Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2023-6932

A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to achieve local privilege escalation. A race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object which is freed by another thread. We recommend upgrading past commit e2b706c691905fe78468c361aaabc719d0a496f1. (CVE-2023-6932)

Source

ALAS-2024-1899

Amazon Linux 1 Security Advisory: ALAS-2024-1899
Advisory Release Date: 2024-01-03 22:37 Pacific
Advisory Updated Date: 2024-01-08 21:23 Pacific

Severity: Important

References: CVE-2023-6932
FAQs regarding Amazon Linux ALAS/CVE Severity

Issue Overview:

A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to achieve local privilege escalation.

A race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object which is freed by another thread.

We recommend upgrading past commit e2b706c691905fe78468c361aaabc719d0a496f1. (CVE-2023-6932)

Affected Packages:

kernel

Issue Correction:
"Run yum update kernel to update your system.
"

New Packages:

i686:
    perf-debuginfo-4.14.334-177.552.amzn1.i686
    kernel-tools-devel-4.14.334-177.552.amzn1.i686
    kernel-tools-debuginfo-4.14.334-177.552.amzn1.i686
    kernel-headers-4.14.334-177.552.amzn1.i686
    kernel-4.14.334-177.552.amzn1.i686
    kernel-devel-4.14.334-177.552.amzn1.i686
    kernel-debuginfo-4.14.334-177.552.amzn1.i686
    kernel-tools-4.14.334-177.552.amzn1.i686
    perf-4.14.334-177.552.amzn1.i686
    kernel-debuginfo-common-i686-4.14.334-177.552.amzn1.i686

src:
    kernel-4.14.334-177.552.amzn1.src

x86_64:
    perf-4.14.334-177.552.amzn1.x86_64
    kernel-tools-debuginfo-4.14.334-177.552.amzn1.x86_64
    kernel-tools-4.14.334-177.552.amzn1.x86_64
    kernel-tools-devel-4.14.334-177.552.amzn1.x86_64
    kernel-debuginfo-common-x86_64-4.14.334-177.552.amzn1.x86_64
    kernel-headers-4.14.334-177.552.amzn1.x86_64
    perf-debuginfo-4.14.334-177.552.amzn1.x86_64
    kernel-4.14.334-177.552.amzn1.x86_64
    kernel-devel-4.14.334-177.552.amzn1.x86_64
    kernel-debuginfo-4.14.334-177.552.amzn1.x86_64

Additional References

Red Hat: CVE-2023-6932

Mitre: CVE-2023-6932

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

ALAS-2024-1899

ALAS-2024-1899

Additional References

Vulmon Search

About

Products

Connect