Detections
Analytics
Fedora 38 : clamav (2024-92b8ac25a5)
high Nessus Plugin ID 194985
Language:
Synopsis
The remote Fedora host is missing one or more security updates.Description
The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-92b8ac25a5 advisory.- ClamAV 1.0.6 is a critical patch release with the following fixes: * Updated select Rust dependencies to the latest versions. This resolved Cargo audit complaints and included PNG parser bug fixes. * GitHub pull request<https://github.com/Cisco-Talos/clamav/pull/1225> * Fixed a bug causing some text to be truncated when converting from UTF-16. * GitHub pull request<https://github.com/Cisco- Talos/clamav/pull/1232> * Fixed assorted complaints identified by Coverity static analysis. * GitHub pull request<https://github.com/Cisco-Talos/clamav/pull/1237> * Fixed a bug causing CVDs downloaded by the DatabaseCustomURL Freshclam config option to be pruned and then re-downloaded with every update. * GitHub pull request<https://github.com/Cisco-Talos/clamav/pull/1240> * Added the new 'valhalla' database name to the list of optional databases in preparation for future work. * GitHub pull request<https://github.com/Cisco-Talos/clamav/pull/1240> * Silenced a warning Unexpected early end-of-file that occured when scanning some PNG files. * GitHub pull request<https://github.com/Cisco-Talos/clamav/pull/1216> (FEDORA-2024-92b8ac25a5)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Update the affected clamav package.See Also
https://bodhi.fedoraproject.org/updates/FEDORA-2024-92b8ac25a5
Plugin Details
Severity: High
ID: 194985
File Name: fedora_2024-92b8ac25a5.nasl
Version: 1.0
Type: local
Agent: unix
Family: Fedora Local Security Checks
Published: 5/5/2024
Updated: 5/5/2024
Supported Sensors: Agentless Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus
Vulnerability Information
CPE: cpe:/o:fedoraproject:fedora:38, p-cpe:/a:fedoraproject:fedora:clamav
Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list
Exploit Ease: No known exploits are available
Patch Publication Date: 4/26/2024
Vulnerability Publication Date: 4/26/2024
Reference Information
FEDORA: 2024-92b8ac25a5