Launchpad.net

CVE 2018-15378

A vulnerability in ClamAV versions prior to 0.100.2 could allow an attacker to cause a denial of service (DoS) condition. The vulnerability is due to an error related to the MEW unpacker within the "unmew11()" function (libclamav/mew.c), which can be exploited to trigger an invalid read memory access via a specially crafted EXE file.

Related bugs and status

CVE-2018-15378 (Candidate) is related to these bugs:

Bug #1792544: demotion of pcre3 (8.x) a.k.a pcre (without the 3) in favor of pcre2 (10.x)

		In	Importance	Status
1792544	demotion of pcre3 (8.x) a.k.a pcre (without the 3) in favor of pcre2 (10.x)	pcre3 (Ubuntu)	Undecided	Confirmed
1792544	demotion of pcre3 (8.x) a.k.a pcre (without the 3) in favor of pcre2 (10.x)	aide (Ubuntu)	Undecided	Fix Released
1792544	demotion of pcre3 (8.x) a.k.a pcre (without the 3) in favor of pcre2 (10.x)	apache2 (Ubuntu)	Undecided	Fix Released
1792544	demotion of pcre3 (8.x) a.k.a pcre (without the 3) in favor of pcre2 (10.x)	apr-util (Ubuntu)	Undecided	Fix Released
1792544	demotion of pcre3 (8.x) a.k.a pcre (without the 3) in favor of pcre2 (10.x)	clamav (Ubuntu)	Undecided	Fix Released
1792544	demotion of pcre3 (8.x) a.k.a pcre (without the 3) in favor of pcre2 (10.x)	exim4 (Ubuntu)	Undecided	Fix Released
1792544	demotion of pcre3 (8.x) a.k.a pcre (without the 3) in favor of pcre2 (10.x)	freeradius (Ubuntu)	Undecided	Fix Released
1792544	demotion of pcre3 (8.x) a.k.a pcre (without the 3) in favor of pcre2 (10.x)	git (Ubuntu)	Undecided	Fix Released
1792544	demotion of pcre3 (8.x) a.k.a pcre (without the 3) in favor of pcre2 (10.x)	glib2.0 (Ubuntu)	Undecided	Fix Released
1792544	demotion of pcre3 (8.x) a.k.a pcre (without the 3) in favor of pcre2 (10.x)	grep (Ubuntu)	Undecided	Fix Released
1792544	demotion of pcre3 (8.x) a.k.a pcre (without the 3) in favor of pcre2 (10.x)	haproxy (Ubuntu)	Undecided	Fix Released
1792544	demotion of pcre3 (8.x) a.k.a pcre (without the 3) in favor of pcre2 (10.x)	libpam-mount (Ubuntu)	Undecided	Fix Released
1792544	demotion of pcre3 (8.x) a.k.a pcre (without the 3) in favor of pcre2 (10.x)	libselinux (Ubuntu)	Undecided	Fix Released
1792544	demotion of pcre3 (8.x) a.k.a pcre (without the 3) in favor of pcre2 (10.x)	nginx (Ubuntu)	Undecided	Fix Released
1792544	demotion of pcre3 (8.x) a.k.a pcre (without the 3) in favor of pcre2 (10.x)	nmap (Ubuntu)	Undecided	Fix Released
1792544	demotion of pcre3 (8.x) a.k.a pcre (without the 3) in favor of pcre2 (10.x)	php7.2 (Ubuntu)	Undecided	Won't Fix
1792544	demotion of pcre3 (8.x) a.k.a pcre (without the 3) in favor of pcre2 (10.x)	postfix (Ubuntu)	Undecided	Fix Released
1792544	demotion of pcre3 (8.x) a.k.a pcre (without the 3) in favor of pcre2 (10.x)	python-pyscss (Ubuntu)	Undecided	Fix Released
1792544	demotion of pcre3 (8.x) a.k.a pcre (without the 3) in favor of pcre2 (10.x)	quagga (Ubuntu)	Undecided	Invalid
1792544	demotion of pcre3 (8.x) a.k.a pcre (without the 3) in favor of pcre2 (10.x)	rasqal (Ubuntu)	Undecided	Fix Released
1792544	demotion of pcre3 (8.x) a.k.a pcre (without the 3) in favor of pcre2 (10.x)	slang2 (Ubuntu)	Undecided	Fix Released
1792544	demotion of pcre3 (8.x) a.k.a pcre (without the 3) in favor of pcre2 (10.x)	sssd (Ubuntu)	Undecided	Fix Released
1792544	demotion of pcre3 (8.x) a.k.a pcre (without the 3) in favor of pcre2 (10.x)	wget (Ubuntu)	Undecided	Fix Released
1792544	demotion of pcre3 (8.x) a.k.a pcre (without the 3) in favor of pcre2 (10.x)	zsh (Ubuntu)	Undecided	Fix Released
1792544	demotion of pcre3 (8.x) a.k.a pcre (without the 3) in favor of pcre2 (10.x)	php-defaults (Ubuntu)	Undecided	Fix Released
1792544	demotion of pcre3 (8.x) a.k.a pcre (without the 3) in favor of pcre2 (10.x)	vte2.91 (Ubuntu)	Undecided	Fix Released
1792544	demotion of pcre3 (8.x) a.k.a pcre (without the 3) in favor of pcre2 (10.x)	systemd (Ubuntu)	Undecided	Invalid
1792544	demotion of pcre3 (8.x) a.k.a pcre (without the 3) in favor of pcre2 (10.x)	anope (Ubuntu)	Undecided	Fix Released
1792544	demotion of pcre3 (8.x) a.k.a pcre (without the 3) in favor of pcre2 (10.x)	tilix (Ubuntu)	Undecided	Fix Released
1792544	demotion of pcre3 (8.x) a.k.a pcre (without the 3) in favor of pcre2 (10.x)	zsh (Debian)	Unknown	Fix Released
1792544	demotion of pcre3 (8.x) a.k.a pcre (without the 3) in favor of pcre2 (10.x)	postfix (Debian)	Unknown	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2018-15378

Related bugs and status

Related bugs

References