ALAS-2022-1621

Amazon Linux 1 Security Advisory: ALAS-2022-1621
Advisory Release Date: 2022-07-28 20:34 Pacific
Advisory Updated Date: 2022-08-04 22:33 Pacific

Severity: Important

References: CVE-2022-20770 CVE-2022-20771 CVE-2022-20785 CVE-2022-20796
FAQs regarding Amazon Linux ALAS/CVE Severity

Issue Overview:

On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in CHM file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog. This advisory will be updated as additional information becomes available. (CVE-2022-20770)

On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in the TIFF file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog. This advisory will be updated as additional information becomes available. (CVE-2022-20771)

On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in HTML file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog. This advisory will be updated as additional information becomes available. (CVE-2022-20785)

On May 4, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in Clam AntiVirus (ClamAV) versions 0.103.4, 0.103.5, 0.104.1, and 0.104.2 could allow an authenticated, local attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog. (CVE-2022-20796)

Affected Packages:

clamav

Issue Correction:
Run yum update clamav to update your system.

New Packages:

i686:
    clamav-0.103.6-1.49.amzn1.i686
    clamav-db-0.103.6-1.49.amzn1.i686
    clamav-lib-0.103.6-1.49.amzn1.i686
    clamav-debuginfo-0.103.6-1.49.amzn1.i686
    clamav-devel-0.103.6-1.49.amzn1.i686
    clamav-update-0.103.6-1.49.amzn1.i686
    clamav-milter-0.103.6-1.49.amzn1.i686
    clamd-0.103.6-1.49.amzn1.i686

noarch:
    clamav-filesystem-0.103.6-1.49.amzn1.noarch
    clamav-data-0.103.6-1.49.amzn1.noarch

src:
    clamav-0.103.6-1.49.amzn1.src

x86_64:
    clamav-milter-0.103.6-1.49.amzn1.x86_64
    clamav-update-0.103.6-1.49.amzn1.x86_64
    clamd-0.103.6-1.49.amzn1.x86_64
    clamav-0.103.6-1.49.amzn1.x86_64
    clamav-db-0.103.6-1.49.amzn1.x86_64
    clamav-debuginfo-0.103.6-1.49.amzn1.x86_64
    clamav-devel-0.103.6-1.49.amzn1.x86_64
    clamav-lib-0.103.6-1.49.amzn1.x86_64

Additional References

Red Hat: CVE-2022-20770, CVE-2022-20771, CVE-2022-20785, CVE-2022-20796

Mitre: CVE-2022-20770, CVE-2022-20771, CVE-2022-20785, CVE-2022-20796