ClamAV, a widely used open-source antivirus software, has released security patch updates to address a critical buffer overflow vulnerability (CVE-2025-20128).
The vulnerability, identified in the OLE2 file parser, posed a potential risk of denial-of-service (DoS) attacks. Users are urged to update immediately to the newly-released ClamAV versions 1.4.2 and 1.0.8 to safeguard their systems.
Details of the Vulnerability
The critical vulnerability, reported by OSS-Fuzz, was discovered in the OLE2 file parser of ClamAV. It could result in a buffer overflow read, enabling attackers to crash the application and potentially disrupt services.
Introduced in version 1.0.0, this issue affects all currently supported versions of ClamAV, necessitating an urgent update.
Investigate Real-World Malicious Links & Phishing Attacks With Threat Intelligence Lookup - Try for Free
What’s New in the Security Patches?
ClamAV 1.4.2
The 1.4.2 patch addresses the CVE-2025-20128 vulnerability, effectively removing the buffer overflow risk in the OLE2 file parser.
This update is critical for ensuring continued stability and functionality of the antivirus software.
ClamAV 1.0.8
ClamAV also released version 1.0.8, a patch specifically for older systems. Alongside the fix for CVE-2025-20128, it resolves a long-standing issue in the ClamOnAcc feature, which previously caused an infinite loop when monitoring non-existent directories.
This improvement is a backport from ClamAV 1.3.0.
How to Update
Both ClamAV 1.4.2 and 1.0.8 are available for download on the official ClamAV downloads page and the GitHub Release page.
Docker Hub images will also be updated, though availability may be slightly delayed. Users are strongly encouraged to download and deploy the updates immediately to mitigate the risks posed by this vulnerability.
System administrators managing ClamAV deployments via Docker should monitor Docker Hub for the latest images.
ClamAV extends its gratitude to OSS-Fuzz for identifying the vulnerability and for its contributions to enhancing the security of open-source projects.
With the growing threat landscape, keeping software up to date is critical. ClamAV continues to demonstrate its commitment to protecting users by addressing vulnerabilities promptly.
Update to the latest versions of ClamAV now and ensure your systems are secure!
Integrating Application Security into Your CI/CD Workflows Using Jenkins & Jira -> Free Webinar