Amazon Linux 1 Security Advisory: ALAS-2015-626
Advisory Release Date: 2015-12-14 10:00 Pacific
Advisory Updated Date: 2015-12-13 14:25 Pacific
It was found that program-based automounter maps that used interpreted languages such as Python would use standard environment variables to locate and load modules of those languages. A local attacker could potentially use this flaw to escalate their privileges on the system.
Affected Packages:
autofs
Issue Correction:
Run yum update autofs to update your system.
i686:
autofs-5.0.7-54.22.amzn1.i686
autofs-debuginfo-5.0.7-54.22.amzn1.i686
src:
autofs-5.0.7-54.22.amzn1.src
x86_64:
autofs-5.0.7-54.22.amzn1.x86_64
autofs-debuginfo-5.0.7-54.22.amzn1.x86_64