ALAS-2024-517

Amazon Linux 2023 Security Advisory: ALAS-2024-517
Advisory Release Date: 2024-02-15 02:51 Pacific
Advisory Updated Date: 2024-08-14 19:14 Pacific
Severity: Important
Issue Overview:

2024-08-14: CVE-2023-52621 was added to this advisory.

2024-08-14: CVE-2023-52623 was added to this advisory.

2024-08-14: CVE-2024-26671 was added to this advisory.

2024-08-14: CVE-2023-52622 was added to this advisory.

2024-08-14: CVE-2024-26673 was added to this advisory.

2024-08-14: CVE-2024-26644 was added to this advisory.

2024-08-14: CVE-2024-26808 was added to this advisory.

2024-08-01: CVE-2024-26972 was added to this advisory.

2024-07-03: CVE-2023-52619 was added to this advisory.

2024-07-03: CVE-2024-26626 was added to this advisory.

2024-07-03: CVE-2024-26635 was added to this advisory.

2024-07-03: CVE-2023-52614 was added to this advisory.

2024-07-03: CVE-2023-52615 was added to this advisory.

2024-07-03: CVE-2024-26640 was added to this advisory.

2024-07-03: CVE-2024-26634 was added to this advisory.

2024-07-03: CVE-2024-26641 was added to this advisory.

2024-07-03: CVE-2024-26627 was added to this advisory.

2024-07-03: CVE-2023-52583 was added to this advisory.

2024-07-03: CVE-2024-26638 was added to this advisory.

2024-06-06: CVE-2023-52498 was added to this advisory.

2024-06-06: CVE-2023-52489 was added to this advisory.

2024-06-06: CVE-2024-26614 was added to this advisory.

2024-06-06: CVE-2023-52486 was added to this advisory.

2024-06-06: CVE-2023-52672 was added to this advisory.

2024-06-06: CVE-2024-26612 was added to this advisory.

2024-06-06: CVE-2023-52492 was added to this advisory.

2024-05-23: CVE-2024-26625 was added to this advisory.

2024-05-23: CVE-2024-26668 was added to this advisory.

2024-02-29: CVE-2024-1086 was added to this advisory.

In the Linux kernel, the following vulnerability has been resolved:

drm: Don't unref the same fb many times by mistake due to deadlock handling (CVE-2023-52486)

In the Linux kernel, the following vulnerability has been resolved:

mm/sparsemem: fix race in accessing memory_section->usage (CVE-2023-52489)

In the Linux kernel, the following vulnerability has been resolved:

dmaengine: fix NULL pointer in channel unregistration function (CVE-2023-52492)

In the Linux kernel, the following vulnerability has been resolved:

PM: sleep: Fix possible deadlocks in core system-wide PM code (CVE-2023-52498)

In the Linux kernel, the following vulnerability has been resolved:

ceph: fix deadlock or deadcode of misusing dget() (CVE-2023-52583)

In the Linux kernel, the following vulnerability has been resolved:

PM / devfreq: Fix buffer overflow in trans_stat_show (CVE-2023-52614)

In the Linux kernel, the following vulnerability has been resolved:

hwrng: core - Fix page fault dead lock on mmap-ed hwrng (CVE-2023-52615)

In the Linux kernel, the following vulnerability has been resolved:

pstore/ram: Fix crash when setting number of cpus to an odd number (CVE-2023-52619)

In the Linux kernel, the following vulnerability has been resolved:

bpf: Check rcu_read_lock_trace_held() before calling bpf map helpers (CVE-2023-52621)

In the Linux kernel, the following vulnerability has been resolved:

ext4: avoid online resizing failures due to oversized flex bg (CVE-2023-52622)

In the Linux kernel, the following vulnerability has been resolved:

SUNRPC: Fix a suspicious RCU usage warning (CVE-2023-52623)

In the Linux kernel, the following vulnerability has been resolved:

pipe: wakeup wr_wait after setting max_usage (CVE-2023-52672)

A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.

The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cause a double free vulnerability when NF_DROP is issued with a drop error which resembles NF_ACCEPT.

We recommend upgrading past commit f342de4e2f33e0e39165d8639387aa6c19dff660. (CVE-2024-1086)

In rds_recv_track_latency in net/rds/af_rds.c in the Linux kernel through 6.7.1, there is an off-by-one error for an RDS_MSG_RX_DGRAM_TRACE_MAX comparison, resulting in out-of-bounds access. (CVE-2024-23849)

In the Linux kernel, the following vulnerability has been resolved:

netfs, fscache: Prevent Oops in fscache_put_cache() (CVE-2024-26612)

In the Linux kernel, the following vulnerability has been resolved:

tcp: make sure init the accept_queue's spinlocks once (CVE-2024-26614)

In the Linux kernel, the following vulnerability has been resolved:

llc: call sock_orphan() at release time (CVE-2024-26625)

In the Linux kernel, the following vulnerability has been resolved:

ipmr: fix kernel panic when forwarding mcast packets (CVE-2024-26626)

In the Linux kernel, the following vulnerability has been resolved:

scsi: core: Move scsi_host_busy() out of host lock for waking up EH handler (CVE-2024-26627)

In the Linux kernel, the following vulnerability has been resolved:

net: fix removing a namespace with conflicting altnames (CVE-2024-26634)

In the Linux kernel, the following vulnerability has been resolved:

llc: Drop support for ETH_P_TR_802_2. (CVE-2024-26635)

In the Linux kernel, the following vulnerability has been resolved:

nbd: always initialize struct msghdr completely (CVE-2024-26638)

In the Linux kernel, the following vulnerability has been resolved:

tcp: add sanity checks to rx zerocopy (CVE-2024-26640)

In the Linux kernel, the following vulnerability has been resolved:

ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv() (CVE-2024-26641)

In the Linux kernel, the following vulnerability has been resolved:

btrfs: don't abort filesystem when attempting to snapshot deleted subvolume (CVE-2024-26644)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nft_limit: reject configurations that cause integer overflow (CVE-2024-26668)

In the Linux kernel, the following vulnerability has been resolved:

blk-mq: fix IO hang from sbitmap wakeup race (CVE-2024-26671)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom expectations (CVE-2024-26673)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain (CVE-2024-26808)

In the Linux kernel, the following vulnerability has been resolved:

ubifs: ubifs_symlink: Fix memleak of inode->i_link in error path (CVE-2024-26972)


Affected Packages:

kernel


Issue Correction:
Run dnf update kernel --releasever 2023.3.20240219 to update your system.

New Packages:
aarch64:
    python3-perf-6.1.77-99.164.amzn2023.aarch64
    perf-debuginfo-6.1.77-99.164.amzn2023.aarch64
    kernel-tools-devel-6.1.77-99.164.amzn2023.aarch64
    kernel-livepatch-6.1.77-99.164-1.0-0.amzn2023.aarch64
    bpftool-debuginfo-6.1.77-99.164.amzn2023.aarch64
    kernel-tools-debuginfo-6.1.77-99.164.amzn2023.aarch64
    python3-perf-debuginfo-6.1.77-99.164.amzn2023.aarch64
    kernel-libbpf-6.1.77-99.164.amzn2023.aarch64
    perf-6.1.77-99.164.amzn2023.aarch64
    kernel-libbpf-devel-6.1.77-99.164.amzn2023.aarch64
    bpftool-6.1.77-99.164.amzn2023.aarch64
    kernel-modules-extra-common-6.1.77-99.164.amzn2023.aarch64
    kernel-tools-6.1.77-99.164.amzn2023.aarch64
    kernel-libbpf-static-6.1.77-99.164.amzn2023.aarch64
    kernel-6.1.77-99.164.amzn2023.aarch64
    kernel-headers-6.1.77-99.164.amzn2023.aarch64
    kernel-debuginfo-6.1.77-99.164.amzn2023.aarch64
    kernel-modules-extra-6.1.77-99.164.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.77-99.164.amzn2023.aarch64
    kernel-devel-6.1.77-99.164.amzn2023.aarch64

src:
    kernel-6.1.77-99.164.amzn2023.src

x86_64:
    kernel-tools-debuginfo-6.1.77-99.164.amzn2023.x86_64
    perf-debuginfo-6.1.77-99.164.amzn2023.x86_64
    perf-6.1.77-99.164.amzn2023.x86_64
    kernel-modules-extra-6.1.77-99.164.amzn2023.x86_64
    kernel-libbpf-static-6.1.77-99.164.amzn2023.x86_64
    kernel-livepatch-6.1.77-99.164-1.0-0.amzn2023.x86_64
    bpftool-6.1.77-99.164.amzn2023.x86_64
    bpftool-debuginfo-6.1.77-99.164.amzn2023.x86_64
    kernel-modules-extra-common-6.1.77-99.164.amzn2023.x86_64
    kernel-libbpf-devel-6.1.77-99.164.amzn2023.x86_64
    kernel-headers-6.1.77-99.164.amzn2023.x86_64
    python3-perf-6.1.77-99.164.amzn2023.x86_64
    kernel-tools-devel-6.1.77-99.164.amzn2023.x86_64
    kernel-libbpf-6.1.77-99.164.amzn2023.x86_64
    kernel-debuginfo-6.1.77-99.164.amzn2023.x86_64
    python3-perf-debuginfo-6.1.77-99.164.amzn2023.x86_64
    kernel-tools-6.1.77-99.164.amzn2023.x86_64
    kernel-6.1.77-99.164.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.77-99.164.amzn2023.x86_64
    kernel-devel-6.1.77-99.164.amzn2023.x86_64

Additional References

Red Hat: CVE-2023-52486, CVE-2023-52489, CVE-2023-52492, CVE-2023-52498, CVE-2023-52583, CVE-2023-52614, CVE-2023-52615, CVE-2023-52619, CVE-2023-52621, CVE-2023-52622, CVE-2023-52623, CVE-2023-52672, CVE-2024-1086, CVE-2024-23849, CVE-2024-26612, CVE-2024-26614, CVE-2024-26625, CVE-2024-26626, CVE-2024-26627, CVE-2024-26634, CVE-2024-26635, CVE-2024-26638, CVE-2024-26640, CVE-2024-26641, CVE-2024-26644, CVE-2024-26668, CVE-2024-26671, CVE-2024-26673, CVE-2024-26808, CVE-2024-26972

Mitre: CVE-2023-52486, CVE-2023-52489, CVE-2023-52492, CVE-2023-52498, CVE-2023-52583, CVE-2023-52614, CVE-2023-52615, CVE-2023-52619, CVE-2023-52621, CVE-2023-52622, CVE-2023-52623, CVE-2023-52672, CVE-2024-1086, CVE-2024-23849, CVE-2024-26612, CVE-2024-26614, CVE-2024-26625, CVE-2024-26626, CVE-2024-26627, CVE-2024-26634, CVE-2024-26635, CVE-2024-26638, CVE-2024-26640, CVE-2024-26641, CVE-2024-26644, CVE-2024-26668, CVE-2024-26671, CVE-2024-26673, CVE-2024-26808, CVE-2024-26972