ALASKERNEL-5.4-2023-055

Amazon Linux 2 Security Advisory: ALASKERNEL-5.4-2023-055
Advisory Release Date: 2023-10-31 00:16 Pacific
Advisory Updated Date: 2024-08-01 01:11 Pacific

Severity: Medium

References: CVE-2023-31085 CVE-2023-34324 CVE-2023-42754 CVE-2023-42756 CVE-2023-52522 CVE-2023-52527 CVE-2023-52528 CVE-2023-52566 CVE-2023-52567 CVE-2023-52573 CVE-2023-52574 CVE-2023-52577 CVE-2023-52578
FAQs regarding Amazon Linux ALAS/CVE Severity

Issue Overview:

2024-08-01: CVE-2023-52577 was added to this advisory.

2024-08-01: CVE-2023-52566 was added to this advisory.

2024-08-01: CVE-2023-52528 was added to this advisory.

2024-08-01: CVE-2023-52527 was added to this advisory.

2024-07-03: CVE-2023-52573 was added to this advisory.

2024-07-03: CVE-2023-52522 was added to this advisory.

2024-07-03: CVE-2023-52578 was added to this advisory.

2024-07-03: CVE-2023-42756 was added to this advisory.

2024-07-03: CVE-2023-52574 was added to this advisory.

2024-06-06: CVE-2023-52567 was added to this advisory.

An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux kernel 6.2. There is a divide-by-zero error in do_div(sz,mtd->erasesize), used indirectly by ctrl_cdev_ioctl, when mtd->erasesize is 0. (CVE-2023-31085)

A flaw in the kernel Xen event handler can cause a deadlock with Xen console handling in unprivileged Xen guests. (CVE-2023-34324)

A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before calling __ip_options_compile, which is not always the case if the skb is re-routed by ipvs. This issue may allow a local user with CAP_NET_ADMIN privileges to crash the system. (CVE-2023-42754)

A flaw was found in the Netfilter subsystem of the Linux kernel. A race condition between IPSET_CMD_ADD and IPSET_CMD_SWAP can lead to a kernel panic due to the invocation of `__ip_set_put` on a wrong `set`. This issue may allow a local user to crash the system. (CVE-2023-42756)

In the Linux kernel, the following vulnerability has been resolved:

net: fix possible store tearing in neigh_periodic_work() (CVE-2023-52522)

In the Linux kernel, the following vulnerability has been resolved:

ipv4, ipv6: Fix handling of transhdrlen in __ip{,6}_append_data() (CVE-2023-52527)

In the Linux kernel, the following vulnerability has been resolved:

net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg (CVE-2023-52528)

In the Linux kernel, the following vulnerability has been resolved:

nilfs2: fix potential use after free in nilfs_gccache_submit_read_data() (CVE-2023-52566)

In the Linux kernel, the following vulnerability has been resolved:

serial: 8250_port: Check IRQ data before use (CVE-2023-52567)

In the Linux kernel, the following vulnerability has been resolved:

net: rds: Fix possible NULL-pointer dereference (CVE-2023-52573)

In the Linux kernel, the following vulnerability has been resolved:

team: fix null-ptr-deref when team device type is changed (CVE-2023-52574)

In the Linux kernel, the following vulnerability has been resolved:

dccp: fix dccp_v4_err()/dccp_v6_err() again (CVE-2023-52577)

In the Linux kernel, the following vulnerability has been resolved:

net: bridge: use DEV_STATS_INC() (CVE-2023-52578)

Affected Packages:

kernel

Note:

This advisory is applicable to Amazon Linux 2 - Kernel-5.4 Extra. Visit this page to learn more about Amazon Linux 2 (AL2) Extras and this FAQ section for the difference between AL2 Core and AL2 Extras advisories.

Issue Correction:
Run yum update kernel to update your system.

New Packages:

aarch64:
    kernel-5.4.258-171.360.amzn2.aarch64
    kernel-headers-5.4.258-171.360.amzn2.aarch64
    kernel-debuginfo-common-aarch64-5.4.258-171.360.amzn2.aarch64
    perf-5.4.258-171.360.amzn2.aarch64
    perf-debuginfo-5.4.258-171.360.amzn2.aarch64
    python-perf-5.4.258-171.360.amzn2.aarch64
    python-perf-debuginfo-5.4.258-171.360.amzn2.aarch64
    kernel-tools-5.4.258-171.360.amzn2.aarch64
    kernel-tools-devel-5.4.258-171.360.amzn2.aarch64
    kernel-tools-debuginfo-5.4.258-171.360.amzn2.aarch64
    bpftool-5.4.258-171.360.amzn2.aarch64
    bpftool-debuginfo-5.4.258-171.360.amzn2.aarch64
    kernel-devel-5.4.258-171.360.amzn2.aarch64
    kernel-debuginfo-5.4.258-171.360.amzn2.aarch64

i686:
    kernel-headers-5.4.258-171.360.amzn2.i686

src:
    kernel-5.4.258-171.360.amzn2.src

x86_64:
    kernel-5.4.258-171.360.amzn2.x86_64
    kernel-headers-5.4.258-171.360.amzn2.x86_64
    kernel-debuginfo-common-x86_64-5.4.258-171.360.amzn2.x86_64
    perf-5.4.258-171.360.amzn2.x86_64
    perf-debuginfo-5.4.258-171.360.amzn2.x86_64
    python-perf-5.4.258-171.360.amzn2.x86_64
    python-perf-debuginfo-5.4.258-171.360.amzn2.x86_64
    kernel-tools-5.4.258-171.360.amzn2.x86_64
    kernel-tools-devel-5.4.258-171.360.amzn2.x86_64
    kernel-tools-debuginfo-5.4.258-171.360.amzn2.x86_64
    bpftool-5.4.258-171.360.amzn2.x86_64
    bpftool-debuginfo-5.4.258-171.360.amzn2.x86_64
    kernel-devel-5.4.258-171.360.amzn2.x86_64
    kernel-debuginfo-5.4.258-171.360.amzn2.x86_64

Additional References

Red Hat: CVE-2023-31085, CVE-2023-34324, CVE-2023-42754, CVE-2023-42756, CVE-2023-52522, CVE-2023-52527, CVE-2023-52528, CVE-2023-52566, CVE-2023-52567, CVE-2023-52573, CVE-2023-52574, CVE-2023-52577, CVE-2023-52578

Mitre: CVE-2023-31085, CVE-2023-34324, CVE-2023-42754, CVE-2023-42756, CVE-2023-52522, CVE-2023-52527, CVE-2023-52528, CVE-2023-52566, CVE-2023-52567, CVE-2023-52573, CVE-2023-52574, CVE-2023-52577, CVE-2023-52578