Vulmon
Amazon Linux AMI Security Advisory: ALAS-2019-1232
Advisory Release Date: 2019-07-17 23:18 Pacific
Advisory Updated Date: 2019-09-18 21:19 Pacific
Severity:
Important
Issue Overview:
An infinite loop issue was found in the vhost_net kernel module while handling incoming packets in handle_rx(). The infinite loop could occur if one end sends packets faster than the other end can process them. A guest user, maybe a remote one, could use this flaw to stall the vhost_net kernel thread, resulting in a DoS scenario.(CVE-2019-3900)
A flaw was found in the Linux kernel where the coredump implementation does not use locking or other mechanisms to prevent vma layout or vma flags changes while it runs. This allows local users to obtain sensitive information, cause a denial of service (DoS), or possibly have unspecified other impact by triggering a race condition with mmget_not_zero or get_task_mm calls.(CVE-2019-11599)
Affected Packages:
kernel
Issue Correction:
Run yum update kernel to update your system.
New Packages:
i686:
perf-4.14.133-88.105.amzn1.i686
kernel-debuginfo-4.14.133-88.105.amzn1.i686
kernel-tools-debuginfo-4.14.133-88.105.amzn1.i686
kernel-tools-4.14.133-88.105.amzn1.i686
perf-debuginfo-4.14.133-88.105.amzn1.i686
kernel-headers-4.14.133-88.105.amzn1.i686
kernel-debuginfo-common-i686-4.14.133-88.105.amzn1.i686
kernel-4.14.133-88.105.amzn1.i686
kernel-devel-4.14.133-88.105.amzn1.i686
kernel-tools-devel-4.14.133-88.105.amzn1.i686
src:
kernel-4.14.133-88.105.amzn1.src
x86_64:
kernel-headers-4.14.133-88.105.amzn1.x86_64
kernel-devel-4.14.133-88.105.amzn1.x86_64
perf-4.14.133-88.105.amzn1.x86_64
perf-debuginfo-4.14.133-88.105.amzn1.x86_64
kernel-debuginfo-4.14.133-88.105.amzn1.x86_64
kernel-tools-devel-4.14.133-88.105.amzn1.x86_64
kernel-4.14.133-88.105.amzn1.x86_64
kernel-tools-4.14.133-88.105.amzn1.x86_64
kernel-tools-debuginfo-4.14.133-88.105.amzn1.x86_64
kernel-debuginfo-common-x86_64-4.14.133-88.105.amzn1.x86_64