Amazon Linux 2022 Security Advisory: ALAS-2022-038
Advisory Release Date: 2022-03-07 23:58 Pacific
Advisory Updated Date: 2022-03-08 17:49 Pacific
A flaw was found in keepalived, where an improper authentication vulnerability allows an unprivileged user to change properties that could lead to an access-control bypass. (CVE-2021-44225)
Affected Packages:
keepalived
Issue Correction:
Run dnf update --releasever=2022.0.20220308 keepalived to update your system.
aarch64:
keepalived-debuginfo-2.2.4-2.amzn2022.aarch64
keepalived-2.2.4-2.amzn2022.aarch64
keepalived-debugsource-2.2.4-2.amzn2022.aarch64
src:
keepalived-2.2.4-2.amzn2022.src
x86_64:
keepalived-debuginfo-2.2.4-2.amzn2022.x86_64
keepalived-debugsource-2.2.4-2.amzn2022.x86_64
keepalived-2.2.4-2.amzn2022.x86_64