Hi there, On Tue, 21 Jun 2022, Viktor Rosenfeld via clamav-users wrote:
A recent scan of my system found 8 infected files. On closer inspection, these are all nodejs binaries, either installed through Homebrew or inside another app (e.g., Docker or Adobe). Clamav reports that they are infected with CVE_2021_4034-9951522. As far as I can tell, CVE_2021_4034 is the pkexec privilege scalation bug. However, I could not find anything relating to nodejs. Also, the fact that multiple nodejs binaries on my system are infected, which are installed from different sources, leads me to believe that this is a false positive. I am unsure what to do next. ...
Agreed there might be grounds to suspect a false positive, but I'd suggest that first you upload anything which has been flagged as suspicious to somewhere like Virustotal or Jotti's Virus Scan. Then take a view. If ClamAV is in a minority of one, probably filing the false positive report would be the next step. -- 73, Ged. _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/Cisco-Talos/clamav-documentation https://docs.clamav.net/#mailing-lists-and-chat
