Amazon Linux 2 Security Advisory: ALASLIVEPATCH-2024-188
Advisory Release Date: 2024-08-14 19:05 Pacific
Advisory Updated Date: 2024-08-21 12:20 Pacific
FAQs regarding Amazon Linux ALAS/CVE Severity
In the Linux kernel, the following vulnerability has been resolved:
scsi: core: Fix a use-after-free (CVE-2022-48666)
kernel: virtio-net: tap: mlx5_core short frame denial of service (CVE-2024-41090)
kernel: virtio-net: tun: mlx5_core short frame denial of service (CVE-2024-41091)
Affected Packages:
kernel-livepatch-5.10.217-205.860
Issue Correction:
Run yum update kernel-livepatch-5.10.217-205.860 to update your system.
aarch64:
kernel-livepatch-5.10.217-205.860-1.0-2.amzn2.aarch64
kernel-livepatch-5.10.217-205.860-debuginfo-1.0-2.amzn2.aarch64
src:
kernel-livepatch-5.10.217-205.860-1.0-2.amzn2.src
x86_64:
kernel-livepatch-5.10.217-205.860-1.0-2.amzn2.x86_64
kernel-livepatch-5.10.217-205.860-debuginfo-1.0-2.amzn2.x86_64