Amazon Linux AMI Security Advisory: ALAS-2017-911
Advisory Release Date: 2017-10-12 19:41 Pacific
Advisory Updated Date: 2017-10-13 00:10 Pacific
Potential use-after-free in TLS 1.2 server when verifying client authentication:
A use-after-free flaw was found in the TLS 1.2 implementation in the NSS library when client authentication was used. A malicious client could use this flaw to cause an application compiled against NSS to crash or, potentially, execute arbitrary code with the permission of the user running the application. (CVE-2017-7805)
Run yum update nss to update your system.