Vulmon
Amazon Linux 2 Security Advisory: ALASKERNEL-5.4-2022-026
Advisory Release Date: 2022-06-04 00:07 Pacific
Advisory Updated Date: 2022-06-09 19:17 Pacific
A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi/scsi_ioctl.c in the Linux kernel. This flaw allows a local attacker with a special user privilege (CAP_SYS_ADMIN or CAP_SYS_RAWIO) to create issues with confidentiality. (CVE-2022-0494)
A memory leak flaw was found in the Linux kernel's DMA subsystem, in the way a user calls DMA_FROM_DEVICE. This flaw allows a local user to read random memory from the kernel space. (CVE-2022-0854)
perf: Fix sys_perf_event_open() race against self (CVE-2022-1729)
floppy: disable FDRAWCMD by default (CVE-2022-1836)
The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xs_xprt_free before ensuring that sockets are in the intended state. (CVE-2022-28893)
Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14 and later versions. (CVE-2022-29581)
Affected Packages:
kernel
Issue Correction:
Run yum update kernel to update your system.
aarch64:
kernel-5.4.196-108.356.amzn2.aarch64
kernel-headers-5.4.196-108.356.amzn2.aarch64
kernel-debuginfo-common-aarch64-5.4.196-108.356.amzn2.aarch64
perf-5.4.196-108.356.amzn2.aarch64
perf-debuginfo-5.4.196-108.356.amzn2.aarch64
python-perf-5.4.196-108.356.amzn2.aarch64
python-perf-debuginfo-5.4.196-108.356.amzn2.aarch64
kernel-tools-5.4.196-108.356.amzn2.aarch64
kernel-tools-devel-5.4.196-108.356.amzn2.aarch64
kernel-tools-debuginfo-5.4.196-108.356.amzn2.aarch64
bpftool-5.4.196-108.356.amzn2.aarch64
bpftool-debuginfo-5.4.196-108.356.amzn2.aarch64
kernel-devel-5.4.196-108.356.amzn2.aarch64
kernel-debuginfo-5.4.196-108.356.amzn2.aarch64
i686:
kernel-headers-5.4.196-108.356.amzn2.i686
src:
kernel-5.4.196-108.356.amzn2.src
x86_64:
kernel-5.4.196-108.356.amzn2.x86_64
kernel-headers-5.4.196-108.356.amzn2.x86_64
kernel-debuginfo-common-x86_64-5.4.196-108.356.amzn2.x86_64
perf-5.4.196-108.356.amzn2.x86_64
perf-debuginfo-5.4.196-108.356.amzn2.x86_64
python-perf-5.4.196-108.356.amzn2.x86_64
python-perf-debuginfo-5.4.196-108.356.amzn2.x86_64
kernel-tools-5.4.196-108.356.amzn2.x86_64
kernel-tools-devel-5.4.196-108.356.amzn2.x86_64
kernel-tools-debuginfo-5.4.196-108.356.amzn2.x86_64
bpftool-5.4.196-108.356.amzn2.x86_64
bpftool-debuginfo-5.4.196-108.356.amzn2.x86_64
kernel-devel-5.4.196-108.356.amzn2.x86_64
kernel-debuginfo-5.4.196-108.356.amzn2.x86_64