14 DAY TRIAL // Canonical published details about a single ClamAV vulnerability, in a security notice, for its Ubuntu 14.10, Ubuntu 14.04 LTS, and Ubuntu 12.04 LTS operating systems, that has been found and fixed.
According to Canonical, it was possible to made ClamAV crash or run programs, if it processed a specially crafted file. This issue is not a major one, but a fix has been released nonetheless. Users have been advised to upgrade their systems as soon as possible.
"Sebastian Andrzej Siewior discovered that ClamAV incorrectly handled certain upack packer files. An attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service, or possibly execute arbitrary code," is noted in the security notice.
For a more detailed description of the security problems, you can visit Canonical's security notification.
The security flaws can be fixed if you upgrade your system(s) to the latest clamav, package, specific to each distribution. To apply the update, run the Update Manager application.
In general, a standard system update will make all the necessary changes. The developer also explained that this patch contains a fix from upstream. A reboot of the system is not required to finish the process, but if the application is already running, it's recommended to restart it.