CVE-2021-40837
Denial-of-Service (DoS) Vulnerability
More information
A vulnerability affecting WithSecure™ antivirus engine was discovered whereby decompression of ACE file causes the scanner service to stop. The vulnerability can be exploited remotely by an attacker. A successful attack will result in denial-of-service of the antivirus engine.
This issue was reported to WithSecure™ through the Vulnerability Reward Program. No known exploit or attack has been seen in the wild.
Contributors
WithSecure Corporation would like to thank following person for bringing this issue to our attention.
faty420
Twitter- Denial-of-Service of the antivirus engine when decompression of ACE file.
- Fixed
- Medium
- No User action is required. The required fix has been published through automatic update channel with Capricorn update 2022-02-01_01
- WithSecure™ All F-Secure Endpoint Protection products on Windows and Mac WithSecure™ Linux Security (32-bit) WithSecure™ Linux Security 64 WithSecure™ Atlant WithSecure™ Internet Gatekeeper WithSecure™ Security Cloud
- Affected platforms all supported platforms for the affected products
- 9/2/2022
Description
Status
Risk level
Fix
Affected products
Platforms
Date issued
- Security advisories
- 2021
- Medium