Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2019-19448 CVE-2019-19770 CVE-2020-12888 CVE-2020-14314 CVE-2020-14385 CVE-2020-14390 CVE-2020-25212 CVE-2020-25284 CVE-2020-25285 CVE-2020-25641

A flaw was found in the Linux kernel's implementation of BTRFS free space management, where the kernel does not correctly manage the lifetime of internal data structures used. An attacker could use this flaw to corrupt memory or escalate privileges. (CVE-2019-19448) A use-after-free flaw was found in the debugfs_remove function in the Linux kernel. The flaw could allow a local attacker with special user (or root) privilege to crash the system at the time of file or directory removal. This vulnerability can lead to a kernel information leak. The highest threat from this vulnerability is to system availability. (CVE-2019-19770) A flaw was found in the Linux kernel, where it allows userspace processes, for example, a guest VM, to directly access h/w devices via its VFIO driver modules. The VFIO modules allow users to enable or disable access to the devices' MMIO memory address spaces. If a user attempts to access the read/write devices' MMIO address space when it is disabled, some h/w devices issue an interrupt to the CPU to indicate a fatal error condition, crashing the system. This flaw allows a guest user or process to crash the host system resulting in a denial of service. (CVE-2020-12888) A memory out-of-bounds read flaw was found in the Linux kernel's ext3/ext4 file system, in the way it accesses a directory with broken indexing. This flaw allows a local user to crash the system if the directory exists. The highest threat from this vulnerability is to system availability. (CVE-2020-14314) A flaw was found in the Linux kernel. A failure of the file system metadata validator in XFS can cause an inode with a valid, user-creatable extended attribute to be flagged as corrupt. This can lead to the filesystem being shutdown, or otherwise rendered inaccessible until it is remounted, leading to a denial of service. The highest threat from this vulnerability is to system availability. (CVE-2020-14385) A flaw was found in the Linux kernel. When changing screen size, an out-of-bounds memory write can occur leading to memory corruption or a denial of service. Due to the nature of the flaw, privilege escalation cannot be fully ruled out. (CVE-2020-14390) A flaw was found in the NFSv4 implementation where when mounting a remote attacker controlled server it could return specially crafted response allow for local memory corruption and possibly privilege escalation. (CVE-2020-25212) A flaw was found in the capabilities check of the rados block device functionality in the Linux kernel. Incorrect capability checks could alllow a local user with root priviledges (but no capabilities) to add or remove Rados Block Devices from the system. (CVE-2020-25284) A flaw was found in the Linux kernels sysctl handling code for hugepages management. When multiple root level processes would write to modify the /proc/sys/vm/nr_hugepages file it could create a race on internal variables leading to a system crash or memory corruption. (CVE-2020-25285) A flaw was found in the Linux kernel's implementation of biovecs. A zero-length biovec request issued by the block subsystem could cause the kernel to enter an infinite loop, causing a denial of service. This flaw allows a local attacker with basic privileges to issue requests to a block device, resulting in a denial of service. The highest threat from this vulnerability is to system availability. (CVE-2020-25641)

Source

ALAS2KERNEL-5.4-2022-016

Amazon Linux 2 Security Advisory: ALASKERNEL-5.4-2022-016
Advisory Release Date: 2022-01-20 19:31 Pacific
Advisory Updated Date: 2022-01-28 17:22 Pacific

Severity: Important

References: CVE-2019-19448 CVE-2019-19770 CVE-2020-12888 CVE-2020-14314 CVE-2020-14385 CVE-2020-14390 CVE-2020-25212 CVE-2020-25284 CVE-2020-25285 CVE-2020-25641

Issue Overview:

A flaw was found in the Linux kernel's implementation of BTRFS free space management, where the kernel does not correctly manage the lifetime of internal data structures used. An attacker could use this flaw to corrupt memory or escalate privileges. (CVE-2019-19448)

A use-after-free flaw was found in the debugfs_remove function in the Linux kernel. The flaw could allow a local attacker with special user (or root) privilege to crash the system at the time of file or directory removal. This vulnerability can lead to a kernel information leak. The highest threat from this vulnerability is to system availability. (CVE-2019-19770)

A flaw was found in the Linux kernel, where it allows userspace processes, for example, a guest VM, to directly access h/w devices via its VFIO driver modules. The VFIO modules allow users to enable or disable access to the devices' MMIO memory address spaces. If a user attempts to access the read/write devices' MMIO address space when it is disabled, some h/w devices issue an interrupt to the CPU to indicate a fatal error condition, crashing the system. This flaw allows a guest user or process to crash the host system resulting in a denial of service. (CVE-2020-12888)

A memory out-of-bounds read flaw was found in the Linux kernel's ext3/ext4 file system, in the way it accesses a directory with broken indexing. This flaw allows a local user to crash the system if the directory exists. The highest threat from this vulnerability is to system availability. (CVE-2020-14314)

A flaw was found in the Linux kernel. A failure of the file system metadata validator in XFS can cause an inode with a valid, user-creatable extended attribute to be flagged as corrupt. This can lead to the filesystem being shutdown, or otherwise rendered inaccessible until it is remounted, leading to a denial of service. The highest threat from this vulnerability is to system availability. (CVE-2020-14385)

A flaw was found in the Linux kernel. When changing screen size, an out-of-bounds memory write can occur leading to memory corruption or a denial of service. Due to the nature of the flaw, privilege escalation cannot be fully ruled out. (CVE-2020-14390)

A flaw was found in the NFSv4 implementation where when mounting a remote attacker controlled server it could return specially crafted response allow for local memory corruption and possibly privilege escalation. (CVE-2020-25212)

A flaw was found in the capabilities check of the rados block device functionality in the Linux kernel. Incorrect capability checks could alllow a local user with root priviledges (but no capabilities) to add or remove Rados Block Devices from the system. (CVE-2020-25284)

A flaw was found in the Linux kernels sysctl handling code for hugepages management. When multiple root level processes would write to modify the /proc/sys/vm/nr_hugepages file it could create a race on internal variables leading to a system crash or memory corruption. (CVE-2020-25285)

A flaw was found in the Linux kernel's implementation of biovecs. A zero-length biovec request issued by the block subsystem could cause the kernel to enter an infinite loop, causing a denial of service. This flaw allows a local attacker with basic privileges to issue requests to a block device, resulting in a denial of service. The highest threat from this vulnerability is to system availability. (CVE-2020-25641)

Affected Packages:

kernel

Issue Correction:
Run yum update kernel to update your system.

New Packages:

aarch64:
    kernel-5.4.68-34.125.amzn2.aarch64
    kernel-headers-5.4.68-34.125.amzn2.aarch64
    kernel-debuginfo-common-aarch64-5.4.68-34.125.amzn2.aarch64
    perf-5.4.68-34.125.amzn2.aarch64
    perf-debuginfo-5.4.68-34.125.amzn2.aarch64
    python-perf-5.4.68-34.125.amzn2.aarch64
    python-perf-debuginfo-5.4.68-34.125.amzn2.aarch64
    kernel-tools-5.4.68-34.125.amzn2.aarch64
    kernel-tools-devel-5.4.68-34.125.amzn2.aarch64
    kernel-tools-debuginfo-5.4.68-34.125.amzn2.aarch64
    kernel-devel-5.4.68-34.125.amzn2.aarch64
    kernel-debuginfo-5.4.68-34.125.amzn2.aarch64

i686:
    kernel-headers-5.4.68-34.125.amzn2.i686

src:
    kernel-5.4.68-34.125.amzn2.src

x86_64:
    kernel-5.4.68-34.125.amzn2.x86_64
    kernel-headers-5.4.68-34.125.amzn2.x86_64
    kernel-debuginfo-common-x86_64-5.4.68-34.125.amzn2.x86_64
    perf-5.4.68-34.125.amzn2.x86_64
    perf-debuginfo-5.4.68-34.125.amzn2.x86_64
    python-perf-5.4.68-34.125.amzn2.x86_64
    python-perf-debuginfo-5.4.68-34.125.amzn2.x86_64
    kernel-tools-5.4.68-34.125.amzn2.x86_64
    kernel-tools-devel-5.4.68-34.125.amzn2.x86_64
    kernel-tools-debuginfo-5.4.68-34.125.amzn2.x86_64
    kernel-devel-5.4.68-34.125.amzn2.x86_64
    kernel-debuginfo-5.4.68-34.125.amzn2.x86_64

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

ALAS2KERNEL-5.4-2022-016

ALAS2KERNEL-5.4-2022-016

Vulmon Search

About

Products

Connect