Red Hat Bugzilla – Bug 455373
CVE-2008-3215 clamav: DoS / crash via crafted petite file (incomplete fix of CVE-2008-2713)
Last modified: 2008-07-21 04:21:13 EDT
According to Secunia / clamav upstream, fix for CVE-2008-2713 as originally used
in clamav 0.93.1 (see bug bug #451761) was incomplete:
Following fix is mentioned in the 0.93.2 changelog:
Thu Jul 3 16:15:23 CEST 2008
* libclamav/petite.c: fix another out of bounds memory read (bb#1000)
Reported by Secunia (CVE-2008-2713)
Upstream patch, now applied in SVN:
AFAIK this is fixed since 0.93.3, isn't it?
39562 (clamav): Build on target fedora-4-epel succeeded.
39561 (clamav): Build on target fedora-5-epel succeeded.
Yes, no problem for EPEL. Created this bug so that it can be referred from
Bodhi update request for F-8/F-9.
clamav-0.93.3-1.fc9 has been pushed to the Fedora 9 testing repository. If problems still persist, please make note of it in this bug report.
If you want to test the update, you can install it with
su -c 'yum --enablerepo=updates-testing update clamav'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F9/FEDORA-2008-6338
clamav-0.93.3-1.fc9 has been pushed to the Fedora 9 stable repository. If problems still persist, please make note of it in this bug report.
clamav-0.92.1-3.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report.
libclamav/petite.c in ClamAV before 0.93.3 allows remote attackers to
cause a denial of service via a malformed Petite file that triggers an
out-of-bounds memory access. NOTE: this issue exists because of an
incomplete fix for CVE-2008-2713.