Amazon Linux 2 Security Advisory: ALAS-2020-1521
Advisory Release Date: 2020-10-22 18:10 Pacific
Advisory Updated Date: 2020-10-22 22:35 Pacific
A stack overflow flaw was found in libcroco. A service using libcroco's CSS parser could be crashed by a local, authenticated attacker, or an attacker utilizing social engineering, using a crafted input. The highest threat from this vulnerability is to system availability. (CVE-2020-12825)
Run yum update libcroco to update your system.