Amazon Linux 2 Security Advisory: ALASKERNEL-5.4-2022-039
Advisory Release Date: 2022-12-01 18:21 Pacific
Advisory Updated Date: 2023-08-03 19:42 Pacific
FAQs regarding Amazon Linux ALAS/CVE Severity
2023-08-03: CVE-2023-3812 was added to this advisory.
A memory overflow vulnerability was found in the Linux kernel's ipc functionality of the memcg subsystem, in the way a user calls the semget function multiple times, creating semaphores. This flaw allows a local user to starve the resources, causing a denial of service. The highest threat from this vulnerability is to system availability. (CVE-2021-3759)
A use-after-free flaw was found in the Linux kernel's Unix socket Garbage Collection and io_uring. This flaw allows a local user to crash or potentially escalate their privileges on the system. (CVE-2022-2602)
A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6_renew_options of the component IPv6 Handler. The manipulation leads to memory leak. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211021 was assigned to this vulnerability. (CVE-2022-3524)
A vulnerability classified as problematic was found in Linux Kernel. Affected by this vulnerability is the function mvpp2_dbgfs_port_init of the file drivers/net/ethernet/marvell/mvpp2/mvpp2_debugfs.c of the component mvpp2. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier VDB-211033 was assigned to this vulnerability. (CVE-2022-3535)
A vulnerability classified as problematic was found in Linux Kernel. This vulnerability affects the function bnx2x_tpa_stop of the file drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c of the component BPF. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. VDB-211042 is the identifier assigned to this vulnerability. (CVE-2022-3542)
A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211087. (CVE-2022-3564)
A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211088. (CVE-2022-3565)
A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. The manipulation leads to logging of excessive data. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211363. (CVE-2022-3594)
A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_new_inode of the file fs/nilfs2/inode.c of the component BPF. The manipulation leads to use after free. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211992. (CVE-2022-3649)
drivers/video/fbdev/smscufx.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a USB device while calling open(), aka a race condition between ufx_ops_open and ufx_usb_disconnect. (CVE-2022-41849)
roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free in certain situations where a report is received while copying a report->value is in progress. (CVE-2022-41850)
An out-of-bounds memory access flaw was found in the Linux kernel's TUN/TAP device driver functionality in how a user generates a malicious (too big) networking packet when napi frags is enabled. This flaw allows a local user to crash or potentially escalate their privileges on the system. (CVE-2023-3812)
Affected Packages:
kernel
Note:
This advisory is applicable to Amazon Linux 2 - Kernel-5.4 Extra. Visit this page to learn more about Amazon Linux 2 (AL2) Extras and this FAQ section for the difference between AL2 Core and AL2 Extras advisories.
Issue Correction:
Run yum update kernel to update your system.
aarch64:
kernel-5.4.224-128.414.amzn2.aarch64
kernel-headers-5.4.224-128.414.amzn2.aarch64
kernel-debuginfo-common-aarch64-5.4.224-128.414.amzn2.aarch64
perf-5.4.224-128.414.amzn2.aarch64
perf-debuginfo-5.4.224-128.414.amzn2.aarch64
python-perf-5.4.224-128.414.amzn2.aarch64
python-perf-debuginfo-5.4.224-128.414.amzn2.aarch64
kernel-tools-5.4.224-128.414.amzn2.aarch64
kernel-tools-devel-5.4.224-128.414.amzn2.aarch64
kernel-tools-debuginfo-5.4.224-128.414.amzn2.aarch64
bpftool-5.4.224-128.414.amzn2.aarch64
bpftool-debuginfo-5.4.224-128.414.amzn2.aarch64
kernel-devel-5.4.224-128.414.amzn2.aarch64
kernel-debuginfo-5.4.224-128.414.amzn2.aarch64
i686:
kernel-headers-5.4.224-128.414.amzn2.i686
src:
kernel-5.4.224-128.414.amzn2.src
x86_64:
kernel-5.4.224-128.414.amzn2.x86_64
kernel-headers-5.4.224-128.414.amzn2.x86_64
kernel-debuginfo-common-x86_64-5.4.224-128.414.amzn2.x86_64
perf-5.4.224-128.414.amzn2.x86_64
perf-debuginfo-5.4.224-128.414.amzn2.x86_64
python-perf-5.4.224-128.414.amzn2.x86_64
python-perf-debuginfo-5.4.224-128.414.amzn2.x86_64
kernel-tools-5.4.224-128.414.amzn2.x86_64
kernel-tools-devel-5.4.224-128.414.amzn2.x86_64
kernel-tools-debuginfo-5.4.224-128.414.amzn2.x86_64
bpftool-5.4.224-128.414.amzn2.x86_64
bpftool-debuginfo-5.4.224-128.414.amzn2.x86_64
kernel-devel-5.4.224-128.414.amzn2.x86_64
kernel-debuginfo-5.4.224-128.414.amzn2.x86_64