A vulnerability in the filesystem image parser for Hierarchical File System Plus (HFS+) of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an incorrect check for completion when a file is decompressed, which may result in a loop condition that could cause the affected software to stop responding. An attacker could exploit this vulnerability by submitting a crafted HFS+ filesystem image to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to stop responding, resulting in a DoS condition on the affected software and consuming available system resources. For a description of this vulnerability, see the ClamAV blog .
Weakness
The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Secure_endpoint | Cisco | * | 1.22.0 (excluding) |
| Secure_endpoint | Cisco | * | 7.5.13.21586 (excluding) |
| Secure_endpoint | Cisco | 8.0.1.21160 (including) | 8.1.7.21585 (excluding) |
| Secure_endpoint_private_cloud | Cisco | * | 3.8.0 (excluding) |
| Clamav | Ubuntu | bionic | * |
| Clamav | Ubuntu | devel | * |
| Clamav | Ubuntu | esm-infra-legacy/trusty | * |
| Clamav | Ubuntu | esm-infra/bionic | * |
| Clamav | Ubuntu | esm-infra/focal | * |
| Clamav | Ubuntu | esm-infra/xenial | * |
| Clamav | Ubuntu | focal | * |
| Clamav | Ubuntu | jammy | * |
| Clamav | Ubuntu | lunar | * |
| Clamav | Ubuntu | trusty | * |
| Clamav | Ubuntu | trusty/esm | * |
| Clamav | Ubuntu | xenial | * |