SUSE-SU-2025:0325-1

See a problem?
Please try reporting it to the source first.
Source
https://www.suse.com/support/update/announcement/2025/suse-su-20250325-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2025:0325-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2025:0325-1
Related
Published
2025-02-03T09:39:04Z
Modified
2025-05-02T04:29:53.228930Z
Upstream
  • CVE-2024-20380
Summary
Security update for clamav
Details

This update for clamav fixes the following issues:

New version 1.4.2:

  • CVE-2025-20128, bsc#1236307: Fixed a possible buffer overflow read bug in the OLE2 file parser that could cause a denial-of-service (DoS) condition.

    • Start clamonacc with --fdpass to avoid errors due to clamd not being able to access user files. (bsc#1232242)

    • New version 1.4.1:

  • https://blog.clamav.net/2024/09/clamav-141-132-107-and-010312-security.html

    • New version 1.4.0:

  • Added support for extracting ALZ archives.

  • Added support for extracting LHA/LZH archives.
  • Added the ability to disable image fuzzy hashing, if needed. For context, image fuzzy hashing is a detection mechanism useful for identifying malware by matching images included with the malware or phishing email/document.

  • https://blog.clamav.net/2024/08/clamav-140-feature-release-and-clamav.html

    • New version 1.3.2:

  • CVE-2024-20506: Changed the logging module to disable following symlinks on Linux and Unix systems so as to prevent an attacker with existing access to the 'clamd' or 'freshclam' services from using a symlink to corrupt system files.

  • CVE-2024-20505: Fixed a possible out-of-bounds read bug in the PDF file parser that could cause a denial-of-service condition.
  • Removed unused Python modules from freshclam tests including deprecated 'cgi' module that is expected to cause test failures in Python 3.13.
  • Fix unit test caused by expiring signing certificate.
  • Fixed a build issue on Windows with newer versions of Rust. Also upgraded GitHub Actions imports to fix CI failures.
  • Fixed an unaligned pointer dereference issue on select architectures.

  • Fixes to Jenkins CI pipeline.

    • New Version: 1.3.1:

  • CVE-2024-20380: Fixed a possible crash in the HTML file parser that could cause a denial-of-service (DoS) condition.

  • Updated select Rust dependencies to the latest versions.
  • Fixed a bug causing some text to be truncated when converting from UTF-16.
  • Fixed assorted complaints identified by Coverity static analysis.
  • Fixed a bug causing CVDs downloaded by the DatabaseCustomURL

  • Added the new 'valhalla' database name to the list of optional databases in preparation for future work.

    • New version: 1.3.0:

  • Added support for extracting and scanning attachments found in Microsoft OneNote section files. OneNote parsing will be enabled by default, but may be optionally disabled.

  • Added file type recognition for compiled Python ('.pyc') files.
  • Improved support for decrypting PDFs with empty passwords.
  • Fixed a warning when scanning some HTML files.
  • ClamOnAcc: Fixed an infinite loop when a watched directory does not exist.

  • ClamOnAcc: Fixed an infinite loop when a file has been deleted before a scan.

    • New version: 1.2.0:

  • Added support for extracting Universal Disk Format (UDF) partitions.

  • Added an option to customize the size of ClamAV's clean file cache.
  • Raised the MaxScanSize limit so the total amount of data scanned when scanning a file or archive may exceed 4 gigabytes.
  • Added ability for Freshclam to use a client certificate PEM file and a private key PEM file for authentication to a private mirror.
  • Fix an issue extracting files from ISO9660 partitions where the files are listed in the plain ISO tree and there also exists an empty Joliet tree.
  • PID and socket are now located under /run/clamav/clamd.pid and /run/clamav/clamd.sock .

  • bsc#1211594: Fixed an issue where ClamAV does not abort the signature load process after partially loading an invalid signature.

    • New version 1.1.0:

  • https://blog.clamav.net/2023/05/clamav-110-released.html

  • Added the ability to extract images embedded in HTML CSS <style> blocks.
  • Updated to Sigtool so that the '--vba' option will extract VBA code from Microsoft Office documents the same way that libclamav extracts VBA.
  • Added a new option --fail-if-cvd-older-than=days to clamscan and clamd, and FailIfCvdOlderThan to clamd.conf
  • Added a new function 'cl_cvdgetage()' to the libclamav API.
  • Added a new function 'clenginesetclcbvba()' to the libclamav API.
    • bsc#1180296: Integrate clamonacc as a service.
    • New version 1.0.1 LTS (including changes in 0.104 and 0.105):
  • As of ClamAV 0.104, CMake is required to build ClamAV.
  • As of ClamAV 0.105, Rust is now required to compile ClamAV.
  • Increased the default limits for file and scan size:
    • MaxScanSize: 100M to 400M
    • MaxFileSize: 25M to 100M
    • StreamMaxLength: 25M to 100M
    • PCREMaxFileSize: 25M to 100M
    • MaxEmbeddedPE: 10M to 40M
    • MaxHTMLNormalize: 10M to 40M
    • MaxScriptNormalize: 5M to 20M
    • MaxHTMLNoTags: 2M to 8M
  • Added image fuzzy hash subsignatures for logical signatures.
  • Support for decrypting read-only OLE2-based XLS files that are encrypted with the default password.
  • Overhauled the implementation of the all-match feature.
  • Added a new callback to the public API for inspecting file content during a scan at each layer of archive extraction.
  • Added a new function to the public API for unpacking CVD signature archives.
  • The option to build with an external TomsFastMath library has been removed. ClamAV requires non-default build options for TomsFastMath to support bigger floating point numbers.

  • For a full list of changes see the release announcements:

    • https://blog.clamav.net/2022/11/clamav-100-lts-released.html
    • https://blog.clamav.net/2022/05/clamav-01050-01043-01036-released.html

    • https://blog.clamav.net/2021/09/clamav-01040-released.html

      • Build clamd with systemd support.

      • CVE-2023-20197: Fixed a possible denial of service vulnerability in the HFS+ file parser. (bsc#1214342)

      • CVE-2018-14679: Fixed that an issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There isan off-by-one error in the CHM PMGI/PMGL chunk number validity checks, which could lead to denial of service (uninitialized da (bsc#1103032)

      • Package huge .html documentation in a separate subpackage.

      • Update to 0.103.7 (bsc#1202986)

  • Zip parser: tolerate 2-byte overlap in file entries

  • Fix bug with logical signature Intermediates feature
  • Update to UnRAR v6.1.7
  • Patch UnRAR: allow skipping files in solid archives

  • Patch UnRAR: limit dict winsize to 1GB

    • Use a split-provides for clamav-milter instead of recommending it.
    • Package clamav-milter in a subpackage
    • Remove virus signatures upon uninstall
    • Check for database existence before starting clamd
    • Restart clamd when it exits
    • Don't daemonize freshclam, but use a systemd timer instead to trigger updates
References

Affected packages

SUSE:Linux Enterprise Micro 5.5 / clamav

Package

Name
clamav
Purl
pkg:rpm/suse/clamav&distro=SUSE%20Linux%20Enterprise%20Micro%205.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.4.2-150200.8.3.1

Ecosystem specific 

{
    "binaries": [
        {
            "clamav": "1.4.2-150200.8.3.1",
            "libclammspack0": "1.4.2-150200.8.3.1",
            "libclamav12": "1.4.2-150200.8.3.1",
            "libfreshclam3": "1.4.2-150200.8.3.1"
        }
    ]
}

SUSE:Linux Enterprise High Performance Computing 15 SP3-LTSS / clamav

Package

Name
clamav
Purl
pkg:rpm/suse/clamav&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.4.2-150200.8.3.1

Ecosystem specific 

{
    "binaries": [
        {
            "clamav": "1.4.2-150200.8.3.1",
            "libclammspack0": "1.4.2-150200.8.3.1",
            "clamav-milter": "1.4.2-150200.8.3.1",
            "libclamav12": "1.4.2-150200.8.3.1",
            "libfreshclam3": "1.4.2-150200.8.3.1",
            "clamav-docs-html": "1.4.2-150200.8.3.1",
            "clamav-devel": "1.4.2-150200.8.3.1"
        }
    ]
}

SUSE:Linux Enterprise High Performance Computing 15 SP4-ESPOS / clamav

Package

Name
clamav
Purl
pkg:rpm/suse/clamav&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.4.2-150200.8.3.1

Ecosystem specific 

{
    "binaries": [
        {
            "clamav": "1.4.2-150200.8.3.1",
            "libclammspack0": "1.4.2-150200.8.3.1",
            "clamav-milter": "1.4.2-150200.8.3.1",
            "libclamav12": "1.4.2-150200.8.3.1",
            "libfreshclam3": "1.4.2-150200.8.3.1",
            "clamav-docs-html": "1.4.2-150200.8.3.1",
            "clamav-devel": "1.4.2-150200.8.3.1"
        }
    ]
}

SUSE:Linux Enterprise High Performance Computing 15 SP4-LTSS / clamav

Package

Name
clamav
Purl
pkg:rpm/suse/clamav&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.4.2-150200.8.3.1

Ecosystem specific 

{
    "binaries": [
        {
            "clamav": "1.4.2-150200.8.3.1",
            "libclammspack0": "1.4.2-150200.8.3.1",
            "clamav-milter": "1.4.2-150200.8.3.1",
            "libclamav12": "1.4.2-150200.8.3.1",
            "libfreshclam3": "1.4.2-150200.8.3.1",
            "clamav-docs-html": "1.4.2-150200.8.3.1",
            "clamav-devel": "1.4.2-150200.8.3.1"
        }
    ]
}

SUSE:Linux Enterprise High Performance Computing 15 SP5-ESPOS / clamav

Package

Name
clamav
Purl
pkg:rpm/suse/clamav&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.4.2-150200.8.3.1

Ecosystem specific 

{
    "binaries": [
        {
            "clamav": "1.4.2-150200.8.3.1",
            "libclammspack0": "1.4.2-150200.8.3.1",
            "clamav-milter": "1.4.2-150200.8.3.1",
            "libclamav12": "1.4.2-150200.8.3.1",
            "libfreshclam3": "1.4.2-150200.8.3.1",
            "clamav-docs-html": "1.4.2-150200.8.3.1",
            "clamav-devel": "1.4.2-150200.8.3.1"
        }
    ]
}

SUSE:Linux Enterprise High Performance Computing 15 SP5-LTSS / clamav

Package

Name
clamav
Purl
pkg:rpm/suse/clamav&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.4.2-150200.8.3.1

Ecosystem specific 

{
    "binaries": [
        {
            "clamav": "1.4.2-150200.8.3.1",
            "libclammspack0": "1.4.2-150200.8.3.1",
            "clamav-milter": "1.4.2-150200.8.3.1",
            "libclamav12": "1.4.2-150200.8.3.1",
            "libfreshclam3": "1.4.2-150200.8.3.1",
            "clamav-docs-html": "1.4.2-150200.8.3.1",
            "clamav-devel": "1.4.2-150200.8.3.1"
        }
    ]
}

SUSE:Linux Enterprise Server 15 SP3-LTSS / clamav

Package

Name
clamav
Purl
pkg:rpm/suse/clamav&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.4.2-150200.8.3.1

Ecosystem specific 

{
    "binaries": [
        {
            "clamav": "1.4.2-150200.8.3.1",
            "libclammspack0": "1.4.2-150200.8.3.1",
            "clamav-milter": "1.4.2-150200.8.3.1",
            "libclamav12": "1.4.2-150200.8.3.1",
            "libfreshclam3": "1.4.2-150200.8.3.1",
            "clamav-docs-html": "1.4.2-150200.8.3.1",
            "clamav-devel": "1.4.2-150200.8.3.1"
        }
    ]
}

SUSE:Linux Enterprise Server 15 SP4-LTSS / clamav

Package

Name
clamav
Purl
pkg:rpm/suse/clamav&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.4.2-150200.8.3.1

Ecosystem specific 

{
    "binaries": [
        {
            "clamav": "1.4.2-150200.8.3.1",
            "libclammspack0": "1.4.2-150200.8.3.1",
            "clamav-milter": "1.4.2-150200.8.3.1",
            "libclamav12": "1.4.2-150200.8.3.1",
            "libfreshclam3": "1.4.2-150200.8.3.1",
            "clamav-docs-html": "1.4.2-150200.8.3.1",
            "clamav-devel": "1.4.2-150200.8.3.1"
        }
    ]
}

SUSE:Linux Enterprise Server 15 SP5-LTSS / clamav

Package

Name
clamav
Purl
pkg:rpm/suse/clamav&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.4.2-150200.8.3.1

Ecosystem specific 

{
    "binaries": [
        {
            "clamav": "1.4.2-150200.8.3.1",
            "libclammspack0": "1.4.2-150200.8.3.1",
            "clamav-milter": "1.4.2-150200.8.3.1",
            "libclamav12": "1.4.2-150200.8.3.1",
            "libfreshclam3": "1.4.2-150200.8.3.1",
            "clamav-docs-html": "1.4.2-150200.8.3.1",
            "clamav-devel": "1.4.2-150200.8.3.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 15 SP3 / clamav

Package

Name
clamav
Purl
pkg:rpm/suse/clamav&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.4.2-150200.8.3.1

Ecosystem specific 

{
    "binaries": [
        {
            "clamav": "1.4.2-150200.8.3.1",
            "libclammspack0": "1.4.2-150200.8.3.1",
            "clamav-milter": "1.4.2-150200.8.3.1",
            "libclamav12": "1.4.2-150200.8.3.1",
            "libfreshclam3": "1.4.2-150200.8.3.1",
            "clamav-docs-html": "1.4.2-150200.8.3.1",
            "clamav-devel": "1.4.2-150200.8.3.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 15 SP4 / clamav

Package

Name
clamav
Purl
pkg:rpm/suse/clamav&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.4.2-150200.8.3.1

Ecosystem specific 

{
    "binaries": [
        {
            "clamav": "1.4.2-150200.8.3.1",
            "libclammspack0": "1.4.2-150200.8.3.1",
            "clamav-milter": "1.4.2-150200.8.3.1",
            "libclamav12": "1.4.2-150200.8.3.1",
            "libfreshclam3": "1.4.2-150200.8.3.1",
            "clamav-docs-html": "1.4.2-150200.8.3.1",
            "clamav-devel": "1.4.2-150200.8.3.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 15 SP5 / clamav

Package

Name
clamav
Purl
pkg:rpm/suse/clamav&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.4.2-150200.8.3.1

Ecosystem specific 

{
    "binaries": [
        {
            "clamav": "1.4.2-150200.8.3.1",
            "libclammspack0": "1.4.2-150200.8.3.1",
            "clamav-milter": "1.4.2-150200.8.3.1",
            "libclamav12": "1.4.2-150200.8.3.1",
            "libfreshclam3": "1.4.2-150200.8.3.1",
            "clamav-docs-html": "1.4.2-150200.8.3.1",
            "clamav-devel": "1.4.2-150200.8.3.1"
        }
    ]
}

SUSE:Manager Proxy 4.3 / clamav

Package

Name
clamav
Purl
pkg:rpm/suse/clamav&distro=SUSE%20Manager%20Proxy%204.3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.4.2-150200.8.3.1

Ecosystem specific 

{
    "binaries": [
        {
            "clamav": "1.4.2-150200.8.3.1",
            "libclammspack0": "1.4.2-150200.8.3.1",
            "clamav-milter": "1.4.2-150200.8.3.1",
            "libclamav12": "1.4.2-150200.8.3.1",
            "libfreshclam3": "1.4.2-150200.8.3.1",
            "clamav-docs-html": "1.4.2-150200.8.3.1",
            "clamav-devel": "1.4.2-150200.8.3.1"
        }
    ]
}

SUSE:Manager Server 4.3 / clamav

Package

Name
clamav
Purl
pkg:rpm/suse/clamav&distro=SUSE%20Manager%20Server%204.3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.4.2-150200.8.3.1

Ecosystem specific 

{
    "binaries": [
        {
            "clamav": "1.4.2-150200.8.3.1",
            "libclammspack0": "1.4.2-150200.8.3.1",
            "clamav-milter": "1.4.2-150200.8.3.1",
            "libclamav12": "1.4.2-150200.8.3.1",
            "libfreshclam3": "1.4.2-150200.8.3.1",
            "clamav-docs-html": "1.4.2-150200.8.3.1",
            "clamav-devel": "1.4.2-150200.8.3.1"
        }
    ]
}

SUSE:Enterprise Storage 7.1 / clamav

Package

Name
clamav
Purl
pkg:rpm/suse/clamav&distro=SUSE%20Enterprise%20Storage%207.1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.4.2-150200.8.3.1

Ecosystem specific 

{
    "binaries": [
        {
            "clamav": "1.4.2-150200.8.3.1",
            "libclammspack0": "1.4.2-150200.8.3.1",
            "clamav-milter": "1.4.2-150200.8.3.1",
            "libclamav12": "1.4.2-150200.8.3.1",
            "libfreshclam3": "1.4.2-150200.8.3.1",
            "clamav-docs-html": "1.4.2-150200.8.3.1",
            "clamav-devel": "1.4.2-150200.8.3.1"
        }
    ]
}