[clamav-users] CVE_2021_4034-9951522 false positives on node executables
Viktor Rosenfeld
24hesk at gmail.com
Mon Jun 20 22:28:23 UTC 2022
Hi,
A recent scan of my system found 8 infected files. On closer inspection, these are all nodejs binaries, either installed through Homebrew or inside another app (e.g., Docker or Adobe). Clamav reports that they are infected with CVE_2021_4034-9951522.
As far as I can tell, CVE_2021_4034 is the pkexec privilege escalation bug. However, I could not find anything relating to nodejs. Also, the fact that multiple nodejs binaries on my system are infected, which are installed from different sources, leads me to believe that this is a false positive.
I am unsure what to do next. Should I upload this as a false positive to https://www.clamav.net/reports/fp? <https://www.clamav.net/reports/fp?>
Best,
Viktor
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.clamav.net/pipermail/clamav-users/attachments/20220621/445ce1d2/attachment.htm>
More information about the clamav-users
mailing list