur when using the optional credit card data-loss-prevention (DLP) feature. Improper bounds checking of an unsigned variable resulted in an out-of-bounds read, which causes a crash.

References

CVE Name CVE-2020-3123
URL https://blog.clamav.net/2020/02/clamav-01022-security-patch-released.html