ALAS-2024-2483

Amazon Linux 2 Security Advisory: ALAS-2024-2483
Advisory Release Date: 2024-02-29 10:03 Pacific
Advisory Updated Date: 2024-03-04 12:00 Pacific
Severity: Important
Issue Overview:

EDK2's Network Package is susceptible to an out-of-bounds read
vulnerability when processing the IA_NA or IA_TA option in a DHCPv6 Advertise message. This
vulnerability can be exploited by an attacker to gain unauthorized
access and potentially lead to a loss of Confidentiality. (CVE-2023-45229)

EDK2's Network Package is susceptible to a buffer overflow vulnerability via a long server ID option in DHCPv6 client. This
vulnerability can be exploited by an attacker to gain unauthorized
access and potentially lead to a loss of Confidentiality, Integrity and/or Availability. (CVE-2023-45230)

EDK2's Network Package is susceptible to an out-of-bounds read
vulnerability when processing Neighbor Discovery Redirect message. This
vulnerability can be exploited by an attacker to gain unauthorized
access and potentially lead to a loss of Confidentiality. (CVE-2023-45231)

EDK2's Network Package is susceptible to an infinite loop vulnerability when parsing unknown options in the Destination Options header of IPv6. This
vulnerability can be exploited by an attacker to gain unauthorized
access and potentially lead to a loss of Availability. (CVE-2023-45232)

EDK2's Network Package is susceptible to an infinite lop vulnerability when parsing a PadN option in the Destination Options header of IPv6. This
vulnerability can be exploited by an attacker to gain unauthorized
access and potentially lead to a loss of Availability. (CVE-2023-45233)

EDK2's Network Package is susceptible to a buffer overflow vulnerability when processing DNS Servers option from a DHCPv6 Advertise message. This
vulnerability can be exploited by an attacker to gain unauthorized
access and potentially lead to a loss of Confidentiality, Integrity and/or Availability. (CVE-2023-45234)

EDK2's Network Package is susceptible to a buffer overflow vulnerability when

handling Server ID option

from a DHCPv6 proxy Advertise message. This
vulnerability can be exploited by an attacker to gain unauthorized
access and potentially lead to a loss of Confidentiality, Integrity and/or Availability. (CVE-2023-45235)

Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attack

The package openssl098e is provided purely for binary compatibility with older Amazon Linux versions. It does not receive security updates. (CVE-2024-0727)


Affected Packages:

edk2


Note:

This advisory is applicable to Amazon Linux 2 (AL2) Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories.


Issue Correction:
Run yum update edk2 to update your system.

New Packages:
aarch64:
    edk2-tools-20200801stable-1.amzn2.0.4.aarch64
    edk2-debuginfo-20200801stable-1.amzn2.0.4.aarch64

noarch:
    edk2-tools-python-20200801stable-1.amzn2.0.4.noarch
    edk2-tools-doc-20200801stable-1.amzn2.0.4.noarch
    edk2-ovmf-20200801stable-1.amzn2.0.4.noarch
    edk2-aarch64-20200801stable-1.amzn2.0.4.noarch

src:
    edk2-20200801stable-1.amzn2.0.4.src

x86_64:
    edk2-tools-20200801stable-1.amzn2.0.4.x86_64
    edk2-debuginfo-20200801stable-1.amzn2.0.4.x86_64

Additional References

Red Hat: CVE-2023-45229, CVE-2023-45230, CVE-2023-45231, CVE-2023-45232, CVE-2023-45233, CVE-2023-45234, CVE-2023-45235, CVE-2024-0727

Mitre: CVE-2023-45229, CVE-2023-45230, CVE-2023-45231, CVE-2023-45232, CVE-2023-45233, CVE-2023-45234, CVE-2023-45235, CVE-2024-0727