Amazon Linux 2023 Security Advisory: ALAS-2024-765
Advisory Release Date: 2024-11-13 12:28 Pacific
Advisory Updated Date: 2024-12-05 20:34 Pacific
FAQs regarding Amazon Linux ALAS/CVE Severity
2024-12-05: CVE-2023-52751 was added to this advisory.
In the Linux kernel, the following vulnerability has been resolved:
smb: client: fix use-after-free in smb2_query_info_compound() (CVE-2023-52751)
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: hci_sock: Fix not validating setsockopt user input (CVE-2024-35963)
In the Linux kernel, the following vulnerability has been resolved:
vfio/pci: fix potential memory leak in vfio_intx_enable() (CVE-2024-38632)
In the Linux kernel, the following vulnerability has been resolved:
selinux,smack: don't bypass permissions check in inode_setsecctx hook (CVE-2024-46695)
syzbot reported that nf_reject_ip6_tcphdr_put() was possibly sending garbage on the four reserved tcp bits (th->res1)
Use skb_put_zero() to clear the whole TCP header, as done in nf_reject_ip_tcphdr_put() (CVE-2024-47685)
Affected Packages:
kernel
Issue Correction:
Run dnf update kernel --releasever 2023.6.20241111 to update your system.
System reboot is required in order to complete this update.
aarch64:
kernel-libbpf-static-6.1.115-126.197.amzn2023.aarch64
kernel-modules-extra-6.1.115-126.197.amzn2023.aarch64
bpftool-6.1.115-126.197.amzn2023.aarch64
python3-perf-debuginfo-6.1.115-126.197.amzn2023.aarch64
kernel-libbpf-6.1.115-126.197.amzn2023.aarch64
kernel-libbpf-devel-6.1.115-126.197.amzn2023.aarch64
kernel-tools-6.1.115-126.197.amzn2023.aarch64
kernel-tools-debuginfo-6.1.115-126.197.amzn2023.aarch64
perf-6.1.115-126.197.amzn2023.aarch64
python3-perf-6.1.115-126.197.amzn2023.aarch64
kernel-tools-devel-6.1.115-126.197.amzn2023.aarch64
bpftool-debuginfo-6.1.115-126.197.amzn2023.aarch64
kernel-headers-6.1.115-126.197.amzn2023.aarch64
kernel-modules-extra-common-6.1.115-126.197.amzn2023.aarch64
kernel-6.1.115-126.197.amzn2023.aarch64
kernel-livepatch-6.1.115-126.197-1.0-0.amzn2023.aarch64
perf-debuginfo-6.1.115-126.197.amzn2023.aarch64
kernel-debuginfo-6.1.115-126.197.amzn2023.aarch64
kernel-debuginfo-common-aarch64-6.1.115-126.197.amzn2023.aarch64
kernel-devel-6.1.115-126.197.amzn2023.aarch64
src:
kernel-6.1.115-126.197.amzn2023.src
x86_64:
bpftool-debuginfo-6.1.115-126.197.amzn2023.x86_64
kernel-tools-devel-6.1.115-126.197.amzn2023.x86_64
python3-perf-debuginfo-6.1.115-126.197.amzn2023.x86_64
kernel-livepatch-6.1.115-126.197-1.0-0.amzn2023.x86_64
bpftool-6.1.115-126.197.amzn2023.x86_64
kernel-modules-extra-common-6.1.115-126.197.amzn2023.x86_64
perf-6.1.115-126.197.amzn2023.x86_64
kernel-libbpf-devel-6.1.115-126.197.amzn2023.x86_64
kernel-libbpf-6.1.115-126.197.amzn2023.x86_64
perf-debuginfo-6.1.115-126.197.amzn2023.x86_64
kernel-tools-6.1.115-126.197.amzn2023.x86_64
kernel-libbpf-static-6.1.115-126.197.amzn2023.x86_64
kernel-modules-extra-6.1.115-126.197.amzn2023.x86_64
kernel-tools-debuginfo-6.1.115-126.197.amzn2023.x86_64
python3-perf-6.1.115-126.197.amzn2023.x86_64
kernel-headers-6.1.115-126.197.amzn2023.x86_64
kernel-debuginfo-6.1.115-126.197.amzn2023.x86_64
kernel-6.1.115-126.197.amzn2023.x86_64
kernel-debuginfo-common-x86_64-6.1.115-126.197.amzn2023.x86_64
kernel-devel-6.1.115-126.197.amzn2023.x86_64