CVE-2025-20260

A vulnerability in the PDF scanning processes of ClamAV could allow an unauthenticated, remote attacker to cause a buffer overflow condition, cause a denial of service (DoS) condition, or execute arbitrary code on an affected device.

This vulnerability exists because memory buffers are allocated incorrectly when PDF files are processed. An attacker could exploit this vulnerability by submitting a crafted PDF file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to trigger a buffer overflow, likely resulting in the termination of the ClamAV scanning process and a DoS condition on the affected software. Although unproven, there is also a possibility that an attacker could leverage the buffer overflow to execute arbitrary code with the privileges of the ClamAV process.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
ciscoCNA
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA-ADPADP
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 36%
Debian logo
Debian Releases
Debian Product
Codename
clamav
bullseye
postponed
bookworm
no-dsa
bullseye (security)
vulnerable
sid
1.4.3+dfsg-1
fixed
trixie
1.4.3+dfsg-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
clamav
plucky
Fixed 1.4.3+dfsg-0ubuntu0.25.04.1
released
oracular
Fixed 1.4.3+dfsg-0ubuntu0.24.10.1
released
noble
Fixed 1.4.3+dfsg-0ubuntu0.24.04.1
released
jammy
Fixed 1.4.3+dfsg-0ubuntu0.22.04.1
released
focal
Fixed 1.4.3+dfsg-0ubuntu0.20.04.1+esm1
released
bionic
needs-triage
xenial
needs-triage
trusty
needs-triage
Common Weakness Enumeration
References
https://blog.clamav.net/2025/06/clamav-143-and-109-security-patch.html