ALAS-2021-1480


Amazon Linux AMI Security Advisory: ALAS-2021-1480
Advisory Release Date: 2021-02-16 00:13 Pacific
Advisory Updated Date: 2021-02-16 22:41 Pacific
Severity: Important

Issue Overview:

A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel (before 5.10-rc1). There was a race problem in trace_open and resize of cpu buffer running parallely on different cpus, may cause a denial of service problem (DOS). This flaw could even allow a local attacker with special user privilege to a kernel information leak threat. (CVE-2020-27825 )

A flaw was found in the Linux kernel's implementation of the Linux SCSI target host, where an authenticated attacker could write to any block on the exported SCSI device backing store. This flaw allows an authenticated attacker to send LIO block requests to the Linux system to overwrite data on the backing store. The highest threat from this vulnerability is to integrity. In addition, this flaw affects the tcmu-runner package, where the affected SCSI command is called. (CVE-2020-28374 )

** DISPUTED ** fs/nfsd/nfs3xdr.c in the Linux kernel through 5.10.8, when there is an NFS export of a subdirectory of a filesystem, allows remote attackers to traverse to other parts of the filesystem via READDIRPLUS. NOTE: some parties argue that such a subdirectory export is not intended to prevent this attack; see also the exports(5) no_subtree_check default behavior. (CVE-2021-3178 )

A flaw was found in the Linux kernel. A use-after-free memory flaw in the Fast Userspace Mutexes functionality allowing a local user to crash the system or escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2021-3347 )

nbd_add_socket in drivers/block/nbd.c in the Linux kernel through 5.10.12 has an ndb_queue_rq use-after-free that could be triggered by local attackers (with access to the nbd device) via an I/O request at a certain point during device setup, aka CID-b98e762e3d71. (CVE-2021-3348 )


Affected Packages:

kernel


Issue Correction:
Run yum update kernel to update your system.

New Packages:
i686:
    kernel-4.14.219-119.340.amzn1.i686
    kernel-tools-4.14.219-119.340.amzn1.i686
    kernel-tools-devel-4.14.219-119.340.amzn1.i686
    perf-4.14.219-119.340.amzn1.i686
    perf-debuginfo-4.14.219-119.340.amzn1.i686
    kernel-debuginfo-common-i686-4.14.219-119.340.amzn1.i686
    kernel-headers-4.14.219-119.340.amzn1.i686
    kernel-devel-4.14.219-119.340.amzn1.i686
    kernel-debuginfo-4.14.219-119.340.amzn1.i686
    kernel-tools-debuginfo-4.14.219-119.340.amzn1.i686

src:
    kernel-4.14.219-119.340.amzn1.src

x86_64:
    kernel-headers-4.14.219-119.340.amzn1.x86_64
    kernel-4.14.219-119.340.amzn1.x86_64
    kernel-debuginfo-common-x86_64-4.14.219-119.340.amzn1.x86_64
    kernel-tools-devel-4.14.219-119.340.amzn1.x86_64
    kernel-tools-4.14.219-119.340.amzn1.x86_64
    perf-4.14.219-119.340.amzn1.x86_64
    kernel-devel-4.14.219-119.340.amzn1.x86_64
    kernel-tools-debuginfo-4.14.219-119.340.amzn1.x86_64
    perf-debuginfo-4.14.219-119.340.amzn1.x86_64
    kernel-debuginfo-4.14.219-119.340.amzn1.x86_64