ALAS-2023-1772

Amazon Linux 1 (EOL) Security Advisory: ALAS-2023-1772
Advisory Released Date: 2023-06-27
Advisory Updated Date: 2023-06-29

Severity: Medium

References: CVE-2022-48279
FAQs regarding Amazon Linux ALAS/CVE Severity

Issue Overview:

In ModSecurity before 2.9.6 and 3.x before 3.0.8, HTTP multipart requests were incorrectly parsed and could bypass the Web Application Firewall. NOTE: this is related to CVE-2022-39956 but can be considered independent changes to the ModSecurity (C language) codebase. (CVE-2022-48279)

Affected Packages:

mod24_security

Issue Correction:
Run yum update mod24_security to update your system.

New Packages:

i686:
    mod24_security-2.8.0-5.28.amzn1.i686
    mlogc24-2.8.0-5.28.amzn1.i686
    mod24_security-debuginfo-2.8.0-5.28.amzn1.i686

src:
    mod24_security-2.8.0-5.28.amzn1.src

x86_64:
    mod24_security-debuginfo-2.8.0-5.28.amzn1.x86_64
    mod24_security-2.8.0-5.28.amzn1.x86_64
    mlogc24-2.8.0-5.28.amzn1.x86_64

Additional References

Red Hat: CVE-2022-48279

Mitre: CVE-2022-48279