CVE-2024-20505: 
Clam AntiVirus vulnerability analysis and mitigation

A vulnerability in the PDF parsing module of Clam AntiVirus (ClamAV) versions 1.4.0, 1.3.2 and prior versions, all 1.2.x versions, 1.0.6 and prior versions, all 0.105.x versions, all 0.104.x versions, and 0.103.11 and all prior versions could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability was discovered and reported by OSS-Fuzz and was assigned CVE-2024-20505 (NVD, ClamAV Blog).

The vulnerability is due to an out-of-bounds read in the PDF file parser. The issue has been assigned a CVSS v3.1 base score of 7.5 HIGH (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) by NIST NVD, while Cisco Systems assessed it with a score of 4.0 MEDIUM (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). The vulnerability is tracked as CWE-125 (Out-of-bounds Read) (NVD).

An exploit could allow the attacker to terminate the scanning process, resulting in a denial of service (DoS) condition on the affected device. The vulnerability affects the PDF scanning functionality of ClamAV, potentially disrupting antivirus scanning operations (NVD).

The vulnerability has been fixed in ClamAV versions 1.4.1, 1.3.2, 1.0.7, and 0.103.12. Users are advised to upgrade to these patched versions to address the security issue. The fix addresses the out-of-bounds read bug in the PDF file parser (ClamAV Blog).