ALAS2023-2023-349

Amazon Linux 2023 Security Advisory: ALAS-2023-349
Advisory Release Date: 2023-09-14 00:55 Pacific
Advisory Updated Date: 2023-09-20 21:34 Pacific
Severity: Important
Issue Overview:

KVM: arm64: Prevent unconditional donation of unmapped regions from the host
NOTE: https://source.android.com/docs/security/bulletin/2023-08-01
NOTE: https://git.kernel.org/linus/09cce60bddd6461a93a5bf434265a47827d1bc6f (CVE-2023-21264)

A vulnerability was found due to a missing lock for the IOPOLL in io_cqring_event_overflow() in io_uring.c in the Linux kernel. This flaw allows a local attacker with user privileges to trigger a denial of service. (CVE-2023-2430)


Affected Packages:

kernel


Issue Correction:
Run dnf update kernel --releasever 2023.2.20230920 to update your system.

New Packages:
aarch64:
    kernel-libbpf-static-6.1.52-71.125.amzn2023.aarch64
    kernel-livepatch-6.1.52-71.125-1.0-0.amzn2023.aarch64
    kernel-libbpf-6.1.52-71.125.amzn2023.aarch64
    kernel-tools-devel-6.1.52-71.125.amzn2023.aarch64
    python3-perf-debuginfo-6.1.52-71.125.amzn2023.aarch64
    kernel-libbpf-devel-6.1.52-71.125.amzn2023.aarch64
    bpftool-6.1.52-71.125.amzn2023.aarch64
    perf-6.1.52-71.125.amzn2023.aarch64
    perf-debuginfo-6.1.52-71.125.amzn2023.aarch64
    kernel-tools-6.1.52-71.125.amzn2023.aarch64
    python3-perf-6.1.52-71.125.amzn2023.aarch64
    kernel-tools-debuginfo-6.1.52-71.125.amzn2023.aarch64
    kernel-headers-6.1.52-71.125.amzn2023.aarch64
    bpftool-debuginfo-6.1.52-71.125.amzn2023.aarch64
    kernel-6.1.52-71.125.amzn2023.aarch64
    kernel-debuginfo-6.1.52-71.125.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.52-71.125.amzn2023.aarch64
    kernel-devel-6.1.52-71.125.amzn2023.aarch64

src:
    kernel-6.1.52-71.125.amzn2023.src

x86_64:
    kernel-livepatch-6.1.52-71.125-1.0-0.amzn2023.x86_64
    bpftool-debuginfo-6.1.52-71.125.amzn2023.x86_64
    kernel-libbpf-static-6.1.52-71.125.amzn2023.x86_64
    kernel-headers-6.1.52-71.125.amzn2023.x86_64
    kernel-libbpf-6.1.52-71.125.amzn2023.x86_64
    kernel-tools-6.1.52-71.125.amzn2023.x86_64
    kernel-tools-devel-6.1.52-71.125.amzn2023.x86_64
    perf-debuginfo-6.1.52-71.125.amzn2023.x86_64
    python3-perf-debuginfo-6.1.52-71.125.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.52-71.125.amzn2023.x86_64
    bpftool-6.1.52-71.125.amzn2023.x86_64
    kernel-libbpf-devel-6.1.52-71.125.amzn2023.x86_64
    python3-perf-6.1.52-71.125.amzn2023.x86_64
    perf-6.1.52-71.125.amzn2023.x86_64
    kernel-debuginfo-6.1.52-71.125.amzn2023.x86_64
    kernel-6.1.52-71.125.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.52-71.125.amzn2023.x86_64
    kernel-devel-6.1.52-71.125.amzn2023.x86_64

Additional References

Red Hat: CVE-2023-21264, CVE-2023-2430

Mitre: CVE-2023-21264, CVE-2023-2430