Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2021-28711 CVE-2021-28712 CVE-2021-28713 CVE-2021-28714 CVE-2021-28715 CVE-2021-4135 CVE-2021-4155 CVE-2021-43975 CVE-2022-0185

A denial of service flaw for virtual machine guests in the Linux kernel's Xen hypervisor subsystem was found in the way users call some interrupts with high frequency from one of the guests.A local user could use this flaw to starve the resources resulting in a denial of service. (CVE-2021-28711) A denial of service flaw for virtual machine guests in the Linux kernel's Xen hypervisor subsystem was found in the way users call some interrupts with high frequency from one of the guests.A local user could use this flaw to starve the resources resulting in a denial of service. (CVE-2021-28712) A denial of service flaw for virtual machine guests in the Linux kernel's Xen hypervisor subsystem was found in the way users call some interrupts with high frequency from one of the guests.A local user could use this flaw to starve the resources resulting in a denial of service. (CVE-2021-28713) Incoming data packets for a guest in the Linux kernel's netback driver are buffered until the guest is ready to process them. There are some measures taken for avoiding to pile up too much data, but those can be bypassed by the guest: The timeout could even never trigger if the guest manages to have only one free slot in its RX queue ring page and the next package would require more than one free slot, which may be the case when using GSO, XDP, or software hashing. (CVE-2021-28714) Incoming data packets for a guest in the Linux kernel's netback driver are buffered until the guest is ready to process them. There are some measures taken for avoiding to pile up too much data, but those can be bypassed by the guest: There is a timeout how long the client side of an interface can stop consuming new packets before it is assumed to have stalled, but this timeout is rather long (60 seconds by default). Using a UDP connection on a fast interface can easily accumulate gigabytes of data in that time. (CVE-2021-28715) A flaw memory leak in the Linux kernel's eBPF for the Simulated networking device driver in the way user uses BPF for the device such that function nsim_map_alloc_elem being called. A local user could use this flaw to get unauthorized access to some data. (CVE-2021-4135) A data leak flaw was found in the way XFS_IOC_ALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS filesystem otherwise not accessible to them. (CVE-2021-4155) An out-of-bounds write flaw was found in the Linux kernel's Aquantia AQtion Ethernet card Atlantic driver in the way the ethernet card provides malicious input to the driver. This flaw allows a local user to emulate the networking device and crash the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. (CVE-2021-43975) A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length. An unprivileged (in case of unprivileged user namespaces enabled, otherwise needs namespaced CAP_SYS_ADMIN privilege) local user able to open a filesystem that does not support the Filesystem Context API (and thus fallbacks to legacy handling) could use this flaw to escalate their privileges on the system. (CVE-2022-0185)

Source

ALAS2KERNEL-5.4-2022-021

Amazon Linux 2 Security Advisory: ALASKERNEL-5.4-2022-021
Advisory Release Date: 2022-01-26 00:54 Pacific
Advisory Updated Date: 2022-01-28 17:21 Pacific

Severity: Important

References: CVE-2021-28711 CVE-2021-28712 CVE-2021-28713 CVE-2021-28714 CVE-2021-28715 CVE-2021-4135 CVE-2021-4155 CVE-2021-43975 CVE-2022-0185

Issue Overview:

A denial of service flaw for virtual machine guests in the Linux kernel's Xen hypervisor subsystem was found in the way users call some interrupts with high frequency from one of the guests.
A local user could use this flaw to starve the resources resulting in a denial of service. (CVE-2021-28711)

A denial of service flaw for virtual machine guests in the Linux kernel's Xen hypervisor subsystem was found in the way users call some interrupts with high frequency from one of the guests.
A local user could use this flaw to starve the resources resulting in a denial of service. (CVE-2021-28712)

A denial of service flaw for virtual machine guests in the Linux kernel's Xen hypervisor subsystem was found in the way users call some interrupts with high frequency from one of the guests.
A local user could use this flaw to starve the resources resulting in a denial of service. (CVE-2021-28713)

Incoming data packets for a guest in the Linux kernel's netback driver are buffered until the guest is ready to process them. There are some measures taken for avoiding to pile up too much data, but those can be bypassed by the guest: The timeout could even never trigger if the guest manages to have only one free slot in its RX queue ring page and the next package would require more than one free slot, which may be the case when using GSO, XDP, or software hashing. (CVE-2021-28714)

Incoming data packets for a guest in the Linux kernel's netback driver are buffered until the guest is ready to process them. There are some measures taken for avoiding to pile up too much data, but those can be bypassed by the guest: There is a timeout how long the client side of an interface can stop consuming new packets before it is assumed to have stalled, but this timeout is rather long (60 seconds by default). Using a UDP connection on a fast interface can easily accumulate gigabytes of data in that time. (CVE-2021-28715)

A flaw memory leak in the Linux kernel's eBPF for the Simulated networking device driver in the way user uses BPF for the device such that function nsim_map_alloc_elem being called. A local user could use this flaw to get unauthorized access to some data. (CVE-2021-4135)

A data leak flaw was found in the way XFS_IOC_ALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS filesystem otherwise not accessible to them. (CVE-2021-4155)

An out-of-bounds write flaw was found in the Linux kernel's Aquantia AQtion Ethernet card Atlantic driver in the way the ethernet card provides malicious input to the driver. This flaw allows a local user to emulate the networking device and crash the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. (CVE-2021-43975)

A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length. An unprivileged (in case of unprivileged user namespaces enabled, otherwise needs namespaced CAP_SYS_ADMIN privilege) local user able to open a filesystem that does not support the Filesystem Context API (and thus fallbacks to legacy handling) could use this flaw to escalate their privileges on the system. (CVE-2022-0185)

Affected Packages:

kernel

Issue Correction:
Run yum update kernel to update your system.

New Packages:

aarch64:
    kernel-5.4.172-90.336.amzn2.aarch64
    kernel-headers-5.4.172-90.336.amzn2.aarch64
    kernel-debuginfo-common-aarch64-5.4.172-90.336.amzn2.aarch64
    perf-5.4.172-90.336.amzn2.aarch64
    perf-debuginfo-5.4.172-90.336.amzn2.aarch64
    python-perf-5.4.172-90.336.amzn2.aarch64
    python-perf-debuginfo-5.4.172-90.336.amzn2.aarch64
    kernel-tools-5.4.172-90.336.amzn2.aarch64
    kernel-tools-devel-5.4.172-90.336.amzn2.aarch64
    kernel-tools-debuginfo-5.4.172-90.336.amzn2.aarch64
    bpftool-5.4.172-90.336.amzn2.aarch64
    bpftool-debuginfo-5.4.172-90.336.amzn2.aarch64
    kernel-devel-5.4.172-90.336.amzn2.aarch64
    kernel-debuginfo-5.4.172-90.336.amzn2.aarch64

i686:
    kernel-headers-5.4.172-90.336.amzn2.i686

src:
    kernel-5.4.172-90.336.amzn2.src

x86_64:
    kernel-5.4.172-90.336.amzn2.x86_64
    kernel-headers-5.4.172-90.336.amzn2.x86_64
    kernel-debuginfo-common-x86_64-5.4.172-90.336.amzn2.x86_64
    perf-5.4.172-90.336.amzn2.x86_64
    perf-debuginfo-5.4.172-90.336.amzn2.x86_64
    python-perf-5.4.172-90.336.amzn2.x86_64
    python-perf-debuginfo-5.4.172-90.336.amzn2.x86_64
    kernel-tools-5.4.172-90.336.amzn2.x86_64
    kernel-tools-devel-5.4.172-90.336.amzn2.x86_64
    kernel-tools-debuginfo-5.4.172-90.336.amzn2.x86_64
    bpftool-5.4.172-90.336.amzn2.x86_64
    bpftool-debuginfo-5.4.172-90.336.amzn2.x86_64
    kernel-devel-5.4.172-90.336.amzn2.x86_64
    kernel-debuginfo-5.4.172-90.336.amzn2.x86_64

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

ALAS2KERNEL-5.4-2022-021

ALAS2KERNEL-5.4-2022-021

Vulmon Search

About

Products

Connect