ClamAV vulnerability on Ubuntu gets fixed
A ClamAV vulnerability was detected in Ubuntu 14.10, Ubuntu 14.04 LTS and Ubuntu 12.04 LTS operating systems, and it has been fixed now. Details about the vulnerability have been shared by Canonical in a security notice.
Canonical has confirmed that the ClamAV vulnerability had the capability to crash or run a program, if it got processed with a specially crafted file. Though this is not a major issue, developers still went ahead and fixed it anyhow. Following the patch, users are now advised to upgrade their systems as soon as possible.
As published on the security notice, “Sebastian Andrzej Siewior discovered that ClamAV incorrectly handled certain upack packer files. An attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service, or possibly execute arbitrary code.” If you are interested to know more about the security issue you can refer to the security notification by Canonical.
As soon as the systems are upgraded, all the security loopholes will be fixed and the system will get the latest ClamAV package, specifically designed for each distribution. Run the Update Manager application in order to apply the update. A system update usually makes all the necessary changes. Canonical has also explained that rebooting the system is not required to finish this updating process but if the application is already running, then it’s recommended that you restart it.