Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

ALAS2KERNEL-5.4-2022-037

Related Vulnerabilities: CVE-2022-23816   CVE-2022-2602   CVE-2022-29900   CVE-2022-29901   CVE-2022-3303   CVE-2022-39842  

A flaw was found in hw. Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions. (CVE-2022-23816) A use-after-free flaw was found in the Linux kernel's Unix socket Garbage Collection and io_uring. This flaw allows a local user to crash or potentially escalate their privileges on the system. (CVE-2022-2602) A flaw was found in hw. Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions. (CVE-2022-29900) A flaw was found in hw. Non-transparent sharing of branch predictor targets between contexts in some Intel(R) processors may potentially allow an authorized user to enable information disclosure via local access. (CVE-2022-29901) A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or member of the audio group) could use this flaw to crash the system, resulting in a denial of service condition. (CVE-2022-3303) An issue was discovered in the Linux kernel before 5.19. In pxa3xx_gcu_write in drivers/video/fbdev/pxa3xx-gcu.c, the count parameter has a type conflict of size_t versus int, causing an integer overflow and bypassing the size check. After that, because it is used as the third argument to copy_from_user(), a heap overflow may occur. (CVE-2022-39842)

Source

ALAS2KERNEL-5.4-2022-037

Amazon Linux 2 Security Advisory: ALASKERNEL-5.4-2022-037
Advisory Release Date: 2022-10-17 22:06 Pacific
Advisory Updated Date: 2022-10-25 16:25 Pacific
Severity: Medium
Issue Overview:

A flaw was found in hw. Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions. (CVE-2022-23816)

A use-after-free flaw was found in the Linux kernel's Unix socket Garbage Collection and io_uring. This flaw allows a local user to crash or potentially escalate their privileges on the system. (CVE-2022-2602)

A flaw was found in hw. Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions. (CVE-2022-29900)

A flaw was found in hw. Non-transparent sharing of branch predictor targets between contexts in some Intel(R) processors may potentially allow an authorized user to enable information disclosure via local access. (CVE-2022-29901)

A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or member of the audio group) could use this flaw to crash the system, resulting in a denial of service condition. (CVE-2022-3303)

An issue was discovered in the Linux kernel before 5.19. In pxa3xx_gcu_write in drivers/video/fbdev/pxa3xx-gcu.c, the count parameter has a type conflict of size_t versus int, causing an integer overflow and bypassing the size check. After that, because it is used as the third argument to copy_from_user(), a heap overflow may occur. (CVE-2022-39842)


Affected Packages:

kernel


Issue Correction:
Run yum update kernel to update your system.

New Packages:
aarch64:
    kernel-5.4.217-126.408.amzn2.aarch64
    kernel-headers-5.4.217-126.408.amzn2.aarch64
    kernel-debuginfo-common-aarch64-5.4.217-126.408.amzn2.aarch64
    perf-5.4.217-126.408.amzn2.aarch64
    perf-debuginfo-5.4.217-126.408.amzn2.aarch64
    python-perf-5.4.217-126.408.amzn2.aarch64
    python-perf-debuginfo-5.4.217-126.408.amzn2.aarch64
    kernel-tools-5.4.217-126.408.amzn2.aarch64
    kernel-tools-devel-5.4.217-126.408.amzn2.aarch64
    kernel-tools-debuginfo-5.4.217-126.408.amzn2.aarch64
    bpftool-5.4.217-126.408.amzn2.aarch64
    bpftool-debuginfo-5.4.217-126.408.amzn2.aarch64
    kernel-devel-5.4.217-126.408.amzn2.aarch64
    kernel-debuginfo-5.4.217-126.408.amzn2.aarch64

i686:
    kernel-headers-5.4.217-126.408.amzn2.i686

src:
    kernel-5.4.217-126.408.amzn2.src

x86_64:
    kernel-5.4.217-126.408.amzn2.x86_64
    kernel-headers-5.4.217-126.408.amzn2.x86_64
    kernel-debuginfo-common-x86_64-5.4.217-126.408.amzn2.x86_64
    perf-5.4.217-126.408.amzn2.x86_64
    perf-debuginfo-5.4.217-126.408.amzn2.x86_64
    python-perf-5.4.217-126.408.amzn2.x86_64
    python-perf-debuginfo-5.4.217-126.408.amzn2.x86_64
    kernel-tools-5.4.217-126.408.amzn2.x86_64
    kernel-tools-devel-5.4.217-126.408.amzn2.x86_64
    kernel-tools-debuginfo-5.4.217-126.408.amzn2.x86_64
    bpftool-5.4.217-126.408.amzn2.x86_64
    bpftool-debuginfo-5.4.217-126.408.amzn2.x86_64
    kernel-devel-5.4.217-126.408.amzn2.x86_64
    kernel-debuginfo-5.4.217-126.408.amzn2.x86_64

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started