ALAS-2023-1805

Amazon Linux 1 (EOL) Security Advisory: ALAS-2023-1805
Advisory Released Date: 2023-08-22
Advisory Updated Date: 2023-08-23

Severity: Important

References: CVE-2022-26563
FAQs regarding Amazon Linux ALAS/CVE Severity

Issue Overview:

An issue was discovered in Tildeslash Monit before 5.31.0, allows remote attackers to gain escilated privlidges due to improper PAM-authorization. (CVE-2022-26563)

Affected Packages:

monit

Issue Correction:
Run yum update monit to update your system.

New Packages:

i686:
    monit-5.2.5-3.12.amzn1.i686
    monit-debuginfo-5.2.5-3.12.amzn1.i686

src:
    monit-5.2.5-3.12.amzn1.src

x86_64:
    monit-debuginfo-5.2.5-3.12.amzn1.x86_64
    monit-5.2.5-3.12.amzn1.x86_64

Additional References

Red Hat: CVE-2022-26563

Mitre: CVE-2022-26563