Amazon Linux 2 Security Advisory: ALASKERNEL-5.4-2023-055
Advisory Release Date: 2023-10-31 00:16 Pacific
Advisory Updated Date: 2023-11-01 00:49 Pacific
FAQs regarding Amazon Linux ALAS/CVE Severity
An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux kernel 6.2. There is a divide-by-zero error in do_div(sz,mtd->erasesize), used indirectly by ctrl_cdev_ioctl, when mtd->erasesize is 0. (CVE-2023-31085)
A flaw in the kernel Xen event handler can cause a deadlock with Xen console handling in unprivileged Xen guests. (CVE-2023-34324)
ipv4: fix null-deref in ipv4_link_failure
NOTE: https://www.openwall.com/lists/oss-security/2023/10/02/8
NOTE: https://git.kernel.org/linus/0113d9c9d1ccc07f5a3710dac4aa24b6d711278c (6.6-rc3) (CVE-2023-42754)
Affected Packages:
kernel
Issue Correction:
Run yum update kernel to update your system.
aarch64:
kernel-5.4.258-171.360.amzn2.aarch64
kernel-headers-5.4.258-171.360.amzn2.aarch64
kernel-debuginfo-common-aarch64-5.4.258-171.360.amzn2.aarch64
perf-5.4.258-171.360.amzn2.aarch64
perf-debuginfo-5.4.258-171.360.amzn2.aarch64
python-perf-5.4.258-171.360.amzn2.aarch64
python-perf-debuginfo-5.4.258-171.360.amzn2.aarch64
kernel-tools-5.4.258-171.360.amzn2.aarch64
kernel-tools-devel-5.4.258-171.360.amzn2.aarch64
kernel-tools-debuginfo-5.4.258-171.360.amzn2.aarch64
bpftool-5.4.258-171.360.amzn2.aarch64
bpftool-debuginfo-5.4.258-171.360.amzn2.aarch64
kernel-devel-5.4.258-171.360.amzn2.aarch64
kernel-debuginfo-5.4.258-171.360.amzn2.aarch64
i686:
kernel-headers-5.4.258-171.360.amzn2.i686
src:
kernel-5.4.258-171.360.amzn2.src
x86_64:
kernel-5.4.258-171.360.amzn2.x86_64
kernel-headers-5.4.258-171.360.amzn2.x86_64
kernel-debuginfo-common-x86_64-5.4.258-171.360.amzn2.x86_64
perf-5.4.258-171.360.amzn2.x86_64
perf-debuginfo-5.4.258-171.360.amzn2.x86_64
python-perf-5.4.258-171.360.amzn2.x86_64
python-perf-debuginfo-5.4.258-171.360.amzn2.x86_64
kernel-tools-5.4.258-171.360.amzn2.x86_64
kernel-tools-devel-5.4.258-171.360.amzn2.x86_64
kernel-tools-debuginfo-5.4.258-171.360.amzn2.x86_64
bpftool-5.4.258-171.360.amzn2.x86_64
bpftool-debuginfo-5.4.258-171.360.amzn2.x86_64
kernel-devel-5.4.258-171.360.amzn2.x86_64
kernel-debuginfo-5.4.258-171.360.amzn2.x86_64