ALAS2KERNEL-5.4-2022-005

An out-of-bounds write flaw was found in the Linux kernel's seq_file in the Filesystem layer. This flaw allows a local attacker with a user privilege to gain access to out-of-bound memory, leading to a system crash or a leak of internal kernel information. The issue results from not validating the size_t-to-int conversion prior to performing operations. The highest threat from this vulnerability is to data integrity, confidentiality and system availability. (CVE-2021-33909)

aarch64:
    kernel-5.4.129-63.229.amzn2.aarch64
    kernel-headers-5.4.129-63.229.amzn2.aarch64
    kernel-debuginfo-common-aarch64-5.4.129-63.229.amzn2.aarch64
    perf-5.4.129-63.229.amzn2.aarch64
    perf-debuginfo-5.4.129-63.229.amzn2.aarch64
    python-perf-5.4.129-63.229.amzn2.aarch64
    python-perf-debuginfo-5.4.129-63.229.amzn2.aarch64
    kernel-tools-5.4.129-63.229.amzn2.aarch64
    kernel-tools-devel-5.4.129-63.229.amzn2.aarch64
    kernel-tools-debuginfo-5.4.129-63.229.amzn2.aarch64
    bpftool-5.4.129-63.229.amzn2.aarch64
    bpftool-debuginfo-5.4.129-63.229.amzn2.aarch64
    kernel-devel-5.4.129-63.229.amzn2.aarch64
    kernel-debuginfo-5.4.129-63.229.amzn2.aarch64

i686:
    kernel-headers-5.4.129-63.229.amzn2.i686

src:
    kernel-5.4.129-63.229.amzn2.src

x86_64:
    kernel-5.4.129-63.229.amzn2.x86_64
    kernel-headers-5.4.129-63.229.amzn2.x86_64
    kernel-debuginfo-common-x86_64-5.4.129-63.229.amzn2.x86_64
    perf-5.4.129-63.229.amzn2.x86_64
    perf-debuginfo-5.4.129-63.229.amzn2.x86_64
    python-perf-5.4.129-63.229.amzn2.x86_64
    python-perf-debuginfo-5.4.129-63.229.amzn2.x86_64
    kernel-tools-5.4.129-63.229.amzn2.x86_64
    kernel-tools-devel-5.4.129-63.229.amzn2.x86_64
    kernel-tools-debuginfo-5.4.129-63.229.amzn2.x86_64
    bpftool-5.4.129-63.229.amzn2.x86_64
    bpftool-debuginfo-5.4.129-63.229.amzn2.x86_64
    kernel-devel-5.4.129-63.229.amzn2.x86_64
    kernel-debuginfo-5.4.129-63.229.amzn2.x86_64