ALASKERNEL-5.10-2024-056

Amazon Linux 2 Security Advisory: ALASKERNEL-5.10-2024-056
Advisory Release Date: 2024-05-09 18:00 Pacific
Advisory Updated Date: 2024-07-03 22:01 Pacific

Severity: Medium

References: CVE-2023-52458 CVE-2023-52482 CVE-2023-52620 CVE-2024-25739 CVE-2024-26642 CVE-2024-26643 CVE-2024-26925 CVE-2024-35809
FAQs regarding Amazon Linux ALAS/CVE Severity

Issue Overview:

2024-07-03: CVE-2024-26643 was added to this advisory.

2024-07-03: CVE-2024-26642 was added to this advisory.

2024-07-03: CVE-2023-52458 was added to this advisory.

2024-07-03: CVE-2024-25739 was added to this advisory.

2024-07-03: CVE-2023-52620 was added to this advisory.

2024-06-06: CVE-2024-35809 was added to this advisory.

2024-06-06: CVE-2023-52482 was added to this advisory.

In the Linux kernel, the following vulnerability has been resolved:

block: add check that partition length needs to be aligned with block size

Before calling add partition or resize partition, there is no check
on whether the length is aligned with the logical block size.
If the logical block size of the disk is larger than 512 bytes,
then the partition size maybe not the multiple of the logical block size,
and when the last sector is read, bio_truncate() will adjust the bio size,
resulting in an IO error if the size of the read command is smaller than
the logical block size.If integrity data is supported, this will also
result in a null pointer dereference when calling bio_integrity_free. (CVE-2023-52458)

In the Linux kernel, the following vulnerability has been resolved:

x86/srso: Add SRSO mitigation for Hygon processors (CVE-2023-52482)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nf_tables: disallow timeout for anonymous sets (CVE-2023-52620)

create_empty_lvol in drivers/mtd/ubi/vtbl.c in the Linux kernel through 6.7.4 can attempt to allocate zero bytes, and crash, because of a missing check for ubi->leb_size. (CVE-2024-25739)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nf_tables: disallow anonymous set with timeout flag (CVE-2024-26642)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout (CVE-2024-26643)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path

The commit mutex should not be released during the critical section
between nft_gc_seq_begin() and nft_gc_seq_end(), otherwise, async GC
worker could collect expired objects and get the released commit lock
within the same GC sequence.

nf_tables_module_autoload() temporarily releases the mutex to load
module dependencies, then it goes back to replay the transaction again.
Move it at the end of the abort phase after nft_gc_seq_end() is called. (CVE-2024-26925)

In the Linux kernel, the following vulnerability has been resolved:

PCI/PM: Drain runtime-idle callbacks before driver removal (CVE-2024-35809)

Affected Packages:

kernel

Note:

This advisory is applicable to Amazon Linux 2 - Kernel-5.10 Extra. Visit this page to learn more about Amazon Linux 2 (AL2) Extras and this FAQ section for the difference between AL2 Core and AL2 Extras advisories.

Issue Correction:
Run yum update kernel to update your system.

New Packages:

aarch64:
    kernel-5.10.215-203.850.amzn2.aarch64
    kernel-headers-5.10.215-203.850.amzn2.aarch64
    kernel-debuginfo-common-aarch64-5.10.215-203.850.amzn2.aarch64
    perf-5.10.215-203.850.amzn2.aarch64
    perf-debuginfo-5.10.215-203.850.amzn2.aarch64
    python-perf-5.10.215-203.850.amzn2.aarch64
    python-perf-debuginfo-5.10.215-203.850.amzn2.aarch64
    kernel-tools-5.10.215-203.850.amzn2.aarch64
    kernel-tools-devel-5.10.215-203.850.amzn2.aarch64
    kernel-tools-debuginfo-5.10.215-203.850.amzn2.aarch64
    bpftool-5.10.215-203.850.amzn2.aarch64
    bpftool-debuginfo-5.10.215-203.850.amzn2.aarch64
    kernel-devel-5.10.215-203.850.amzn2.aarch64
    kernel-debuginfo-5.10.215-203.850.amzn2.aarch64
    kernel-livepatch-5.10.215-203.850-1.0-0.amzn2.aarch64

i686:
    kernel-headers-5.10.215-203.850.amzn2.i686

src:
    kernel-5.10.215-203.850.amzn2.src

x86_64:
    kernel-5.10.215-203.850.amzn2.x86_64
    kernel-headers-5.10.215-203.850.amzn2.x86_64
    kernel-debuginfo-common-x86_64-5.10.215-203.850.amzn2.x86_64
    perf-5.10.215-203.850.amzn2.x86_64
    perf-debuginfo-5.10.215-203.850.amzn2.x86_64
    python-perf-5.10.215-203.850.amzn2.x86_64
    python-perf-debuginfo-5.10.215-203.850.amzn2.x86_64
    kernel-tools-5.10.215-203.850.amzn2.x86_64
    kernel-tools-devel-5.10.215-203.850.amzn2.x86_64
    kernel-tools-debuginfo-5.10.215-203.850.amzn2.x86_64
    bpftool-5.10.215-203.850.amzn2.x86_64
    bpftool-debuginfo-5.10.215-203.850.amzn2.x86_64
    kernel-devel-5.10.215-203.850.amzn2.x86_64
    kernel-debuginfo-5.10.215-203.850.amzn2.x86_64
    kernel-livepatch-5.10.215-203.850-1.0-0.amzn2.x86_64

Additional References

Red Hat: CVE-2023-52458, CVE-2023-52482, CVE-2023-52620, CVE-2024-25739, CVE-2024-26642, CVE-2024-26643, CVE-2024-26925, CVE-2024-35809

Mitre: CVE-2023-52458, CVE-2023-52482, CVE-2023-52620, CVE-2024-25739, CVE-2024-26642, CVE-2024-26643, CVE-2024-26925, CVE-2024-35809