CVE-2018-1000085
- Source
- https://cve.org/CVERecord?id=CVE-2018-1000085
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-1000085.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2018-1000085
- Downstream
- Related
- Published
- 2018-03-13T15:29:01.113Z
- Modified
- 2026-03-15T14:29:10.319875Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
ClamAV version version 0.99.3 contains a Out of bounds heap memory read vulnerability in XAR parser, function xarhashcheck() that can result in Leaking of memory, may help in developing exploit chains.. This attack appear to be exploitable via The victim must scan a crafted XAR file. This vulnerability appears to have been fixed in after commit d96a6b8bcc7439fa7e3876207aa0a8e79c8451b6.
- References
-
- https://lists.debian.org/debian-lts-announce/2018/03/msg00011.html
- https://security.gentoo.org/glsa/201804-16
- https://usn.ubuntu.com/3592-1/
- https://usn.ubuntu.com/3592-2/
- http://www.openwall.com/lists/oss-security/2017/09/29/4
- https://github.com/Cisco-Talos/clamav-devel/commit/d96a6b8bcc7439fa7e3876207aa0a8e79c8451b6
Affected packages
Git / github.com/cisco-talos/clamav
Affected versions
clamav-0.*
clamav-0.96
clamav-0.96.2
clamav-0.96.3
clamav-0.96.4
clamav-0.96.5
clamav-0.96rc1
clamav-0.96rc2
clamav-0.97
clamav-0.97rc
clamav-0.98-dmgxar
clamav-0.99-beta1
clamav-0.99.2
clamav-0.99.3
Other
merge-llvm-79908
merge-llvm-80601
merge-llvm-83242
merge-llvm-90002
merge-llvm-91214
merge-llvm-91428
merge-llvm-92222
merge-llvm-94539
merge-llvm-97877
r5076
Database specific
vanir_signatures
[
{
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"digest": {
"function_hash": "302437638560747696844139406282562986575",
"length": 10960.0
},
"target": {
"file": "libclamav/xar.c",
"function": "cli_scanxar"
},
"id": "CVE-2018-1000085-015effc0",
"source": "https://github.com/cisco-talos/clamav/commit/d96a6b8bcc7439fa7e3876207aa0a8e79c8451b6"
},
{
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"247597764637765560895560734648230331272",
"233478940305917888839353206860891865017",
"291845340389789391556425139398227654332",
"173097474370639997816406990494019218039",
"150741875967945160245749141335577763620",
"125521133216504670201589637509492630230",
"42065592967489338366826712056722904567",
"43240121562569999788429626213777549497",
"90155328056117316932756386691796066446",
"168318484604143330315988242109533229813",
"121008109033999617909588721069991758165",
"17199622387730959675814747787004939977",
"282548318721385229577842067367835242814",
"218737128531418054095216966149461638586",
"321775781371872758371778839765853953348",
"312703132995152401256841095311114778840",
"178700505956996711777231262140872410305",
"188590201292122104749775445857190518878",
"123691687544784850551619151306785479102",
"172414361667042496286410551563506558977",
"108030744114736745224831479596086927563",
"328429824626476919043316391022601512176",
"228178482982769473129419413126119323829",
"224399601828331823290230585737006694462",
"59851391690908149353415357800868486752",
"316157072640769944790577138248169275163",
"250722595330028821321530249793875016626",
"10196860906776902551605617182685130441",
"237553907301377577663299165605338814716",
"135411002344702096829710074990260957104",
"284322607355121819523885339522353524552",
"11395970100372586887477453408709028161",
"24485962961831835021122441471619144061",
"168106793482623093655761449384252617710",
"10421584585691625622396989087036936342",
"12366667420657729543255195680165041845",
"68874931906903818676478683601528044191",
"264285573761965215913150958510623417731",
"282602046180439193267757662236656615203",
"266016991789792119240600186126205442260",
"287819142356834980879766860843441853534",
"170993223081184813631496104177978628053",
"33605546038320093049505847909238343753",
"327412211466153263798598490441552586539",
"100954544420651195227903240354563733262",
"55062529749008598783540753224246544533",
"258790999424920418991899854587608074603",
"181929451878239691065136295070533081658",
"242997260607698503970440329812625612583",
"174789289163543142492966397373912346673",
"250024408928634273861120978129512661604",
"100137092834538741234895039451239310964",
"30222632178684947050796414905766896968",
"139582639462308437937754213688297809406",
"252914599300083165255235519706242992913",
"55936484036366103484183727625207267263",
"139935458871852420898816853567765566403",
"122562161703596118400782967989491939744",
"273827745782534108019258581641803479529",
"266473915891327149781941253228992897174",
"249462509194935403111496349338767544641",
"86142880210473640609472552770952140581",
"318734762474073187013740444153602160595",
"299791829520949384410623782686740741303",
"159094949552600504003991075484983863932",
"119478077549180008762246902018323034093",
"32351827583025332066354641557869339375",
"250024408928634273861120978129512661604",
"100137092834538741234895039451239310964",
"16809198567083278088094534618966079609",
"108770862932828944138174001266750144826",
"204597419057074453976092392380428711265",
"83485965279633341132527822814913781674",
"78820668911646758739678458311074406244",
"303893099674765093361714522429809513595",
"53872873552251604870598731183886407773",
"194393273374626379290770363056715458121",
"6076847226279250486347002786389503028",
"221482292810480829416696791787510849997",
"307154901834107143934991320426870555849",
"291359705103824660946269940939699344593",
"314471020745322607813221742286441177237",
"195957511671841385721179400069083559759",
"137480514318081555192870096671640544466",
"243045864902516921487956333524926737934",
"275866767593624683087670146039091768212",
"163283275632466369306301104830300245738"
]
},
"target": {
"file": "libclamav/xar.c"
},
"id": "CVE-2018-1000085-5d738bd3",
"source": "https://github.com/cisco-talos/clamav/commit/d96a6b8bcc7439fa7e3876207aa0a8e79c8451b6"
},
{
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"digest": {
"function_hash": "95308915133599037269234113442706052026",
"length": 366.0
},
"target": {
"file": "libclamav/xar.c",
"function": "xar_hash_check"
},
"id": "CVE-2018-1000085-6c316faf",
"source": "https://github.com/cisco-talos/clamav/commit/d96a6b8bcc7439fa7e3876207aa0a8e79c8451b6"
},
{
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"digest": {
"function_hash": "201022414640066503712727692343796089791",
"length": 1141.0
},
"target": {
"file": "libclamav/xar.c",
"function": "xar_get_checksum_values"
},
"id": "CVE-2018-1000085-7f19ccaa",
"source": "https://github.com/cisco-talos/clamav/commit/d96a6b8bcc7439fa7e3876207aa0a8e79c8451b6"
},
{
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"digest": {
"function_hash": "238582205779040363762247100474330748160",
"length": 450.0
},
"target": {
"file": "libclamav/xar.c",
"function": "xar_get_numeric_from_xml_element"
},
"id": "CVE-2018-1000085-a4b2d293",
"source": "https://github.com/cisco-talos/clamav/commit/d96a6b8bcc7439fa7e3876207aa0a8e79c8451b6"
}
]
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-1000085.json"
unresolved_ranges
[
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "7.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "12.04"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "14.04"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.04"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "17.10"
}
]
}
]