USN-7011-1 fixed several vulnerabilities in ClamAV. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.
Original advisory details:
It was discovered that ClamAV incorrectly handled certain PDF files. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. (CVE-2024-20505)
It was discovered that ClamAV incorrectly handled logfile privileges. A local attacker could use this issue to cause ClamAV to overwrite arbitrary files, possibly leading to privilege escalation. (CVE-2024-20506)
{ "binaries": [ { "binary_version": "0.103.12+dfsg-0ubuntu0.16.04.1+esm1", "binary_name": "clamav" }, { "binary_version": "0.103.12+dfsg-0ubuntu0.16.04.1+esm1", "binary_name": "clamav-base" }, { "binary_version": "0.103.12+dfsg-0ubuntu0.16.04.1+esm1", "binary_name": "clamav-daemon" }, { "binary_version": "0.103.12+dfsg-0ubuntu0.16.04.1+esm1", "binary_name": "clamav-docs" }, { "binary_version": "0.103.12+dfsg-0ubuntu0.16.04.1+esm1", "binary_name": "clamav-freshclam" }, { "binary_version": "0.103.12+dfsg-0ubuntu0.16.04.1+esm1", "binary_name": "clamav-milter" }, { "binary_version": "0.103.12+dfsg-0ubuntu0.16.04.1+esm1", "binary_name": "clamav-testfiles" }, { "binary_version": "0.103.12+dfsg-0ubuntu0.16.04.1+esm1", "binary_name": "clamdscan" }, { "binary_version": "0.103.12+dfsg-0ubuntu0.16.04.1+esm1", "binary_name": "libclamav-dev" }, { "binary_version": "0.103.12+dfsg-0ubuntu0.16.04.1+esm1", "binary_name": "libclamav9" } ], "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro" }
{ "binaries": [ { "binary_version": "0.103.12+dfsg-0ubuntu0.18.04.1+esm1", "binary_name": "clamav" }, { "binary_version": "0.103.12+dfsg-0ubuntu0.18.04.1+esm1", "binary_name": "clamav-base" }, { "binary_version": "0.103.12+dfsg-0ubuntu0.18.04.1+esm1", "binary_name": "clamav-daemon" }, { "binary_version": "0.103.12+dfsg-0ubuntu0.18.04.1+esm1", "binary_name": "clamav-docs" }, { "binary_version": "0.103.12+dfsg-0ubuntu0.18.04.1+esm1", "binary_name": "clamav-freshclam" }, { "binary_version": "0.103.12+dfsg-0ubuntu0.18.04.1+esm1", "binary_name": "clamav-milter" }, { "binary_version": "0.103.12+dfsg-0ubuntu0.18.04.1+esm1", "binary_name": "clamav-testfiles" }, { "binary_version": "0.103.12+dfsg-0ubuntu0.18.04.1+esm1", "binary_name": "clamdscan" }, { "binary_version": "0.103.12+dfsg-0ubuntu0.18.04.1+esm1", "binary_name": "libclamav-dev" }, { "binary_version": "0.103.12+dfsg-0ubuntu0.18.04.1+esm1", "binary_name": "libclamav9" } ], "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro" }