Amazon Linux 2 Security Advisory: ALASKERNEL-5.15-2023-025
Advisory Release Date: 2023-08-03 19:42 Pacific
Advisory Updated Date: 2024-07-03 22:01 Pacific
FAQs regarding Amazon Linux ALAS/CVE Severity
2024-07-03: CVE-2023-39197 was added to this advisory.
2024-07-03: CVE-2023-51043 was added to this advisory.
2024-02-01: CVE-2024-0639 was added to this advisory.
2023-10-12: CVE-2023-44466 was added to this advisory.
2023-08-31: CVE-2023-20569 was added to this advisory.
An issue was discovered in the Linux kernel before 6.2. The ntfs3 subsystem does not properly check for correctness during disk reads, leading to an out-of-bounds read in ntfs_set_ea in fs/ntfs3/xattr.c. (CVE-2022-48502)
A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled?address, potentially leading to information disclosure. (CVE-2023-20569)
An issue in "Zen 2" CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information. (CVE-2023-20593)
An out-of-bounds write vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation.
The qfq_change_agg() function in net/sched/sch_qfq.c allows an out-of-bounds write because lmax is updated according to packet sizes without bounds checks.
We recommend upgrading past commit 3e337087c3b5805fe0b8a46ba622a962880b5d64. (CVE-2023-3611)
A use-after-free vulnerability in the Linux kernel's net/sched: cls_fw component can be exploited to achieve local privilege escalation.
If tcf_change_indev() fails, fw_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_bind_filter(). If an attacker can control the reference counter and set it to zero, they can cause the reference to be freed, leading to a use-after-free vulnerability.
We recommend upgrading past commit 0323bce598eea038714f941ce2b22541c46d488f. (CVE-2023-3776)
An out-of-bounds read vulnerability was found in Netfilter Connection Tracking (conntrack) in the Linux kernel. This flaw allows a remote user to disclose sensitive information via the DCCP protocol. (CVE-2023-39197)
An issue was discovered in net/ceph/messenger_v2.c in the Linux kernel before 6.4.5. There is an integer signedness error, leading to a buffer overflow and remote code execution via HELLO or one of the AUTH frames. This occurs because of an untrusted length taken from a TCP packet in ceph_decode_32. (CVE-2023-44466)
In the Linux kernel before 6.4.5, drivers/gpu/drm/drm_atomic.c has a use-after-free during a race condition between a nonblocking atomic commit and a driver unload. (CVE-2023-51043)
A denial of service vulnerability due to a deadlock was found in sctp_auto_asconf_init in net/sctp/socket.c in the Linux kernel's SCTP subsystem. This flaw allows guests with local user privileges to trigger a deadlock and potentially crash the system. (CVE-2024-0639)
Affected Packages:
kernel
Note:
This advisory is applicable to Amazon Linux 2 - Kernel-5.15 Extra. Visit this page to learn more about Amazon Linux 2 (AL2) Extras and this FAQ section for the difference between AL2 Core and AL2 Extras advisories.
Issue Correction:
Run yum update kernel to update your system.
aarch64:
kernel-5.15.122-77.145.amzn2.aarch64
kernel-headers-5.15.122-77.145.amzn2.aarch64
kernel-debuginfo-common-aarch64-5.15.122-77.145.amzn2.aarch64
perf-5.15.122-77.145.amzn2.aarch64
perf-debuginfo-5.15.122-77.145.amzn2.aarch64
python-perf-5.15.122-77.145.amzn2.aarch64
python-perf-debuginfo-5.15.122-77.145.amzn2.aarch64
kernel-tools-5.15.122-77.145.amzn2.aarch64
kernel-tools-devel-5.15.122-77.145.amzn2.aarch64
kernel-tools-debuginfo-5.15.122-77.145.amzn2.aarch64
bpftool-5.15.122-77.145.amzn2.aarch64
bpftool-debuginfo-5.15.122-77.145.amzn2.aarch64
kernel-devel-5.15.122-77.145.amzn2.aarch64
kernel-debuginfo-5.15.122-77.145.amzn2.aarch64
kernel-livepatch-5.15.122-77.145-1.0-0.amzn2.aarch64
i686:
kernel-headers-5.15.122-77.145.amzn2.i686
src:
kernel-5.15.122-77.145.amzn2.src
x86_64:
kernel-5.15.122-77.145.amzn2.x86_64
kernel-headers-5.15.122-77.145.amzn2.x86_64
kernel-debuginfo-common-x86_64-5.15.122-77.145.amzn2.x86_64
perf-5.15.122-77.145.amzn2.x86_64
perf-debuginfo-5.15.122-77.145.amzn2.x86_64
python-perf-5.15.122-77.145.amzn2.x86_64
python-perf-debuginfo-5.15.122-77.145.amzn2.x86_64
kernel-tools-5.15.122-77.145.amzn2.x86_64
kernel-tools-devel-5.15.122-77.145.amzn2.x86_64
kernel-tools-debuginfo-5.15.122-77.145.amzn2.x86_64
bpftool-5.15.122-77.145.amzn2.x86_64
bpftool-debuginfo-5.15.122-77.145.amzn2.x86_64
kernel-devel-5.15.122-77.145.amzn2.x86_64
kernel-debuginfo-5.15.122-77.145.amzn2.x86_64
kernel-livepatch-5.15.122-77.145-1.0-0.amzn2.x86_64