Alerts This Week
Warning Icon 1 1,153
Alerts This Week
Warning Icon 1 1,153

Ubuntu 22.10 ClamAV Vulnerability Fix UBUNTU-SU-2022-18743-4

suse
Calendar Grey April 28, 2026
Dist Suse Esm H88
Important SUSE update fixes a moderate issue in ClamAV, addressing a denial of service risk due to improper error handling.
An update that solves one vulnerability, contains one feature and has two fixes can now be installed.

Summary

## This update for clamav fixes the following issues: Update to clamav 1.5.2: Security issue: * CVE-2026-20031: improper error handling in the HTML CSS module when splitting UTF-8 strings can lead to denial of service conditions via a crafted HTML file (bsc#1259207). Non security issue: * Support transactional updates (jsc#PED-14819). Changelog: * Fixed a possible infinite loop when scanning some JPEG files by upgrading affected ClamAV dependency, a Rust image library. * The CVD verification process will now ignore certificate files in the CVD certs directory when the user lacks read permissions. * Freshclam: Fix CLD verification bug with PrivateMirror option. * Upgraded the Rust bytes dependency to a newer version to resolve RUSTSEC-2026-0007 advisory.

References

* bsc#1221954

* bsc#1258072

* bsc#1259207

* jsc#PED-14819

Cross-

* CVE-2026-20031

CVSS scores:

* CVE-2026-20031 ( SUSE ): 6.9

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

* CVE-2026-20031 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

* CVE-2026-20031 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Affected Products:

* SUSE Linux Enterprise Server 16.0

* SUSE Linux Enterprise Server for SAP applications 16.0

An update that solves one vulnerability, contains one feature and has two fixes

can now be installed.

##

* https://www.suse.com/security/cve/CVE-2026-20031.html

* https://bugzilla.suse.com/show_bug.cgi?id=1221954

* https://bugzilla.suse.com/show_bug.cgi?id=1258072

* https://bugzilla.suse.com/show_bug.cgi?id=1259207

Announcement ID: SUSE-SU-2026:21358-1
Release Date: 2026-04-20T14:56:29Z
Rating: moderate

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here