-
|
Hello Paperless NGX Community, I'm seeking assistance regarding a potential false positive virus warning on my QNAP NAS running Paperless NGX with Docker. Since installing NGX/Docker, my antivirus (McAfee) has been flagging libkeyutils.so.1.9 and libkeyutils.so.1.10 as threats, located in the Docker-related directories. These alerts coincided with the NGX setup, raising concerns about their legitimacy. Has anyone experienced similar issues or can provide insights on how to differentiate between genuine threats and false positives in this setup? Any guidance or suggestions would be greatly appreciated. Thank you! Alexander |
Beta Was this translation helpful? Give feedback.
Replies: 2 comments 2 replies
-
|
Odd, never seen this before. GitHub has a lot of automated tools that do things like code scanning, etc. to look for known vulnerabilities and for the most part we are timely about patching them, etc. For example, currently there are no known open ones in this project. So anyway, I don’t pretend to be an expert here, but I do think this is most likely a false positive. If you have more details provided by the software, etc feel free to share. We can see if anyone else has input here as well, of course |
Beta Was this translation helpful? Give feedback.
-
|
That's just a standard Debian library: https://packages.debian.org/bookworm/libkeyutils1 I would highly doubt it is compromised in some way. It hasn't changed in about 2 years either, so it's not an xz type thing either. |
Beta Was this translation helpful? Give feedback.
-
|
Hi @stumpylog, hi @shamoon, Thank you for your response and insights. It indeed appears to have been a false positive, which serendipitously led me to discover an unrelated vulnerability in my own QNAP 5.1 System. Even though all system / app updates are installed overnight every 24h, specifically, my McAfee installation was not automatically updating its virus definitions. After addressing this issue manually, the virus warning ceased. I must admit, I am quite disappointed with both QNAP and McAfee for this oversight. I plan to provide feedback to QNAP to ensure they are aware of this lapse in their security features. I appreciate your perspective and the proactive measures your team takes to ensure security within your projects. While this instance turned out to be a false alarm, it prompted a beneficial review of my system's security protocols. I thought sharing this might be useful as a reminder of the importance of periodically verifying that automated security features are functioning as intended. Thanks again for your support and for fostering a responsive community here! Best regards, |
Beta Was this translation helpful? Give feedback.
-
|
This discussion has been automatically closed because it was marked as answered. Please see our contributing guidelines for more details. |
Beta Was this translation helpful? Give feedback.
Hi @stumpylog, hi @shamoon,
Thank you for your response and insights. It indeed appears to have been a false positive, which serendipitously led me to discover an unrelated vulnerability in my own QNAP 5.1 System. Even though all system / app updates are installed overnight every 24h, specifically, my McAfee installation was not automatically updating its virus definitions. After addressing this issue manually, the virus warning ceased.
I must admit, I am quite disappointed with both QNAP and McAfee for this oversight. I plan to provide feedback to QNAP to ensure they are aware of this lapse in their security features.
I appreciate your perspective and the proactive measures your team tak…