<Vulnerability name="CVE-2026-20213">
    <DocumentDistribution xml:lang="en">Copyright © 2012 Red Hat, Inc. All rights reserved.</DocumentDistribution>
    <ThreatSeverity>Important</ThreatSeverity>
    <PublicDate>2026-07-01T16:27:38</PublicDate>
    <Bugzilla id="2496085" url="https://bugzilla.redhat.com/show_bug.cgi?id=2496085" xml:lang="en:us">
ClamAV: ClamAV: Denial of Service via crafted Portable Executable (PE) files
    </Bugzilla>
    <CVSS3 status="draft">
        <CVSS3BaseScore>7.5</CVSS3BaseScore>
        <CVSS3ScoringVector>CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H</CVSS3ScoringVector>
    </CVSS3>
    <CWE>CWE-787</CWE>
    <Details xml:lang="en:us" source="Mitre">
A vulnerability in the PE file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device.

This vulnerability is due to improper boundary checks for content in PE files during scanning, which may result in an out-of-bounds buffer write. An attacker could exploit this vulnerability by submitting a crafted file that contains PE content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software.
    </Details>
    <Details xml:lang="en:us" source="Red Hat">
A flaw was found in ClamAV. An unauthenticated, remote attacker could exploit this vulnerability by submitting a specially crafted file containing Portable Executable (PE) content for scanning. This is due to improper boundary checks during the scanning process, which may lead to an out-of-bounds buffer write and memory corruption. A successful exploit could result in a Denial of Service (DoS) condition, causing the ClamAV scanning process to terminate.
    </Details>
    <Statement xml:lang="en:us">
This is an Important flaw in ClamAV's PE file parser, allowing an unauthenticated, remote attacker to trigger a Denial of Service by submitting a crafted PE file for scanning. The vulnerability stems from improper boundary checks, leading to memory corruption and termination of the scanning process. This could impact systems where ClamAV is deployed to scan untrusted Portable Executable content.
    </Statement>
    <Mitigation xml:lang="en:us">
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
    </Mitigation>
    <References xml:lang="en:us">
https://www.cve.org/CVERecord?id=CVE-2026-20213
https://nvd.nist.gov/vuln/detail/CVE-2026-20213
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-88cFYyxR
    </References>
</Vulnerability>