OSV-2025-248
See a problem?- Import Source
- https://github.com/google/oss-fuzz-vulns/blob/main/vulns/clamav/OSV-2025-248.yaml
- JSON Data
- https://api.osv.dev/v1/vulns/OSV-2025-248
- Published
- 2025-04-02T00:00:13.427589Z
- Modified
- 2025-04-02T00:00:13.428120Z
- Summary
- Heap-buffer-overflow in cli_bm_addpatt
- Details
-
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=407448850
Crash type: Heap-buffer-overflow READ 1 Crash state: cli_bm_addpatt add_hash load_regex_matcher - References
Affected packages
OSS-Fuzz / clamav
Package
- Name
- clamav
- Purl
- pkg:generic/clamav
Affected versions
clamav-0.*
clamav-0.104.3
clamav-0.104.4
clamav-0.105.0
clamav-0.105.0-rc
clamav-0.105.0-rc2
clamav-0.105.1
clamav-0.105.2
clamav-1.*
clamav-1.0.0
clamav-1.0.0-rc
clamav-1.0.0-rc2
clamav-1.0.1
clamav-1.0.2
clamav-1.0.3
clamav-1.0.4
clamav-1.0.5
clamav-1.0.6
clamav-1.0.7
clamav-1.0.8
clamav-1.1.0
clamav-1.1.0-rc
clamav-1.1.1
clamav-1.1.2
clamav-1.1.3
clamav-1.2.0
clamav-1.2.0-rc
clamav-1.2.1
clamav-1.2.2
clamav-1.2.3
clamav-1.3.0
clamav-1.3.0-rc
clamav-1.3.0-rc2
clamav-1.3.1
clamav-1.3.2
clamav-1.4.0
clamav-1.4.0-rc
clamav-1.4.1
clamav-1.4.2
clamav-1.5.0-beta
Database specific
fixed_range
"640413d9c5c116a9cbf07bc864162aa0745d38af:e86919789fa7550445bdac9dc5357168cfba4754"
source
"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/clamav/OSV-2025-248.yaml"
introduced_range
"d9a584b39fb694adc5740b666cba0242b55f774a:0037f5825b0b17a789c7eb29c9cb9a2d39c452bc"