ClamAV 0.94.2 resolves buffer overflow when scanning JPGs
With the release of version 0.94.2, the developers of ClamAV have fixed a flaw that could crash the scanner when it is parsing malformed jpegs. This is caused by a recursive buffer overflow that occurs when scanning thumbnails contained in the images. The thumbnails themselves are jpegs, and they are checked by the same ClamAV function cli_check_jpeg_exploit in libclamav/special.c used to check the original images.
The report says that the thumbnail can contain a further thumbnail which, because there are no recursion limits, will result in an overflow if malformed images are scanned. The update sets a recursion limit.
ClamAV has been using Twitter since the beginning of November to keep users informed of the latest developments, such as the release of new signatures.
See also:
- File Release Notes and Changelog, details of ClamAV 0.94.2
- recursive stack overflow in jpeg parsing code, security advisory in ClamAV database
(djwm)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/6/7/2/comingin310_4_kicker-4977194bfb0de0d7.png)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/3/2/3/comingin310_3_kicker-151cd7b9e9660f05.png)
