ALAS2-2021-1636


Amazon Linux 2 Security Advisory: ALAS-2021-1636
Advisory Release Date: 2021-05-20 15:51 Pacific
Advisory Updated Date: 2021-05-24 17:52 Pacific
Severity: Medium

Issue Overview:

An issue was discovered in the Linux kernel related to mm/gup.c and mm/huge_memory.c. The get_user_pages (aka gup) implementation, when used for a copy-on-write page, does not properly consider the semantics of read operations and therefore can grant unintended write access. (CVE-2020-29374 )

A use-after-free flaw was found in the Linux kernel's SCTP socket functionality that triggers a race condition. This flaw allows a local user to escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. (CVE-2021-23133 )

A vulnerability was discovered in retrieve_ptr_limit in kernel/bpf/verifier.c in the Linux kernel mechanism to mitigate speculatively out-of-bounds loads (Spectre mitigation). In this flaw a local,
special user privileged (CAP_SYS_ADMIN) BPF program running on affected systems may bypass the protection, and execute speculatively out-of-bounds loads from the kernel memory. This can be abused to extract contents of kernel memory via side-channel. (CVE-2021-29155 )

A flaw was found in the Linux kernel's eBPF verification code. By default, accessing the eBPF verifier is only accessible to privileged users with CAP_SYS_ADMIN. This flaw allows a local user who can insert eBPF instructions, to use the eBPF verifier to abuse a spectre-like flaw and infer all system memory. The highest threat from this vulnerability is to confidentiality. (CVE-2021-31829 )


Affected Packages:

kernel


Issue Correction:
Run yum update kernel to update your system.

New Packages:
aarch64:
    kernel-4.14.232-176.381.amzn2.aarch64
    kernel-headers-4.14.232-176.381.amzn2.aarch64
    kernel-debuginfo-common-aarch64-4.14.232-176.381.amzn2.aarch64
    perf-4.14.232-176.381.amzn2.aarch64
    perf-debuginfo-4.14.232-176.381.amzn2.aarch64
    python-perf-4.14.232-176.381.amzn2.aarch64
    python-perf-debuginfo-4.14.232-176.381.amzn2.aarch64
    kernel-tools-4.14.232-176.381.amzn2.aarch64
    kernel-tools-devel-4.14.232-176.381.amzn2.aarch64
    kernel-tools-debuginfo-4.14.232-176.381.amzn2.aarch64
    kernel-devel-4.14.232-176.381.amzn2.aarch64
    kernel-debuginfo-4.14.232-176.381.amzn2.aarch64

i686:
    kernel-headers-4.14.232-176.381.amzn2.i686

src:
    kernel-4.14.232-176.381.amzn2.src

x86_64:
    kernel-4.14.232-176.381.amzn2.x86_64
    kernel-headers-4.14.232-176.381.amzn2.x86_64
    kernel-debuginfo-common-x86_64-4.14.232-176.381.amzn2.x86_64
    perf-4.14.232-176.381.amzn2.x86_64
    perf-debuginfo-4.14.232-176.381.amzn2.x86_64
    python-perf-4.14.232-176.381.amzn2.x86_64
    python-perf-debuginfo-4.14.232-176.381.amzn2.x86_64
    kernel-tools-4.14.232-176.381.amzn2.x86_64
    kernel-tools-devel-4.14.232-176.381.amzn2.x86_64
    kernel-tools-debuginfo-4.14.232-176.381.amzn2.x86_64
    kernel-devel-4.14.232-176.381.amzn2.x86_64
    kernel-debuginfo-4.14.232-176.381.amzn2.x86_64
    kernel-livepatch-4.14.232-176.381-1.0-0.amzn2.x86_64