Cisco has published new releases of the free anti-virus package ClamAV 1.0.1, 0.105.3 and 0.103.8, which fixes a critical vulnerability (CVE-2023-20032) that could lead to code execution when scanning files with specially formatted disk images in ClamAV. HFS+ format.
The vulnerability is caused by the lack of a proper check of the buffer size, which allows you to write your data to the area outside the buffer boundary and organize the execution of code with the rights of the ClamAV process, for example, scanning files extracted from messages on the mail server. The publication of package updates in distributions can be tracked on the pages: Debian, Ubuntu, Gentoo, RHEL, SUSE, Arch, FreeBSD, NetBSD.
The new releases also fix another vulnerability (CVE-2023-20052) that could leak content from any files on the server that the scanning process has access to. The vulnerability manifests itself when parsing specially designed files in the DMG format and is caused by the fact that the parser, during the parsing process, allows the substitution of external XML elements that are referenced in the parsed DMG file.
Source: opennet.ru