Bug 746984 (CVE-2011-3627) - CVE-2011-3627 clamav: Recursion level crash fixed in v0.97.3
Summary: CVE-2011-3627 clamav: Recursion level crash fixed in v0.97.3
Alias: CVE-2011-3627
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
Depends On: 746989 746990
TreeView+ depends on / blocked
Reported: 2011-10-18 13:47 UTC by Jan Lieskovsky
Modified: 2019-09-29 12:48 UTC (History)
6 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2011-12-09 01:21:53 UTC

Attachments (Terms of Use)

Description Jan Lieskovsky 2011-10-18 13:47:27 UTC
A denial of service flaw was found in the way the bytecode engine of the Clam Antivirus scanner handled recursion level when scanning an unpacked file. If a local user was tricked into scanning a file or directory with 'load bytecode from the database' feature enabled, it could lead to clamscan executable crash.

[1] https://bugs.gentoo.org/show_bug.cgi?id=387521
[2] http://www.openwall.com/lists/oss-security/2011/10/18/1
[3] http://git.clamav.net/gitweb?p=clamav-devel.git;a=blob_plain;f=ChangeLog;hb=clamav-0.97.3

Upstream patch:
[4] http://git.clamav.net/gitweb?p=clamav-devel.git;a=commit;h=3d664817f6ef833a17414a4ecea42004c35cc42f

Comment 1 Jan Lieskovsky 2011-10-18 13:49:29 UTC
This issue affects the versions of the clamav package, as shipped with Fedora release of 14 and 15. Please schedule an update.


This issue affects the versions of the clamav package, as present within EPEL 4, EPEL 5 and EPEL 6 repositories. Please schedule an update.

Comment 2 Jan Lieskovsky 2011-10-18 13:50:34 UTC
Created clamav tracking bugs for this issue

Affects: fedora-all [bug 746989]
Affects: epel-all [bug 746990]

Comment 3 Vincent Danen 2011-10-18 21:16:30 UTC
This was assigned CVE-2011-3627:


Note You need to log in before you can comment on or make changes to this bug.