Cisco published new issues of a free antivirus package clamav 1.0.1, 0.105.3 and 0.103.8 , in which Critical vulnerability ( CVE-2023-20032 ), capable of leading to remote execution of code on the server when scanning files with specially designed disk images in HFS+.
Vulnerability is caused by the absence of proper verification of the size of the buffer, which allows you to record your data into the area abroad of the buffer and organize the execution of code with the rights of the Clamav process, scanning the files extracted from letters. Publication of packet updates in distributions can be traced on the pages: debian , ubuntu , Gentoo , rheel , suse , arch , freeBSD , NetBSD .
In the new issues, another viases is also eliminated in the new issues. > ( cve-2023-20052 ), which can lead to a leakage of the contents from any files on the server to which there is access to the scanning process. Vulnerability is manifested when analyzing specially designed files in DMG format and is caused by the fact that the Parser during the analysis of the XML external elements, to which there are links in the disassembled DMG file.