vulnerability
Arch Linux: Untrusted Pointer Dereference (CVE-2022-20796)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:N/C:N/I:N/A:C) | May 4, 2022 | Jul 11, 2025 | Nov 27, 2025 |
Severity
5
CVSS
(AV:L/AC:L/Au:N/C:N/I:N/A:C)
Published
May 4, 2022
Added
Jul 11, 2025
Modified
Nov 27, 2025
Description
possible NULL-pointer dereference crash in the scan verdict cache check
Solution
arch-linux-upgrade-latest
References
- CVE-2022-20796
- https://attackerkb.com/topics/CVE-2022-20796
- URL-https://blog.clamav.net/2022/05/clamav-01050-01043-01036-released.html
- URL-https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html
- URL-https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RV6BLIATIJE74SQ6NG5ZC4JK5MMDQ2R/
- URL-https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BX5ZXNHP4NFYQ5BFSKY3WT7NTBZUYG7L/
- URL-https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N4NNBIJVG6Z4PDIKUZXTYXICYUAYAZ56/
- URL-https://security.gentoo.org/glsa/202310-01
- URL-https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-dos-vL9x58p4
- CWE-822
- CWE-476
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.