Amazon Linux AMI Security Advisory: ALAS-2023-1827
Advisory Release Date: 2023-09-13 23:15 Pacific
Advisory Updated Date: 2023-09-25 20:12 Pacific
A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nf_tables_api.c.
Mishandled error handling with NFT_MSG_NEWRULE makes it possible to use a dangling pointer in the same transaction causing a use-after-free vulnerability. This flaw allows a local attacker with user access to cause a privilege escalation issue.
We recommend upgrading past commit 1240eb93f0616b21c675416516ff3d74798fdc97. (CVE-2023-3390)
Affected Packages:
kernel
Issue Correction:
Run yum update kernel to update your system.
i686:
perf-debuginfo-4.14.322-170.535.amzn1.i686
kernel-devel-4.14.322-170.535.amzn1.i686
kernel-tools-debuginfo-4.14.322-170.535.amzn1.i686
kernel-debuginfo-4.14.322-170.535.amzn1.i686
kernel-tools-devel-4.14.322-170.535.amzn1.i686
kernel-debuginfo-common-i686-4.14.322-170.535.amzn1.i686
perf-4.14.322-170.535.amzn1.i686
kernel-tools-4.14.322-170.535.amzn1.i686
kernel-4.14.322-170.535.amzn1.i686
kernel-headers-4.14.322-170.535.amzn1.i686
src:
kernel-4.14.322-170.535.amzn1.src
x86_64:
kernel-debuginfo-common-x86_64-4.14.322-170.535.amzn1.x86_64
kernel-debuginfo-4.14.322-170.535.amzn1.x86_64
perf-debuginfo-4.14.322-170.535.amzn1.x86_64
kernel-devel-4.14.322-170.535.amzn1.x86_64
perf-4.14.322-170.535.amzn1.x86_64
kernel-4.14.322-170.535.amzn1.x86_64
kernel-headers-4.14.322-170.535.amzn1.x86_64
kernel-tools-4.14.322-170.535.amzn1.x86_64
kernel-tools-devel-4.14.322-170.535.amzn1.x86_64
kernel-tools-debuginfo-4.14.322-170.535.amzn1.x86_64