Amazon Linux 2 Security Advisory: ALASKERNEL-5.10-2023-026
Advisory Release Date: 2023-01-31 20:02 Pacific
Advisory Updated Date: 2023-02-08 22:43 Pacific
In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service (system crash) via a crafted traffic control configuration that is set up with "tc qdisc" and "tc class" commands. This affects qdisc_graft in net/sched/sch_api.c. (CVE-2022-47929)
A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack and heap addresses, and potentially allow Local Privilege Escalation to the root user via arbitrary code execution. (CVE-2023-0179)
A NULL pointer dereference flaw was found in rawv6_push_pending_frames in net/ipv6/raw.c in the network subcomponent in the Linux kernel. This flaw causes the system to crash. (CVE-2023-0394)
cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results). (CVE-2023-23454)
atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results). (CVE-2023-23455)
Affected Packages:
kernel
Issue Correction:
pkg_manager = 'yum'Run update kernel to update your system.
aarch64:
kernel-5.10.165-143.735.amzn2.aarch64
kernel-headers-5.10.165-143.735.amzn2.aarch64
kernel-debuginfo-common-aarch64-5.10.165-143.735.amzn2.aarch64
perf-5.10.165-143.735.amzn2.aarch64
perf-debuginfo-5.10.165-143.735.amzn2.aarch64
python-perf-5.10.165-143.735.amzn2.aarch64
python-perf-debuginfo-5.10.165-143.735.amzn2.aarch64
kernel-tools-5.10.165-143.735.amzn2.aarch64
kernel-tools-devel-5.10.165-143.735.amzn2.aarch64
kernel-tools-debuginfo-5.10.165-143.735.amzn2.aarch64
bpftool-5.10.165-143.735.amzn2.aarch64
bpftool-debuginfo-5.10.165-143.735.amzn2.aarch64
kernel-devel-5.10.165-143.735.amzn2.aarch64
kernel-debuginfo-5.10.165-143.735.amzn2.aarch64
kernel-livepatch-5.10.165-143.735-1.0-0.amzn2.aarch64
i686:
kernel-headers-5.10.165-143.735.amzn2.i686
src:
kernel-5.10.165-143.735.amzn2.src
x86_64:
kernel-5.10.165-143.735.amzn2.x86_64
kernel-headers-5.10.165-143.735.amzn2.x86_64
kernel-debuginfo-common-x86_64-5.10.165-143.735.amzn2.x86_64
perf-5.10.165-143.735.amzn2.x86_64
perf-debuginfo-5.10.165-143.735.amzn2.x86_64
python-perf-5.10.165-143.735.amzn2.x86_64
python-perf-debuginfo-5.10.165-143.735.amzn2.x86_64
kernel-tools-5.10.165-143.735.amzn2.x86_64
kernel-tools-devel-5.10.165-143.735.amzn2.x86_64
kernel-tools-debuginfo-5.10.165-143.735.amzn2.x86_64
bpftool-5.10.165-143.735.amzn2.x86_64
bpftool-debuginfo-5.10.165-143.735.amzn2.x86_64
kernel-devel-5.10.165-143.735.amzn2.x86_64
kernel-debuginfo-5.10.165-143.735.amzn2.x86_64
kernel-livepatch-5.10.165-143.735-1.0-0.amzn2.x86_64