Read Time:27 Second
USN-7011-1 fixed several vulnerabilities in ClamAV. This update provides
the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.
Original advisory details:
It was discovered that ClamAV incorrectly handled certain PDF files. A
remote attacker could possibly use this issue to cause ClamAV to crash,
resulting in a denial of service. (CVE-2024-20505)
It was discovered that ClamAV incorrectly handled logfile privileges. A
local attacker could use this issue to cause ClamAV to overwrite arbitrary
files, possibly leading to privilege escalation. (CVE-2024-20506)