diff --git a/.github/workflows/scan-build.yml b/.github/workflows/scan-build.yml
index ef9c10bf1d..ef675297f5 100644
--- a/.github/workflows/scan-build.yml
+++ b/.github/workflows/scan-build.yml
@@ -12,7 +12,7 @@ jobs:
   scan-build:
     name: Scan-build
     runs-on: ubuntu-latest
-    container: ubuntu:23.04
+    container: ubuntu:24.04
     steps:
       - name: Cache scan-build
         uses: actions/cache@v3.3.1
@@ -30,8 +30,8 @@ jobs:
                 automake \
                 cargo \
                 cbindgen \
-                clang-16 \
-                clang-tools-16 \
+                clang-18 \
+                clang-tools-18 \
                 dpdk-dev \
                 git \
                 libtool \
@@ -56,7 +56,7 @@ jobs:
                 libevent-pthreads-2.1-7 \
                 libjansson-dev \
                 liblz4-dev \
-                llvm-16-dev \
+                llvm-18-dev \
                 make \
                 python3-yaml \
                 rustc \
@@ -66,14 +66,14 @@ jobs:
       - uses: actions/checkout@v3.5.3
       - run: ./scripts/bundle.sh
       - run: ./autogen.sh
-      - run: scan-build-16 ./configure --enable-dpdk --enable-nfqueue --enable-nflog
+      - run: scan-build-18 ./configure --enable-dpdk --enable-nfqueue --enable-nflog
         env:
-          CC: clang-16
+          CC: clang-18
       # exclude libhtp from the analysis
       # disable security.insecureAPI.DeprecatedOrUnsafeBufferHandling explicitly as
       # this will require significant effort to address.
       - run: |
-          scan-build-16 --status-bugs --exclude libhtp/ \
+          scan-build-18 --status-bugs --exclude libhtp/ \
                 -enable-checker valist.Uninitialized \
                 -enable-checker valist.CopyToSelf \
                 -enable-checker valist.Unterminated \
@@ -95,4 +95,4 @@ jobs:
                 \
                 make
         env:
-          CC: clang-16
+          CC: clang-18