openSUSE Local Security Checks : openSUSE Security Advisory (SUSE-SU-2025:0327-1)

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.857025

Category: openSUSE Local Security Checks

Title: openSUSE Security Advisory (SUSE-SU-2025:0327-1)

Summary: The remote host is missing an update for the 'clamav' package(s) announced via the SUSE-SU-2025:0327-1 advisory.

Description: Summary:
The remote host is missing an update for the 'clamav' package(s) announced via the SUSE-SU-2025:0327-1 advisory.

Vulnerability Insight:
This update for clamav fixes the following issues:

New version 1.4.2:

* CVE-2025-20128, bsc#1236307: Fixed a possible buffer overflow
read bug in the OLE2 file parser that could cause a
denial-of-service (DoS) condition.

- Start clamonacc with --fdpass to avoid errors due to
clamd not being able to access user files. (bsc#1232242)

- New version 1.4.1:

* [link moved to references]

- New version 1.4.0:

* Added support for extracting ALZ archives.
* Added support for extracting LHA/LZH archives.
* Added the ability to disable image fuzzy hashing, if needed.
For context, image fuzzy hashing is a detection mechanism
useful for identifying malware by matching images included with
the malware or phishing email/document.
* [link moved to references]

- New version 1.3.2:

* CVE-2024-20506: Changed the logging module to disable following
symlinks on Linux and Unix systems so as to prevent an attacker
with existing access to the 'clamd' or 'freshclam' services from
using a symlink to corrupt system files.
* CVE-2024-20505: Fixed a possible out-of-bounds read bug in the PDF
file parser that could cause a denial-of-service condition.
* Removed unused Python modules from freshclam tests including
deprecated 'cgi' module that is expected to cause test failures in
Python 3.13.
* Fix unit test caused by expiring signing certificate.
* Fixed a build issue on Windows with newer versions of Rust. Also
upgraded GitHub Actions imports to fix CI failures.
* Fixed an unaligned pointer dereference issue on select architectures.
* Fixes to Jenkins CI pipeline.

- New Version: 1.3.1:

* CVE-2024-20380: Fixed a possible crash in the HTML file parser
that could cause a denial-of-service (DoS) condition.
* Updated select Rust dependencies to the latest versions.
* Fixed a bug causing some text to be truncated when converting
from UTF-16.
* Fixed assorted complaints identified by Coverity static
analysis.
* Fixed a bug causing CVDs downloaded by the DatabaseCustomURL
* Added the new 'valhalla' database name to the list of optional
databases in preparation for future work.

- New version: 1.3.0:

* Added support for extracting and scanning attachments found in
Microsoft OneNote section files. OneNote parsing will be
enabled by default, but may be optionally disabled.
* Added file type recognition for compiled Python ('.pyc') files.
* Improved support for decrypting PDFs with empty passwords.
* Fixed a warning when scanning some HTML files.
* ClamOnAcc: Fixed an infinite loop when a watched directory
does not exist.
* ClamOnAcc: Fixed an infinite loop when a file has been deleted
before a scan.

- New version: 1.2.0:

* Added support for extracting Universal Disk Format (UDF)
partitions.
* Added an option to customize the size of ClamAV's clean file
cache.
* Raised the MaxScanSize limit so the total amount of data
scanned when scanning a file ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'clamav' package(s) on openSUSE Leap 15.6.

Solution:
Please install the updated package(s).

CVSS Score:
4.3

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2018-14679
Debian Security Information: DSA-4260 (Google Search)
https://www.debian.org/security/2018/dsa-4260
https://security.gentoo.org/glsa/201903-20
http://www.openwall.com/lists/oss-security/2018/07/26/1
https://bugs.debian.org/904802
https://github.com/kyz/libmspack/commit/72e70a921f0f07fee748aec2274b30784e1d312a
https://lists.debian.org/debian-lts-announce/2018/08/msg00007.html
RedHat Security Advisories: RHSA-2018:3327
https://access.redhat.com/errata/RHSA-2018:3327
RedHat Security Advisories: RHSA-2018:3505
https://access.redhat.com/errata/RHSA-2018:3505
http://www.securitytracker.com/id/1041410
https://usn.ubuntu.com/3728-1/
https://usn.ubuntu.com/3728-2/
https://usn.ubuntu.com/3728-3/
https://usn.ubuntu.com/3789-2/
Common Vulnerability Exposure (CVE) ID: CVE-2023-20197
cisco-sa-clamav-rNwNEEee
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-rNwNEEee
Common Vulnerability Exposure (CVE) ID: CVE-2024-20380
https://blog.clamav.net/2024/04/clamav-131-123-106-patch-versions.html
Common Vulnerability Exposure (CVE) ID: CVE-2024-20505
Common Vulnerability Exposure (CVE) ID: CVE-2024-20506
Common Vulnerability Exposure (CVE) ID: CVE-2025-20128

Copyright Copyright (C) 2025 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.857025
Category:	openSUSE Local Security Checks
Title:	openSUSE Security Advisory (SUSE-SU-2025:0327-1)
Summary:	The remote host is missing an update for the 'clamav' package(s) announced via the SUSE-SU-2025:0327-1 advisory.
Description:	Summary: The remote host is missing an update for the 'clamav' package(s) announced via the SUSE-SU-2025:0327-1 advisory. Vulnerability Insight: This update for clamav fixes the following issues: New version 1.4.2: * CVE-2025-20128, bsc#1236307: Fixed a possible buffer overflow read bug in the OLE2 file parser that could cause a denial-of-service (DoS) condition. - Start clamonacc with --fdpass to avoid errors due to clamd not being able to access user files. (bsc#1232242) - New version 1.4.1: * [link moved to references] - New version 1.4.0: * Added support for extracting ALZ archives. * Added support for extracting LHA/LZH archives. * Added the ability to disable image fuzzy hashing, if needed. For context, image fuzzy hashing is a detection mechanism useful for identifying malware by matching images included with the malware or phishing email/document. * [link moved to references] - New version 1.3.2: * CVE-2024-20506: Changed the logging module to disable following symlinks on Linux and Unix systems so as to prevent an attacker with existing access to the 'clamd' or 'freshclam' services from using a symlink to corrupt system files. * CVE-2024-20505: Fixed a possible out-of-bounds read bug in the PDF file parser that could cause a denial-of-service condition. * Removed unused Python modules from freshclam tests including deprecated 'cgi' module that is expected to cause test failures in Python 3.13. * Fix unit test caused by expiring signing certificate. * Fixed a build issue on Windows with newer versions of Rust. Also upgraded GitHub Actions imports to fix CI failures. * Fixed an unaligned pointer dereference issue on select architectures. * Fixes to Jenkins CI pipeline. - New Version: 1.3.1: * CVE-2024-20380: Fixed a possible crash in the HTML file parser that could cause a denial-of-service (DoS) condition. * Updated select Rust dependencies to the latest versions. * Fixed a bug causing some text to be truncated when converting from UTF-16. * Fixed assorted complaints identified by Coverity static analysis. * Fixed a bug causing CVDs downloaded by the DatabaseCustomURL * Added the new 'valhalla' database name to the list of optional databases in preparation for future work. - New version: 1.3.0: * Added support for extracting and scanning attachments found in Microsoft OneNote section files. OneNote parsing will be enabled by default, but may be optionally disabled. * Added file type recognition for compiled Python ('.pyc') files. * Improved support for decrypting PDFs with empty passwords. * Fixed a warning when scanning some HTML files. * ClamOnAcc: Fixed an infinite loop when a watched directory does not exist. * ClamOnAcc: Fixed an infinite loop when a file has been deleted before a scan. - New version: 1.2.0: * Added support for extracting Universal Disk Format (UDF) partitions. * Added an option to customize the size of ClamAV's clean file cache. * Raised the MaxScanSize limit so the total amount of data scanned when scanning a file ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'clamav' package(s) on openSUSE Leap 15.6. Solution: Please install the updated package(s). CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2018-14679 Debian Security Information: DSA-4260 (Google Search) https://www.debian.org/security/2018/dsa-4260 https://security.gentoo.org/glsa/201903-20 http://www.openwall.com/lists/oss-security/2018/07/26/1 https://bugs.debian.org/904802 https://github.com/kyz/libmspack/commit/72e70a921f0f07fee748aec2274b30784e1d312a https://lists.debian.org/debian-lts-announce/2018/08/msg00007.html RedHat Security Advisories: RHSA-2018:3327 https://access.redhat.com/errata/RHSA-2018:3327 RedHat Security Advisories: RHSA-2018:3505 https://access.redhat.com/errata/RHSA-2018:3505 http://www.securitytracker.com/id/1041410 https://usn.ubuntu.com/3728-1/ https://usn.ubuntu.com/3728-2/ https://usn.ubuntu.com/3728-3/ https://usn.ubuntu.com/3789-2/ Common Vulnerability Exposure (CVE) ID: CVE-2023-20197 cisco-sa-clamav-rNwNEEee https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-rNwNEEee Common Vulnerability Exposure (CVE) ID: CVE-2024-20380 https://blog.clamav.net/2024/04/clamav-131-123-106-patch-versions.html Common Vulnerability Exposure (CVE) ID: CVE-2024-20505 Common Vulnerability Exposure (CVE) ID: CVE-2024-20506 Common Vulnerability Exposure (CVE) ID: CVE-2025-20128
Copyright	Copyright (C) 2025 Greenbone AG