ALASKERNEL-5.4-2024-068

Amazon Linux 2 Security Advisory: ALASKERNEL-5.4-2024-068
Advisory Release Date: 2024-05-23 23:02 Pacific
Advisory Updated Date: 2024-12-05 01:00 Pacific
Severity: Medium
Issue Overview:

2024-12-05: CVE-2024-26754 was added to this advisory.

2024-12-05: CVE-2024-27414 was added to this advisory.

2024-09-12: CVE-2024-35807 was added to this advisory.

2024-09-12: CVE-2024-27413 was added to this advisory.

2024-08-27: CVE-2024-26773 was added to this advisory.

2024-08-27: CVE-2024-26840 was added to this advisory.

2024-08-27: CVE-2024-26752 was added to this advisory.

2024-08-27: CVE-2024-26751 was added to this advisory.

2024-08-27: CVE-2024-26835 was added to this advisory.

2024-08-27: CVE-2024-26688 was added to this advisory.

2024-08-27: CVE-2024-26804 was added to this advisory.

2024-08-27: CVE-2024-26772 was added to this advisory.

2024-08-27: CVE-2024-26763 was added to this advisory.

2024-08-27: CVE-2024-26805 was added to this advisory.

2024-08-27: CVE-2024-26764 was added to this advisory.

2024-08-27: CVE-2024-26735 was added to this advisory.

2024-08-27: CVE-2024-26848 was added to this advisory.

2024-08-27: CVE-2024-26793 was added to this advisory.

2024-08-27: CVE-2024-26791 was added to this advisory.

2024-08-27: CVE-2024-26845 was added to this advisory.

2024-07-03: CVE-2023-52504 was added to this advisory.

2024-07-03: CVE-2024-0841 was added to this advisory.

2024-06-06: CVE-2024-27417 was added to this advisory.

In the Linux kernel, the following vulnerability has been resolved:

x86/alternatives: Disable KASAN in apply_alternatives() (CVE-2023-52504)

A null pointer dereference flaw was found in the hugetlbfs_fill_super function in the Linux kernel hugetlbfs (HugeTLB pages) functionality. This issue may allow a local user to crash the system or potentially escalate their privileges on the system. (CVE-2024-0841)

In the Linux kernel, the following vulnerability has been resolved:

fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super (CVE-2024-26688)

In the Linux kernel, the following vulnerability has been resolved:

ipv6: sr: fix possible use-after-free and null-ptr-deref (CVE-2024-26735)

In the Linux kernel, the following vulnerability has been resolved: afs: Increase buffer size in afs_update_volume_status() The max length of volume->vid value is 20 characters. So increase idbuf[] size up to 24 to avoid overflow. Found by Linux Verification Center (linuxtesting.org) with SVACE. [DH: Actually, it's 20 + NUL, so increase it to 24 and use snprintf()] (CVE-2024-26736)

In the Linux kernel, the following vulnerability has been resolved:

ARM: ep93xx: Add terminator to gpiod_lookup_table (CVE-2024-26751)

In the Linux kernel, the following vulnerability has been resolved:

l2tp: pass correct message length to ip6_append_data (CVE-2024-26752)

In the Linux kernel, the following vulnerability has been resolved:

gtp: fix use-after-free and null-ptr-deref in gtp_genl_dump_pdp() (CVE-2024-26754)

In the Linux kernel, the following vulnerability has been resolved:

dm-crypt: don't modify the data when using authenticated encryption (CVE-2024-26763)

In the Linux kernel, the following vulnerability has been resolved:

fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio (CVE-2024-26764)

In the Linux kernel, the following vulnerability has been resolved:

ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() (CVE-2024-26772)

In the Linux kernel, the following vulnerability has been resolved:

ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found() (CVE-2024-26773)

In the Linux kernel, the following vulnerability has been resolved:

btrfs: dev-replace: properly validate device names (CVE-2024-26791)

In the Linux kernel, the following vulnerability has been resolved:

gtp: fix use-after-free and null-ptr-deref in gtp_newlink() (CVE-2024-26793)

In the Linux kernel, the following vulnerability has been resolved:

net: ip_tunnel: prevent perpetual headroom growth (CVE-2024-26804)

In the Linux kernel, the following vulnerability has been resolved:

netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter (CVE-2024-26805)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nf_tables: set dormant flag on hook register failure (CVE-2024-26835)

In the Linux kernel, the following vulnerability has been resolved:

cachefiles: fix memory leak in cachefiles_add_cache() (CVE-2024-26840)

In the Linux kernel, the following vulnerability has been resolved:

scsi: target: core: Add TMF to tmr_list handling (CVE-2024-26845)

In the Linux kernel, the following vulnerability has been resolved:

afs: Fix endless loop in directory parsing (CVE-2024-26848)

In the Linux kernel, the following vulnerability has been resolved:

efi/capsule-loader: fix incorrect allocation size (CVE-2024-27413)

In the Linux kernel, the following vulnerability has been resolved:

rtnetlink: fix error logic of IFLA_BRIDGE_FLAGS writing back (CVE-2024-27414)

In the Linux kernel, the following vulnerability has been resolved:

ipv6: fix potential "struct net" leak in inet6_rtm_getaddr() (CVE-2024-27417)

In the Linux kernel, the following vulnerability has been resolved:

ext4: fix corruption during on-line resize (CVE-2024-35807)


Affected Packages:

kernel


Note:

This advisory is applicable to Amazon Linux 2 - Kernel-5.4 Extra. Visit this page to learn more about Amazon Linux 2 (AL2) Extras and this FAQ section for the difference between AL2 Core and AL2 Extras advisories.


Issue Correction:
Run yum update kernel to update your system.

New Packages:
aarch64:
    kernel-5.4.271-184.369.amzn2.aarch64
    kernel-headers-5.4.271-184.369.amzn2.aarch64
    kernel-debuginfo-common-aarch64-5.4.271-184.369.amzn2.aarch64
    perf-5.4.271-184.369.amzn2.aarch64
    perf-debuginfo-5.4.271-184.369.amzn2.aarch64
    python-perf-5.4.271-184.369.amzn2.aarch64
    python-perf-debuginfo-5.4.271-184.369.amzn2.aarch64
    kernel-tools-5.4.271-184.369.amzn2.aarch64
    kernel-tools-devel-5.4.271-184.369.amzn2.aarch64
    kernel-tools-debuginfo-5.4.271-184.369.amzn2.aarch64
    bpftool-5.4.271-184.369.amzn2.aarch64
    bpftool-debuginfo-5.4.271-184.369.amzn2.aarch64
    kernel-devel-5.4.271-184.369.amzn2.aarch64
    kernel-debuginfo-5.4.271-184.369.amzn2.aarch64

i686:
    kernel-headers-5.4.271-184.369.amzn2.i686

src:
    kernel-5.4.271-184.369.amzn2.src

x86_64:
    kernel-5.4.271-184.369.amzn2.x86_64
    kernel-headers-5.4.271-184.369.amzn2.x86_64
    kernel-debuginfo-common-x86_64-5.4.271-184.369.amzn2.x86_64
    perf-5.4.271-184.369.amzn2.x86_64
    perf-debuginfo-5.4.271-184.369.amzn2.x86_64
    python-perf-5.4.271-184.369.amzn2.x86_64
    python-perf-debuginfo-5.4.271-184.369.amzn2.x86_64
    kernel-tools-5.4.271-184.369.amzn2.x86_64
    kernel-tools-devel-5.4.271-184.369.amzn2.x86_64
    kernel-tools-debuginfo-5.4.271-184.369.amzn2.x86_64
    bpftool-5.4.271-184.369.amzn2.x86_64
    bpftool-debuginfo-5.4.271-184.369.amzn2.x86_64
    kernel-devel-5.4.271-184.369.amzn2.x86_64
    kernel-debuginfo-5.4.271-184.369.amzn2.x86_64

Additional References

Red Hat: CVE-2023-52504, CVE-2024-0841, CVE-2024-26688, CVE-2024-26735, CVE-2024-26736, CVE-2024-26751, CVE-2024-26752, CVE-2024-26754, CVE-2024-26763, CVE-2024-26764, CVE-2024-26772, CVE-2024-26773, CVE-2024-26791, CVE-2024-26793, CVE-2024-26804, CVE-2024-26805, CVE-2024-26835, CVE-2024-26840, CVE-2024-26845, CVE-2024-26848, CVE-2024-27413, CVE-2024-27414, CVE-2024-27417, CVE-2024-35807

Mitre: CVE-2023-52504, CVE-2024-0841, CVE-2024-26688, CVE-2024-26735, CVE-2024-26736, CVE-2024-26751, CVE-2024-26752, CVE-2024-26754, CVE-2024-26763, CVE-2024-26764, CVE-2024-26772, CVE-2024-26773, CVE-2024-26791, CVE-2024-26793, CVE-2024-26804, CVE-2024-26805, CVE-2024-26835, CVE-2024-26840, CVE-2024-26845, CVE-2024-26848, CVE-2024-27413, CVE-2024-27414, CVE-2024-27417, CVE-2024-35807