Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 573
Alerts This Week
Warning Icon 1 573

openSUSE ClamAV Important Buffer Overflow and DoS Issues 2026-21252-1

opensuse
Calendar Grey July 8, 2026
Dist Opensuse Esm H88
Severity update for clamav in openSUSE fixes 8 security issues including buffer overflow and DoS vulnerabilities. Install recommended patches.
An update that solves 8 vulnerabilities and has 8 bug fixes can now be installed.

Description

This update for clamav fixes the following issues:

Update to version 1.5.3.

Security issues fixed:

- CVE-2026-20213: out-of-bounds write due to improper boundary checks for content in PE files during scanning

(bsc#1270107).

- CVE-2026-20214: out-of-bounds write due to improper boundary checks for content in FSG files during scanning

(bsc#1270085).

- CVE-2026-20215: out-of-bounds write due to improper boundary checks for content in 7z files during scanning

(bsc#1270088).

- CVE-2026-20216: denial of service due to improper handling of temporary resources during InstallShield file scanning

(bsc#1270089).

- CVE-2026-20217: out-of-bounds write due to improper boundary checks for content in PESpin files during scanning

(bsc#1270091).

- CVE-2026-20243: out-of-bounds write due to improper boundary checks for content in ALZ files during scanning

(bsc#1270092).

- CVE-2026-20244: integer overflow and DoS due to improper boundary checks for content in DMG files during scanning

...

Read the Full Advisory

Patch

Package List

- openSUSE Leap 16.0:

clamav-1.5.3-160000.1.1

clamav-devel-1.5.3-160000.1.1

clamav-docs-html-1.5.3-160000.1.1

clamav-milter-1.5.3-160000.1.1

libclamav12-1.5.3-160000.1.1

libclammspack0-1.5.3-160000.1.1

libfreshclam4-1.5.3-160000.1.1

References

* bsc#1270085

* bsc#1270088

* bsc#1270089

* bsc#1270091

* bsc#1270092

* bsc#1270106

* bsc#1270107

* bsc#1270138

References:

* https://www.suse.com/security/cve/CVE-2026-20213.html

* https://www.suse.com/security/cve/CVE-2026-20214.html

* https://www.suse.com/security/cve/CVE-2026-20215.html

* https://www.suse.com/security/cve/CVE-2026-20216.html

* https://www.suse.com/security/cve/CVE-2026-20217.html

* https://www.suse.com/security/cve/CVE-2026-20243.html

* https://www.suse.com/security/cve/CVE-2026-20244.html

* https://www.suse.com/security/cve/CVE-2026-41676.html

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2026:21252-1
Rating: important
Affected Products: openSUSE Leap 16.0 -------------------------------------------------------------

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.