ClickCease ClamAV Vulnerabilities Fixed in Ubuntu 16.04 and Ubuntu 18.04

Join Our Popular Newsletter

Join 4,500+ Linux & Open Source Professionals!

2x a month. No spam.

ClamAV Vulnerabilities Fixed in Ubuntu 16.04 and Ubuntu 18.04

by Rohan Timalsina

October 7, 2024 - TuxCare expert team

Two security vulnerabilities were discovered in ClamAV, a widely used antivirus software for Linux systems. These issues could allow attackers to compromise the security of your system and potentially gain unauthorized access to sensitive data. In this article, we explore the details of these vulnerabilities and provides guidance on how to secure your Ubuntu 16.04 and Ubuntu 18.04 systems.

 

ClamAV Vulnerabilities Overview

 

CVE-2024-20505

A critical flaw in the PDF parsing module of ClamAV was discovered. This issue exists in ClamAV versions 1.4.0, 1.3.2, and all earlier versions, including 1.2.x, 1.0.6, 0.105.x, 0.104.x, and 0.103.11. The vulnerability allows remote attackers to crash ClamAV by sending a specially crafted PDF file for scanning. The crash results from an out-of-bounds read in the PDF module, which leads to a denial of service (DoS) condition.

 

CVE-2024-20506

The second vulnerability involved the mishandling of logfile privileges in the ClamD service modules of ClamAV. This issue, affecting the same versions as CVE-2024-20505, enables local attackers to corrupt critical system files by exploiting improper logfile handling. The flaw allows an attacker to replace the ClamD log file with a symbolic link (symlink) pointing to a system-critical file. Upon restart, ClamD appends log messages to the targeted file, potentially corrupting vital system functions. This vulnerability could allow a local attacker to overwrite arbitrary files, potentially leading to privilege escalation.

 

Protecting Your System

 

To protect your system from these vulnerabilities, it’s essential to apply the latest security updates from your Linux distribution. Many distributions, including Ubuntu, have released updates that address these issues.

For Ubuntu users, Canonical has issued necessary fixes for Ubuntu 24.04 LTS, Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, Ubuntu 18.04 ESM, and Ubuntu 18.04 ESM. However, it’s important to note that Ubuntu 16.04 and 18.04 have reached their end-of-life, and security support is only available through Ubuntu Pro or alternative solutions.

TuxCare’s Extended Lifecycle Support (ELS) offers an affordable option for those still using Ubuntu 16.04 or Ubuntu 18.04. ELS provides five additional years of automated vulnerability patches, ensuring that your system remains secure even after the official end-of-life. TuxCare’s ELS patches over 140 packages, including critical ones like the Linux kernel, Apache, OpenSSL, and Python.

Extended Lifecycle Support is also available for CentOS 6, CentOS 7, CentOS 8, CentOS Stream 8, Oracle Linux 6, and Oracle Linux 7.

By staying up-to-date with security patches and considering options like TuxCare’s ELS, you can help protect your system from the vulnerabilities that threaten ClamAV.

 

Source: USN-7011-2

Summary
ClamAV Vulnerabilities Fixed in Ubuntu 16.04 and Ubuntu 18.04
Article Name
ClamAV Vulnerabilities Fixed in Ubuntu 16.04 and Ubuntu 18.04
Description
Explore the latest ClamAV vulnerabilities and how Ubuntu 16.04 and 18.04 users can secure their systems with extended lifecycle support.
Author
Publisher Name
TuxCare
Publisher Logo

Looking to automate vulnerability patching without kernel reboots, system downtime, or scheduled maintenance windows?

Become a TuxCare Guest Writer

Mail

Help Us Understand
the Linux Landscape!

Complete our survey on the state of Open Source and you could win one of several prizes, with the top prize valued at $500!

Your expertise is needed to shape the future of Enterprise Linux!