what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Ubuntu Security Notice USN-6636-1

Ubuntu Security Notice USN-6636-1
Posted Feb 15, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6636-1 - It was discovered that ClamAV incorrectly handled parsing certain OLE2 files. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. Amit Schendel discovered that the ClamAV ClamD service incorrectly handled the VirusEvent feature. An attacker able to connect to ClamD could possibly use this issue to execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2024-20290, CVE-2024-20328
SHA-256 | 4233521b1bfeb5ef13d5d7a96d44be5ec9fab356eb2b34b1c3a131adc45c3065

Ubuntu Security Notice USN-6636-1

Change Mirror Download
==========================================================================
Ubuntu Security Notice USN-6636-1
February 14, 2024

clamav vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 23.10

Summary:

Several security issues were fixed in ClamAV.

Software Description:
- clamav: Anti-virus utility for Unix

Details:

It was discovered that ClamAV incorrectly handled parsing certain OLE2
files. A remote attacker could possibly use this issue to cause ClamAV to
crash, resulting in a denial of service. (CVE-2024-20290)

Amit Schendel discovered that the ClamAV ClamD service incorrectly handled
the VirusEvent feature. An attacker able to connect to ClamD could possibly
use this issue to execute arbitrary code. (CVE-2024-20328)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 23.10:
clamav 1.0.5+dfsg-0ubuntu0.23.10.1

This update uses a new upstream release, which includes additional bug
fixes. In general, a standard system update will make all the necessary
changes.

References:
https://ubuntu.com/security/notices/USN-6636-1
CVE-2024-20290, CVE-2024-20328

Package Information:
https://launchpad.net/ubuntu/+source/clamav/1.0.5+dfsg-0ubuntu0.23.10.1

Login or Register to add favorites

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close