Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

ALAS2KERNEL-5.15-2023-013

Related Vulnerabilities: CVE-2022-47929   CVE-2022-4842   CVE-2023-0179   CVE-2023-0394   CVE-2023-23454   CVE-2023-23455  

In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service (system crash) via a crafted traffic control configuration that is set up with "tc qdisc" and "tc class" commands. This affects qdisc_graft in net/sched/sch_api.c. (CVE-2022-47929) In Linux kernel v5.15 and up there is a NULL Pointer Dereference vulnerability in the NTFS3 driver in the function attr_punch_hole() in fs/ntfs3/attrib.c that could be triggered by any user. (CVE-2022-4842) A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack and heap addresses, and potentially allow Local Privilege Escalation to the root user via arbitrary code execution. (CVE-2023-0179) A NULL pointer dereference flaw was found in rawv6_push_pending_frames in net/ipv6/raw.c in the network subcomponent in the Linux kernel. This flaw causes the system to crash. (CVE-2023-0394) cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results). (CVE-2023-23454) atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results). (CVE-2023-23455)

Source

ALAS2KERNEL-5.15-2023-013

Amazon Linux 2 Security Advisory: ALASKERNEL-5.15-2023-013
Advisory Release Date: 2023-01-31 20:02 Pacific
Advisory Updated Date: 2023-02-08 22:42 Pacific
Severity: Medium
Issue Overview:

In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service (system crash) via a crafted traffic control configuration that is set up with "tc qdisc" and "tc class" commands. This affects qdisc_graft in net/sched/sch_api.c. (CVE-2022-47929)

In Linux kernel v5.15 and up there is a NULL Pointer Dereference vulnerability in the NTFS3 driver in the function attr_punch_hole() in fs/ntfs3/attrib.c that could be triggered by any user. (CVE-2022-4842)

A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack and heap addresses, and potentially allow Local Privilege Escalation to the root user via arbitrary code execution. (CVE-2023-0179)

A NULL pointer dereference flaw was found in rawv6_push_pending_frames in net/ipv6/raw.c in the network subcomponent in the Linux kernel. This flaw causes the system to crash. (CVE-2023-0394)

cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results). (CVE-2023-23454)

atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results). (CVE-2023-23455)


Affected Packages:

kernel


Issue Correction:
pkg_manager = 'yum'Run update kernel to update your system.

New Packages:
aarch64:
    kernel-5.15.90-54.138.amzn2.aarch64
    kernel-headers-5.15.90-54.138.amzn2.aarch64
    kernel-debuginfo-common-aarch64-5.15.90-54.138.amzn2.aarch64
    perf-5.15.90-54.138.amzn2.aarch64
    perf-debuginfo-5.15.90-54.138.amzn2.aarch64
    python-perf-5.15.90-54.138.amzn2.aarch64
    python-perf-debuginfo-5.15.90-54.138.amzn2.aarch64
    kernel-tools-5.15.90-54.138.amzn2.aarch64
    kernel-tools-devel-5.15.90-54.138.amzn2.aarch64
    kernel-tools-debuginfo-5.15.90-54.138.amzn2.aarch64
    bpftool-5.15.90-54.138.amzn2.aarch64
    bpftool-debuginfo-5.15.90-54.138.amzn2.aarch64
    kernel-devel-5.15.90-54.138.amzn2.aarch64
    kernel-debuginfo-5.15.90-54.138.amzn2.aarch64
    kernel-livepatch-5.15.90-54.138-1.0-0.amzn2.aarch64

i686:
    kernel-headers-5.15.90-54.138.amzn2.i686

src:
    kernel-5.15.90-54.138.amzn2.src

x86_64:
    kernel-5.15.90-54.138.amzn2.x86_64
    kernel-headers-5.15.90-54.138.amzn2.x86_64
    kernel-debuginfo-common-x86_64-5.15.90-54.138.amzn2.x86_64
    perf-5.15.90-54.138.amzn2.x86_64
    perf-debuginfo-5.15.90-54.138.amzn2.x86_64
    python-perf-5.15.90-54.138.amzn2.x86_64
    python-perf-debuginfo-5.15.90-54.138.amzn2.x86_64
    kernel-tools-5.15.90-54.138.amzn2.x86_64
    kernel-tools-devel-5.15.90-54.138.amzn2.x86_64
    kernel-tools-debuginfo-5.15.90-54.138.amzn2.x86_64
    bpftool-5.15.90-54.138.amzn2.x86_64
    bpftool-debuginfo-5.15.90-54.138.amzn2.x86_64
    kernel-devel-5.15.90-54.138.amzn2.x86_64
    kernel-debuginfo-5.15.90-54.138.amzn2.x86_64
    kernel-livepatch-5.15.90-54.138-1.0-0.amzn2.x86_64

Additional References

Red Hat: CVE-2022-47929, CVE-2022-4842, CVE-2023-0179, CVE-2023-0394, CVE-2023-23454, CVE-2023-23455

Mitre: CVE-2022-47929, CVE-2022-4842, CVE-2023-0179, CVE-2023-0394, CVE-2023-23454, CVE-2023-23455

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started