Amazon Linux 2 Security Advisory: ALAS-2019-1154
Advisory Release Date: 2019-01-25 01:05 Pacific
Heap-based buffer overflow vulnerability in extract_status_code() function in lib/html.c that parses HTTP status code returned from web server allows malicious web server or man-in-the-middle attacker pretending to be a web server to cause either a denial of service or potentially execute arbitrary code on keepalived load balancer.(CVE-2018-19115 )
Run yum update keepalived to update your system.