[ALAS-2019-1253] Amazon Linux AMI 2014.03 - ALAS-2019-1253: medium priority package update for kernel
Severity
Medium
Affected Packages
20
CVEs
1
Package updates are available for Amazon Linux AMI that fix the following vulnerabilities:
CVE-2019-1125:
A Spectre gadget was found in the Linux kernel's implementation of system interrupts. An attacker with local access could use this information to reveal private data through a Spectre like side channel.
1724389:
CVE-2019-1125 kernel: hw: Spectre SWAPGS gadget vulnerability
- ID
- ALAS-2019-1253
- Severity
- medium
- URL
- https://alas.aws.amazon.com/ALAS-2019-1253.html
- Published
-
2019-08-05T17:40:00
(5 years ago) - Modified
-
2019-08-12T18:10:00
(5 years ago) - Rights
- Amazon Linux Security Team
- Other Advisories
-
-
ALAS2-2019-1253
-
DSA-4495-1
-
DSA-4497-1
-
ELSA-2019-2411
-
ELSA-2019-2473
-
ELSA-2019-2600
-
ELSA-2019-4733
-
ELSA-2019-4735
-
ELSA-2019-4746
-
ELSA-2019-4775
-
ELSA-2019-4777
-
FEDORA-2019-6bda4c81f4
-
FEDORA-2019-e37c348348
-
MS:CVE-2019-1125
-
openSUSE-SU-2019:1923-1
-
openSUSE-SU-2019:1924-1
-
RHSA-2019:2405
-
RHSA-2019:2411
-
RHSA-2019:2473
-
RHSA-2019:2600
-
RHSA-2019:2609
-
SSA:2019-226-01
-
SUSE-SU-2019:2068-1
-
SUSE-SU-2019:2069-1
-
SUSE-SU-2019:2070-1
-
SUSE-SU-2019:2071-1
-
SUSE-SU-2019:2072-1
-
SUSE-SU-2019:2073-1
-
SUSE-SU-2019:2262-1
-
SUSE-SU-2019:2263-1
-
SUSE-SU-2019:2299-1
-
SUSE-SU-2019:2430-1
-
SUSE-SU-2019:2450-1
-
USN-4093-1
-
USN-4094-1
-
USN-4095-1
-
USN-4095-2
-
USN-4096-1
-
| Source | # ID | Name | URL |
|---|---|---|---|
| CVE | CVE-2019-1125 |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/amazonlinux/perf?arch=x86_64&distro=amazonlinux-1 | amazonlinux |
 perf
|
< 4.14.133-88.112.amzn1 | amazonlinux-1 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/perf?arch=i686&distro=amazonlinux-1 | amazonlinux |
perf
|
< 4.14.133-88.112.amzn1 | amazonlinux-1 | i686 | |
| Affected | pkg:rpm/amazonlinux/perf-debuginfo?arch=x86_64&distro=amazonlinux-1 | amazonlinux |
perf-debuginfo
|
< 4.14.133-88.112.amzn1 | amazonlinux-1 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/perf-debuginfo?arch=i686&distro=amazonlinux-1 | amazonlinux |
perf-debuginfo
|
< 4.14.133-88.112.amzn1 | amazonlinux-1 | i686 | |
| Affected | pkg:rpm/amazonlinux/kernel?arch=x86_64&distro=amazonlinux-1 | amazonlinux |
kernel
|
< 4.14.133-88.112.amzn1 | amazonlinux-1 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/kernel?arch=i686&distro=amazonlinux-1 | amazonlinux |
kernel
|
< 4.14.133-88.112.amzn1 | amazonlinux-1 | i686 | |
| Affected | pkg:rpm/amazonlinux/kernel-tools?arch=x86_64&distro=amazonlinux-1 | amazonlinux |
kernel-tools
|
< 4.14.133-88.112.amzn1 | amazonlinux-1 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/kernel-tools?arch=i686&distro=amazonlinux-1 | amazonlinux |
kernel-tools
|
< 4.14.133-88.112.amzn1 | amazonlinux-1 | i686 | |
| Affected | pkg:rpm/amazonlinux/kernel-tools-devel?arch=x86_64&distro=amazonlinux-1 | amazonlinux |
kernel-tools-devel
|
< 4.14.133-88.112.amzn1 | amazonlinux-1 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/kernel-tools-devel?arch=i686&distro=amazonlinux-1 | amazonlinux |
kernel-tools-devel
|
< 4.14.133-88.112.amzn1 | amazonlinux-1 | i686 | |
| Affected | pkg:rpm/amazonlinux/kernel-tools-debuginfo?arch=x86_64&distro=amazonlinux-1 | amazonlinux |
kernel-tools-debuginfo
|
< 4.14.133-88.112.amzn1 | amazonlinux-1 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/kernel-tools-debuginfo?arch=i686&distro=amazonlinux-1 | amazonlinux |
kernel-tools-debuginfo
|
< 4.14.133-88.112.amzn1 | amazonlinux-1 | i686 | |
| Affected | pkg:rpm/amazonlinux/kernel-headers?arch=x86_64&distro=amazonlinux-1 | amazonlinux |
kernel-headers
|
< 4.14.133-88.112.amzn1 | amazonlinux-1 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/kernel-headers?arch=i686&distro=amazonlinux-1 | amazonlinux |
kernel-headers
|
< 4.14.133-88.112.amzn1 | amazonlinux-1 | i686 | |
| Affected | pkg:rpm/amazonlinux/kernel-devel?arch=x86_64&distro=amazonlinux-1 | amazonlinux |
kernel-devel
|
< 4.14.133-88.112.amzn1 | amazonlinux-1 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/kernel-devel?arch=i686&distro=amazonlinux-1 | amazonlinux |
kernel-devel
|
< 4.14.133-88.112.amzn1 | amazonlinux-1 | i686 | |
| Affected | pkg:rpm/amazonlinux/kernel-debuginfo?arch=x86_64&distro=amazonlinux-1 | amazonlinux |
kernel-debuginfo
|
< 4.14.133-88.112.amzn1 | amazonlinux-1 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/kernel-debuginfo?arch=i686&distro=amazonlinux-1 | amazonlinux |
kernel-debuginfo
|
< 4.14.133-88.112.amzn1 | amazonlinux-1 | i686 | |
| Affected | pkg:rpm/amazonlinux/kernel-debuginfo-common-x86_64?arch=x86_64&distro=amazonlinux-1 | amazonlinux |
kernel-debuginfo-common-x86_64
|
< 4.14.133-88.112.amzn1 | amazonlinux-1 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/kernel-debuginfo-common-i686?arch=i686&distro=amazonlinux-1 | amazonlinux |
kernel-debuginfo-common-i686
|
< 4.14.133-88.112.amzn1 | amazonlinux-1 | i686 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |