Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

ALAS2KERNEL-5.10-2023-034

Related Vulnerabilities: CVE-2022-4269   CVE-2023-2156   CVE-2023-3268   CVE-2023-34256   CVE-2023-35788  

A flaw was found in the Linux kernel Traffic Control (TC) subsystem. Using a specific networking configuration (redirecting egress packets to ingress using TC action "mirred") a local unprivileged user could trigger a CPU soft lockup (ABBA deadlock) when the transport protocol in use (TCP or SCTP) does a retransmission, resulting in a denial of service condition. (CVE-2022-4269) A flaw was found in the Linux kernel's networking subsystem within the RPL protocol's handling. This issue results from the improper handling of user-supplied data, which can lead to an assertion failure. This flaw allows an unauthenticated, remote attacker to create a denial of service condition on the system. (CVE-2023-2156) An out of bounds (OOB) memory access flaw was found in the Linux kernel in relay_file_read_start_pos in kernel/relay.c in the relayfs. This flaw could allow a local attacker to crash the system or leak kernel internal information. (CVE-2023-3268) An issue was discovered in the Linux kernel before 6.3.3. There is an out-of-bounds read in crc16 in lib/crc16.c when called from fs/ext4/super.c because ext4_group_desc_csum does not properly check an offset. (CVE-2023-34256) An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. This may result in denial of service or privilege escalation. (CVE-2023-35788)

Source

ALAS2KERNEL-5.10-2023-034

Amazon Linux 2 Security Advisory: ALASKERNEL-5.10-2023-034
Advisory Release Date: 2023-06-21 19:12 Pacific
Advisory Updated Date: 2023-06-29 18:08 Pacific
Severity: Important
Issue Overview:

A flaw was found in the Linux kernel Traffic Control (TC) subsystem. Using a specific networking configuration (redirecting egress packets to ingress using TC action "mirred") a local unprivileged user could trigger a CPU soft lockup (ABBA deadlock) when the transport protocol in use (TCP or SCTP) does a retransmission, resulting in a denial of service condition. (CVE-2022-4269)

A flaw was found in the Linux kernel's networking subsystem within the RPL protocol's handling. This issue results from the improper handling of user-supplied data, which can lead to an assertion failure. This flaw allows an unauthenticated, remote attacker to create a denial of service condition on the system. (CVE-2023-2156)

An out of bounds (OOB) memory access flaw was found in the Linux kernel in relay_file_read_start_pos in kernel/relay.c in the relayfs. This flaw could allow a local attacker to crash the system or leak kernel internal information. (CVE-2023-3268)

An issue was discovered in the Linux kernel before 6.3.3. There is an out-of-bounds read in crc16 in lib/crc16.c when called from fs/ext4/super.c because ext4_group_desc_csum does not properly check an offset. (CVE-2023-34256)

An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. This may result in denial of service or privilege escalation. (CVE-2023-35788)


Affected Packages:

kernel


Issue Correction:
Run yum update kernel to update your system.

New Packages:
aarch64:
    kernel-5.10.184-174.730.amzn2.aarch64
    kernel-headers-5.10.184-174.730.amzn2.aarch64
    kernel-debuginfo-common-aarch64-5.10.184-174.730.amzn2.aarch64
    perf-5.10.184-174.730.amzn2.aarch64
    perf-debuginfo-5.10.184-174.730.amzn2.aarch64
    python-perf-5.10.184-174.730.amzn2.aarch64
    python-perf-debuginfo-5.10.184-174.730.amzn2.aarch64
    kernel-tools-5.10.184-174.730.amzn2.aarch64
    kernel-tools-devel-5.10.184-174.730.amzn2.aarch64
    kernel-tools-debuginfo-5.10.184-174.730.amzn2.aarch64
    bpftool-5.10.184-174.730.amzn2.aarch64
    bpftool-debuginfo-5.10.184-174.730.amzn2.aarch64
    kernel-devel-5.10.184-174.730.amzn2.aarch64
    kernel-debuginfo-5.10.184-174.730.amzn2.aarch64
    kernel-livepatch-5.10.184-174.730-1.0-0.amzn2.aarch64

i686:
    kernel-headers-5.10.184-174.730.amzn2.i686

src:
    kernel-5.10.184-174.730.amzn2.src

x86_64:
    kernel-5.10.184-174.730.amzn2.x86_64
    kernel-headers-5.10.184-174.730.amzn2.x86_64
    kernel-debuginfo-common-x86_64-5.10.184-174.730.amzn2.x86_64
    perf-5.10.184-174.730.amzn2.x86_64
    perf-debuginfo-5.10.184-174.730.amzn2.x86_64
    python-perf-5.10.184-174.730.amzn2.x86_64
    python-perf-debuginfo-5.10.184-174.730.amzn2.x86_64
    kernel-tools-5.10.184-174.730.amzn2.x86_64
    kernel-tools-devel-5.10.184-174.730.amzn2.x86_64
    kernel-tools-debuginfo-5.10.184-174.730.amzn2.x86_64
    bpftool-5.10.184-174.730.amzn2.x86_64
    bpftool-debuginfo-5.10.184-174.730.amzn2.x86_64
    kernel-devel-5.10.184-174.730.amzn2.x86_64
    kernel-debuginfo-5.10.184-174.730.amzn2.x86_64
    kernel-livepatch-5.10.184-174.730-1.0-0.amzn2.x86_64

Additional References

Red Hat: CVE-2022-4269, CVE-2023-2156, CVE-2023-3268, CVE-2023-34256, CVE-2023-35788

Mitre: CVE-2022-4269, CVE-2023-2156, CVE-2023-3268, CVE-2023-34256, CVE-2023-35788

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started