Ubuntu

Clam AV reports possible threat in Ubuntu installer

Asked by cmhdev on 2021-03-15

I created a bootable USB of 20.04LTS and ran a scan over it with Clam AV which reported a possible threat in the i386/Packages.gz file for which it stated it was a Windows Exploit - CVE-2012-1461.

Is this a false positive?

Question information

Language:: English Edit question

Status:: Answered

For:: Ubuntu Edit question

Assignee:: No assignee Edit question

Last query:: 2021-03-15

Last reply:: 2021-03-15

Link existing bug

Revision history for this message

Bernard Stafford (bernard010) said on 2021-03-15:

Evasion attacks expoliting file-parsing vulnerabilities in antivirus products only.
https://cve.circl.lu/cve/CVE-2012-1461

Revision history for this message

Manfred Hampl (m-hampl) said on 2021-03-15:

According to https://www.securityfocus.com/archive/1/522005 and https://ubuntu.com/security/CVE-2012-1461 this seems to be a bug in clamav (version 0.96.4) and not in Ubuntu.

Can you help with this problem?

Provide an answer of your own, or ask cmhdev for more information if necessary.

To post a message you must log in.

Ask a question

Edit question

Ubuntu

Clam AV reports possible threat in Ubuntu installer

Question information

Related bugs

Related FAQ:

Can you help with this problem?

Subscribers