Alpine: multiple clamav packages, multiple freshclam packages: security update to 0.99.4-r0

critical Tenable Self-Hosted Container Security Plugin ID 403853

Description

There are packages installed that are affected by multiple vulnerabilities referenced in the following CVEs:

- A VMSF_DELTA memory corruption was discovered in unrar before 5.5.5, as used in Sophos Anti-Virus Threat
Detection Engine before 3.37.2 and other products, that can lead to arbitrary code execution. An integer
overflow can be caused in DataSize+CurChannel. The result is a negative value of the "DestPos" variable,
which allows the attacker to write out of bounds when setting Mem[DestPos]. (CVE-2012-6706)

- mspack/lzxd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2, allows remote attackers to cause a denial
of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact
via a crafted CHM file. (CVE-2017-6419)

- The cabd_read_string function in mspack/cabd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2 and other
products, allows remote attackers to cause a denial of service (stack-based buffer over-read and
application crash) via a crafted CAB file. (CVE-2017-11423)

- clamscan in ClamAV before 0.99.4 contains a vulnerability that could allow an unauthenticated, remote
attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to
improper input validation checking mechanisms when handling Portable Document Format (.pdf) files sent to
an affected device. An unauthenticated, remote attacker could exploit this vulnerability by sending a
crafted .pdf file to an affected device. This action could cause an out-of-bounds read when ClamAV scans
the malicious file, allowing the attacker to cause a DoS condition. This concerns pdf_parse_array and
pdf_parse_string in libclamav/pdfng.c. Cisco Bug IDs: CSCvh91380, CSCvh91400. (CVE-2018-0202)

- ClamAV version version 0.99.3 contains a Out of bounds heap memory read vulnerability in XAR parser,
function xar_hash_check() that can result in Leaking of memory, may help in developing exploit chains..
This attack appear to be exploitable via The victim must scan a crafted XAR file. This vulnerability
appears to have been fixed in after commit d96a6b8bcc7439fa7e3876207aa0a8e79c8451b6. (CVE-2018-1000085)

See Also

https://security.alpinelinux.org/vuln/CVE-2012-6706

https://security.alpinelinux.org/vuln/CVE-2017-11423

https://security.alpinelinux.org/vuln/CVE-2017-6419

https://security.alpinelinux.org/vuln/CVE-2018-0202

https://security.alpinelinux.org/vuln/CVE-2018-1000085

Plugin Details

Severity: Critical

ID: 403853

Version: Revision 1.27

Type: Local

Published: 10/31/2023

Updated: 7/2/2026

Supported Sensors: Agentless Assessment, Tenable Cloud Security, Tenable Self-Hosted Container Security

Risk Information

VPR

Risk Factor: Medium

Score: 4.9

Percentile: 57.12

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2012-6706

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 6/22/2017

Reference Information

CVE: CVE-2012-6706, CVE-2017-11423, CVE-2017-6419, CVE-2018-0202, CVE-2018-1000085

BID: 100604