{"id":"CLSA-2025-1756923561","summary":"clamav: Fix of 8 CVEs","details":"- Update to 1.0.9 LTS version\n- CVE-2025-20260: Fixed a possible buffer overflow write bug in\n  the PDF file parser\n- CVE-2025-20128: Fixed a possible buffer overflow read bug in\n  the OLE2 file parser\n- CVE-2024-20506: Changed the logging module to disable following\n  symlinks on Linux and Unix systems so as to prevent an attacker\n  with existing access to the 'clamd' or 'freshclam' services from\n  using a symlink to corrupt system files\n- CVE-2024-20290: Fixed a possible heap overflow read bug in\n  the OLE2 file parser\n- CVE-2024-20328: Fixed a possible command injection in the\n  'VirusEvent' feature of the clamd service\n- CVE-2023-20197: Fixed a possible denial of service in the\n  HFS+ parser\n- CVE-2023-20212: Fixed a possible DoS in the AutoIT file\n  parser\n- CVE-2023-20052: Fixed a possible remote information leak\n  in the DMG file parser","modified":"2026-05-27T11:35:17.371786705Z","published":"2025-09-03T18:19:25Z","upstream":["CVE-2023-20052","CVE-2023-20197","CVE-2023-20212","CVE-2024-20290","CVE-2024-20328","CVE-2024-20506","CVE-2025-20128","CVE-2025-20260"],"references":[{"type":"ADVISORY","url":"https://errata.tuxcare.com/els_os/centos6els/CLSA-2025-1756923561.html"}],"affected":[{"package":{"name":"clamav","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/clamav?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.0.9-1.el6.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2025-1756923561.json"}},{"package":{"name":"clamav-data","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/clamav-data?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.0.9-1.el6.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2025-1756923561.json"}},{"package":{"name":"clamav-devel","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/clamav-devel?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.0.9-1.el6.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2025-1756923561.json"}},{"package":{"name":"clamav-doc","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/clamav-doc?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.0.9-1.el6.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2025-1756923561.json"}},{"package":{"name":"clamav-filesystem","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/clamav-filesystem?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.0.9-1.el6.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2025-1756923561.json"}},{"package":{"name":"clamav-freshclam","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/clamav-freshclam?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.0.9-1.el6.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2025-1756923561.json"}},{"package":{"name":"clamav-lib","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/clamav-lib?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.0.9-1.el6.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2025-1756923561.json"}},{"package":{"name":"clamav-milter","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/clamav-milter?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.0.9-1.el6.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2025-1756923561.json"}},{"package":{"name":"clamd","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/clamd?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.0.9-1.el6.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2025-1756923561.json"}}],"schema_version":"1.7.5"}