Vulmon
Amazon Linux 2 Security Advisory: ALASKERNEL-5.4-2023-044
Advisory Release Date: 2023-04-27 17:42 Pacific
Advisory Updated Date: 2023-05-01 19:12 Pacific
FAQs regarding Amazon Linux ALAS/CVE Severity
A double-free flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user registers the device when the register_netdevice function fails (NETDEV_REGISTER notifier). This flaw allows a local user to crash or potentially escalate their privileges on the system. (CVE-2022-4744)
A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. (CVE-2023-0590)
An out-of-bounds memory access flaw was found in the Linux kernel's XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user to crash or potentially escalate their privileges on the system. (CVE-2023-2124)
do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition (with a resultant use-after-free or NULL pointer dereference). (CVE-2023-28466)
Affected Packages:
kernel
Issue Correction:
Run yum update kernel to update your system.
aarch64:
kernel-5.4.241-150.347.amzn2.aarch64
kernel-headers-5.4.241-150.347.amzn2.aarch64
kernel-debuginfo-common-aarch64-5.4.241-150.347.amzn2.aarch64
perf-5.4.241-150.347.amzn2.aarch64
perf-debuginfo-5.4.241-150.347.amzn2.aarch64
python-perf-5.4.241-150.347.amzn2.aarch64
python-perf-debuginfo-5.4.241-150.347.amzn2.aarch64
kernel-tools-5.4.241-150.347.amzn2.aarch64
kernel-tools-devel-5.4.241-150.347.amzn2.aarch64
kernel-tools-debuginfo-5.4.241-150.347.amzn2.aarch64
bpftool-5.4.241-150.347.amzn2.aarch64
bpftool-debuginfo-5.4.241-150.347.amzn2.aarch64
kernel-devel-5.4.241-150.347.amzn2.aarch64
kernel-debuginfo-5.4.241-150.347.amzn2.aarch64
i686:
kernel-headers-5.4.241-150.347.amzn2.i686
src:
kernel-5.4.241-150.347.amzn2.src
x86_64:
kernel-5.4.241-150.347.amzn2.x86_64
kernel-headers-5.4.241-150.347.amzn2.x86_64
kernel-debuginfo-common-x86_64-5.4.241-150.347.amzn2.x86_64
perf-5.4.241-150.347.amzn2.x86_64
perf-debuginfo-5.4.241-150.347.amzn2.x86_64
python-perf-5.4.241-150.347.amzn2.x86_64
python-perf-debuginfo-5.4.241-150.347.amzn2.x86_64
kernel-tools-5.4.241-150.347.amzn2.x86_64
kernel-tools-devel-5.4.241-150.347.amzn2.x86_64
kernel-tools-debuginfo-5.4.241-150.347.amzn2.x86_64
bpftool-5.4.241-150.347.amzn2.x86_64
bpftool-debuginfo-5.4.241-150.347.amzn2.x86_64
kernel-devel-5.4.241-150.347.amzn2.x86_64
kernel-debuginfo-5.4.241-150.347.amzn2.x86_64