ALAS-2021-1712

Amazon Linux 2 Security Advisory: ALAS-2021-1712
Advisory Release Date: 2021-10-04 20:16 Pacific
Advisory Updated Date: 2023-01-30 19:15 Pacific

Severity: Medium

References: CVE-2020-16119 CVE-2021-3655 CVE-2021-40490 CVE-2022-20141
FAQs regarding Amazon Linux ALAS/CVE Severity

Issue Overview:

A flaw was found in the Linux kernel. A race condition was discovered in the ext4 subsystem. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2021-40490)

Affected Packages:

kernel

Note:

This advisory is applicable to Amazon Linux 2 (AL2) Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories.

Issue Correction:
Run yum update kernel to update your system.

New Packages:

aarch64:
    kernel-4.14.248-189.473.amzn2.aarch64
    kernel-headers-4.14.248-189.473.amzn2.aarch64
    kernel-debuginfo-common-aarch64-4.14.248-189.473.amzn2.aarch64
    perf-4.14.248-189.473.amzn2.aarch64
    perf-debuginfo-4.14.248-189.473.amzn2.aarch64
    python-perf-4.14.248-189.473.amzn2.aarch64
    python-perf-debuginfo-4.14.248-189.473.amzn2.aarch64
    kernel-tools-4.14.248-189.473.amzn2.aarch64
    kernel-tools-devel-4.14.248-189.473.amzn2.aarch64
    kernel-tools-debuginfo-4.14.248-189.473.amzn2.aarch64
    kernel-devel-4.14.248-189.473.amzn2.aarch64
    kernel-debuginfo-4.14.248-189.473.amzn2.aarch64

i686:
    kernel-headers-4.14.248-189.473.amzn2.i686

src:
    kernel-4.14.248-189.473.amzn2.src

x86_64:
    kernel-4.14.248-189.473.amzn2.x86_64
    kernel-headers-4.14.248-189.473.amzn2.x86_64
    kernel-debuginfo-common-x86_64-4.14.248-189.473.amzn2.x86_64
    perf-4.14.248-189.473.amzn2.x86_64
    perf-debuginfo-4.14.248-189.473.amzn2.x86_64
    python-perf-4.14.248-189.473.amzn2.x86_64
    python-perf-debuginfo-4.14.248-189.473.amzn2.x86_64
    kernel-tools-4.14.248-189.473.amzn2.x86_64
    kernel-tools-devel-4.14.248-189.473.amzn2.x86_64
    kernel-tools-debuginfo-4.14.248-189.473.amzn2.x86_64
    kernel-devel-4.14.248-189.473.amzn2.x86_64
    kernel-debuginfo-4.14.248-189.473.amzn2.x86_64
    kernel-livepatch-4.14.248-189.473-1.0-0.amzn2.x86_64

Additional References

Red Hat: CVE-2020-16119, CVE-2021-3655, CVE-2021-40490, CVE-2022-20141

Mitre: CVE-2020-16119, CVE-2021-3655, CVE-2021-40490, CVE-2022-20141

Select your cookie preferences

Customize cookie preferences

Essential

Performance

Functional

Advertising

ALAS-2021-1712

Additional References