ALAS2LIVEPATCH-2020-011


Amazon Linux 2 Security Advisory: ALASLIVEPATCH-2020-011
Advisory Release Date: 2020-05-29 19:02 Pacific
Advisory Updated Date: 2020-06-03 19:05 Pacific
Severity: Important

Issue Overview:

An issue was discovered in the Linux kernel before 5.6.5. There is a use-after-free in block/bfq-iosched.c related to bfq_idle_slice_timer_body.(CVE-2020-12657)


Affected Packages:

kernel-livepatch-4.14.171-136.231


Issue Correction:
Enable the livepatch extra: amazon-linux-extras enable livepatch
Run yum update kernel-livepatch-4.14.171-136.231 to update your system.

New Packages:
src:
    kernel-livepatch-4.14.171-136.231-1.0-5.amzn2.src

x86_64:
    kernel-livepatch-4.14.171-136.231-1.0-5.amzn2.x86_64
    kernel-livepatch-4.14.171-136.231-debuginfo-1.0-5.amzn2.x86_64