ALAS-2023-461

Amazon Linux 2023 Security Advisory: ALAS-2023-461
Advisory Release Date: 2023-12-13 20:28 Pacific
Advisory Updated Date: 2025-01-30 03:53 Pacific

Severity: Important

References: CVE-2023-52752 CVE-2023-52762 CVE-2023-52772 CVE-2023-52778 CVE-2023-52781 CVE-2023-52784 CVE-2023-52788 CVE-2023-52791 CVE-2023-52796 CVE-2023-52803 CVE-2023-52813 CVE-2023-52828 CVE-2023-52831 CVE-2023-52835 CVE-2023-52837 CVE-2023-52840 CVE-2023-52843 CVE-2023-52846 CVE-2023-52854 CVE-2023-52859 CVE-2023-52860 CVE-2023-52868 CVE-2023-52869 CVE-2023-6111 CVE-2023-6622 CVE-2023-6932 CVE-2024-0584 CVE-2024-0607
FAQs regarding Amazon Linux ALAS/CVE Severity

Issue Overview:

2025-01-30: CVE-2023-52837 was added to this advisory.

2024-12-05: CVE-2023-52843 was added to this advisory.

2024-12-05: CVE-2023-52859 was added to this advisory.

2024-12-05: CVE-2023-52788 was added to this advisory.

2024-12-05: CVE-2023-52846 was added to this advisory.

2024-12-05: CVE-2023-52868 was added to this advisory.

2024-12-05: CVE-2023-52831 was added to this advisory.

2024-12-05: CVE-2023-52854 was added to this advisory.

2024-12-05: CVE-2023-52869 was added to this advisory.

2024-12-05: CVE-2023-52772 was added to this advisory.

2024-12-05: CVE-2023-52791 was added to this advisory.

2024-12-05: CVE-2023-52781 was added to this advisory.

2024-12-05: CVE-2023-52835 was added to this advisory.

2024-12-05: CVE-2023-52828 was added to this advisory.

2024-11-13: CVE-2023-52752 was added to this advisory.

2024-07-03: CVE-2023-52840 was added to this advisory.

2024-07-03: CVE-2023-6622 was added to this advisory.

2024-07-03: CVE-2023-52813 was added to this advisory.

2024-07-03: CVE-2023-52762 was added to this advisory.

2024-06-19: CVE-2023-52860 was added to this advisory.

2024-06-19: CVE-2023-52796 was added to this advisory.

2024-06-19: CVE-2023-52803 was added to this advisory.

2024-06-19: CVE-2023-52784 was added to this advisory.

2024-06-19: CVE-2023-52778 was added to this advisory.

2024-02-01: CVE-2024-0584 was added to this advisory.

2024-02-01: CVE-2024-0607 was added to this advisory.

2024-01-03: CVE-2023-6932 was added to this advisory.

In the Linux kernel, the following vulnerability has been resolved:

smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (CVE-2023-52752)

In the Linux kernel, the following vulnerability has been resolved:

virtio-blk: fix implicit overflow on virtio_max_dma_size (CVE-2023-52762)

In the Linux kernel, the following vulnerability has been resolved:

af_unix: fix use-after-free in unix_stream_read_actor() (CVE-2023-52772)

In the Linux kernel, the following vulnerability has been resolved:

mptcp: deal with large GSO size (CVE-2023-52778)

In the Linux kernel, the following vulnerability has been resolved:

usb: config: fix iteration issue in 'usb_get_bos_descriptor()' (CVE-2023-52781)

In the Linux kernel, the following vulnerability has been resolved:

bonding: stop the device in bond_setup_by_slave() (CVE-2023-52784)

In the Linux kernel, the following vulnerability has been resolved:

i915/perf: Fix NULL deref bugs with drm_dbg() calls (CVE-2023-52788)

In the Linux kernel, the following vulnerability has been resolved:

i2c: core: Run atomic i2c xfer when !preemptible (CVE-2023-52791)

In the Linux kernel, the following vulnerability has been resolved:

ipvlan: add ipvlan_route_v6_outbound() helper (CVE-2023-52796)

In the Linux kernel, the following vulnerability has been resolved:

SUNRPC: Fix RPC client cleaned up the freed pipefs dentries (CVE-2023-52803)

In the Linux kernel, the following vulnerability has been resolved:

crypto: pcrypt - Fix hungtask for PADATA_RESET (CVE-2023-52813)

In the Linux kernel, the following vulnerability has been resolved:

bpf: Detect IP == ksym.end as part of BPF program (CVE-2023-52828)

In the Linux kernel, the following vulnerability has been resolved:

cpu/hotplug: Don't offline the last non-isolated CPU (CVE-2023-52831)

In the Linux kernel, the following vulnerability has been resolved:

perf/core: Bail out early if the request AUX area is out of bound (CVE-2023-52835)

In the Linux kernel, the following vulnerability has been resolved:

nbd: fix uaf in nbd_open (CVE-2023-52837)

In the Linux kernel, the following vulnerability has been resolved:

Input: synaptics-rmi4 - fix use after free in rmi_unregister_function() (CVE-2023-52840)

In the Linux kernel, the following vulnerability has been resolved:

llc: verify mac len before reading mac header (CVE-2023-52843)

In the Linux kernel, the following vulnerability has been resolved:

hsr: Prevent use after free in prp_create_tagged_frame() (CVE-2023-52846)

In the Linux kernel, the following vulnerability has been resolved:

padata: Fix refcnt handling in padata_free_shell() (CVE-2023-52854)

In the Linux kernel, the following vulnerability has been resolved:

perf: hisi: Fix use-after-free when register pmu fails (CVE-2023-52859)

In the Linux kernel, the following vulnerability has been resolved:

drivers/perf: hisi: use cpuhp_state_remove_instance_nocalls() for hisi_hns3_pmu uninit process (CVE-2023-52860)

In the Linux kernel, the following vulnerability has been resolved:

thermal: core: prevent potential string overflow (CVE-2023-52868)

In the Linux kernel, the following vulnerability has been resolved:

pstore/platform: Add check for kstrdup (CVE-2023-52869)

A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.

The function nft_trans_gc_catchall did not remove the catchall set element from the catchall_list when the argument sync is true, making it possible to free a catchall set element many times.

We recommend upgrading past commit 93995bf4af2c5a99e2a87f0cd5ce547d31eb7630. (CVE-2023-6111)

A null pointer dereference vulnerability was found in nft_dynset_init() in net/netfilter/nft_dynset.c in nf_tables in the Linux kernel. This issue may allow a local attacker with CAP_NET_ADMIN user privilege to trigger a denial of service. (CVE-2023-6622)

A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to achieve local privilege escalation.

A race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object which is freed by another thread.

We recommend upgrading past commit e2b706c691905fe78468c361aaabc719d0a496f1. (CVE-2023-6932)

A use-after-free issue was found in igmp_start_timer in net/ipv4/igmp.c in the network sub-component in the Linux Kernel. This flaw allows a local user to observe a refcnt use-after-free issue when receiving an igmp query packet, leading to a kernel information leak. (CVE-2024-0584)

netfilter: nf_tables: fix pointer math issue in nft_byteorder_eval() (CVE-2024-0607)

Affected Packages:

kernel

Issue Correction:
Run dnf update kernel --releasever 2023.3.20231211 to update your system.

New Packages:

aarch64:
    kernel-libbpf-6.1.66-91.160.amzn2023.aarch64
    kernel-tools-debuginfo-6.1.66-91.160.amzn2023.aarch64
    kernel-tools-devel-6.1.66-91.160.amzn2023.aarch64
    kernel-libbpf-devel-6.1.66-91.160.amzn2023.aarch64
    python3-perf-6.1.66-91.160.amzn2023.aarch64
    perf-6.1.66-91.160.amzn2023.aarch64
    python3-perf-debuginfo-6.1.66-91.160.amzn2023.aarch64
    kernel-headers-6.1.66-91.160.amzn2023.aarch64
    bpftool-debuginfo-6.1.66-91.160.amzn2023.aarch64
    kernel-tools-6.1.66-91.160.amzn2023.aarch64
    bpftool-6.1.66-91.160.amzn2023.aarch64
    kernel-modules-extra-6.1.66-91.160.amzn2023.aarch64
    perf-debuginfo-6.1.66-91.160.amzn2023.aarch64
    kernel-livepatch-6.1.66-91.160-1.0-0.amzn2023.aarch64
    kernel-libbpf-static-6.1.66-91.160.amzn2023.aarch64
    kernel-debuginfo-6.1.66-91.160.amzn2023.aarch64
    kernel-6.1.66-91.160.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.66-91.160.amzn2023.aarch64
    kernel-devel-6.1.66-91.160.amzn2023.aarch64

src:
    kernel-6.1.66-91.160.amzn2023.src

x86_64:
    python3-perf-6.1.66-91.160.amzn2023.x86_64
    kernel-libbpf-6.1.66-91.160.amzn2023.x86_64
    kernel-livepatch-6.1.66-91.160-1.0-0.amzn2023.x86_64
    kernel-tools-devel-6.1.66-91.160.amzn2023.x86_64
    bpftool-6.1.66-91.160.amzn2023.x86_64
    perf-debuginfo-6.1.66-91.160.amzn2023.x86_64
    python3-perf-debuginfo-6.1.66-91.160.amzn2023.x86_64
    perf-6.1.66-91.160.amzn2023.x86_64
    bpftool-debuginfo-6.1.66-91.160.amzn2023.x86_64
    kernel-modules-extra-6.1.66-91.160.amzn2023.x86_64
    kernel-libbpf-static-6.1.66-91.160.amzn2023.x86_64
    kernel-headers-6.1.66-91.160.amzn2023.x86_64
    kernel-tools-6.1.66-91.160.amzn2023.x86_64
    kernel-libbpf-devel-6.1.66-91.160.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.66-91.160.amzn2023.x86_64
    kernel-debuginfo-6.1.66-91.160.amzn2023.x86_64
    kernel-6.1.66-91.160.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.66-91.160.amzn2023.x86_64
    kernel-devel-6.1.66-91.160.amzn2023.x86_64

Additional References

Red Hat: CVE-2023-52752, CVE-2023-52762, CVE-2023-52772, CVE-2023-52778, CVE-2023-52781, CVE-2023-52784, CVE-2023-52788, CVE-2023-52791, CVE-2023-52796, CVE-2023-52803, CVE-2023-52813, CVE-2023-52828, CVE-2023-52831, CVE-2023-52835, CVE-2023-52837, CVE-2023-52840, CVE-2023-52843, CVE-2023-52846, CVE-2023-52854, CVE-2023-52859, CVE-2023-52860, CVE-2023-52868, CVE-2023-52869, CVE-2023-6111, CVE-2023-6622, CVE-2023-6932, CVE-2024-0584, CVE-2024-0607

Mitre: CVE-2023-52752, CVE-2023-52762, CVE-2023-52772, CVE-2023-52778, CVE-2023-52781, CVE-2023-52784, CVE-2023-52788, CVE-2023-52791, CVE-2023-52796, CVE-2023-52803, CVE-2023-52813, CVE-2023-52828, CVE-2023-52831, CVE-2023-52835, CVE-2023-52837, CVE-2023-52840, CVE-2023-52843, CVE-2023-52846, CVE-2023-52854, CVE-2023-52859, CVE-2023-52860, CVE-2023-52868, CVE-2023-52869, CVE-2023-6111, CVE-2023-6622, CVE-2023-6932, CVE-2024-0584, CVE-2024-0607