[ALAS-2019-1318] Amazon Linux AMI 2014.03 - ALAS-2019-1318: medium priority package update for microcode_ctl kernel
Severity
Medium
Affected Packages
24
CVEs
2
Package updates are available for Amazon Linux AMI that fix the following vulnerabilities:
CVE-2019-11139:
Improper conditions check in the voltage modulation interface for some Intel Xeon Scalable Processors may allow a privileged user to potentially enable denial of service via local access.
CVE-2019-11139 hw: voltage modulation technical advisory
CVE-2019-11135:
TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.
CVE-2019-11135 hw: TSX Transaction Asynchronous Abort (TAA)
- ID
- ALAS-2019-1318
- Severity
- medium
- URL
- https://alas.aws.amazon.com/ALAS-2019-1318.html
- Published
-
2019-11-14T20:06:00
(4 years ago) - Modified
-
2019-11-16T03:32:00
(4 years ago) - Rights
- Amazon Linux Security Team
- Other Advisories
-
-
ALAS2-2019-1364
-
ALPINE:CVE-2019-11135
-
ALSA-2020:0279
-
ASA-201911-14
-
DSA-4564-1
-
DSA-4565-1
-
DSA-4602-1
-
ELSA-2019-3832
-
ELSA-2019-3834
-
ELSA-2019-3836
-
ELSA-2019-4836
-
ELSA-2019-4837
-
ELSA-2019-4838
-
ELSA-2019-4839
-
ELSA-2019-4850
-
ELSA-2019-4854
-
ELSA-2019-4855
-
ELSA-2019-4867
-
ELSA-2019-4868
-
ELSA-2020-0279
-
ELSA-2020-0366
-
FEDORA-2019-021c968423
-
FEDORA-2019-124a241044
-
FEDORA-2019-1689d3fe07
-
FEDORA-2019-2e12bd3a9a
-
FEDORA-2019-34a75d7e61
-
FEDORA-2019-376ec5c107
-
FEDORA-2019-39e97683e8
-
FEDORA-2019-3d7105bd2a
-
FEDORA-2019-68d7f68507
-
FEDORA-2019-6aad703290
-
FEDORA-2019-7a3fc17778
-
FEDORA-2019-8846a1a5a2
-
FEDORA-2019-91f6e7bb71
-
FEDORA-2019-b737d03b83
-
FEDORA-2019-b86a7bdba0
-
FEDORA-2019-cbb732f760
-
FEDORA-2020-203ffedeb5
-
FEDORA-2020-227a4c0530
-
FEDORA-2020-2a5cdd665c
-
FEDORA-2020-2d9a75fadb
-
FEDORA-2020-3cd64d683c
-
FEDORA-2020-8490989850
-
FEDORA-2020-c2d89d14d0
-
FEDORA-2020-e328697628
-
FEDORA-2020-f884f9dd7d
-
FEDORA-2020-fe00e12580
-
FREEBSD:FBE10A8A-05A1-11EA-9DFA-F8B156AC3FF9
-
GLSA-202003-56
-
MS:CVE-2019-11135
-
openSUSE-SU-2019:2503-1
-
openSUSE-SU-2019:2504-1
-
openSUSE-SU-2019:2505-1
-
openSUSE-SU-2019:2506-1
-
openSUSE-SU-2019:2507-1
-
openSUSE-SU-2019:2509-1
-
openSUSE-SU-2019:2510-1
-
openSUSE-SU-2019:2527-1
-
openSUSE-SU-2019:2528-1
-
openSUSE-SU-2019:2710-1
-
RHSA-2019:3832
-
RHSA-2019:3833
-
RHSA-2019:3834
-
RHSA-2019:3835
-
RHSA-2019:3836
-
RHSA-2019:3936
-
RHSA-2020:0028
-
RHSA-2020:0279
-
RHSA-2020:0366
-
RLSA-2020:0279
-
SSA:2019-320-01
-
SUSE-SU-2019:2946-1
-
SUSE-SU-2019:2947-1
-
SUSE-SU-2019:2948-1
-
SUSE-SU-2019:2949-1
-
SUSE-SU-2019:2950-1
-
SUSE-SU-2019:2951-1
-
SUSE-SU-2019:2952-1
-
SUSE-SU-2019:2953-1
-
SUSE-SU-2019:2954-1
-
SUSE-SU-2019:2955-1
-
SUSE-SU-2019:2956-1
-
SUSE-SU-2019:2957-1
-
SUSE-SU-2019:2958-1
-
SUSE-SU-2019:2959-1
-
SUSE-SU-2019:2960-1
-
SUSE-SU-2019:2961-1
-
SUSE-SU-2019:2962-1
-
SUSE-SU-2019:2984-1
-
SUSE-SU-2019:2986-1
-
SUSE-SU-2019:2987-1
-
SUSE-SU-2019:2988-1
-
SUSE-SU-2019:3091-1
-
SUSE-SU-2019:3200-1
-
SUSE-SU-2019:3294-1
-
SUSE-SU-2019:3295-1
-
SUSE-SU-2019:3297-1
-
SUSE-SU-2019:3340-1
-
SUSE-SU-2019:3348-1
-
SUSE-SU-2020:0093-1
-
SUSE-SU-2020:0334-1
-
SUSE-SU-2020:0388-1
-
USN-4182-1
-
USN-4182-2
-
USN-4183-1
-
USN-4184-1
-
USN-4185-1
-
USN-4185-2
-
USN-4186-1
-
USN-4186-2
-
USN-4187-1
-
USN-4188-1
-
VMSA-2019-0020
-
XSA-305
-
| Source | # ID | Name | URL |
|---|---|---|---|
| CVE | CVE-2019-11135 |
|
|
| CVE | CVE-2019-11139 |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/amazonlinux/perf?arch=x86_64&distro=amazonlinux-1 | amazonlinux |
 perf
|
< 4.14.152-98.182.amzn1 | amazonlinux-1 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/perf?arch=i686&distro=amazonlinux-1 | amazonlinux |
perf
|
< 4.14.152-98.182.amzn1 | amazonlinux-1 | i686 | |
| Affected | pkg:rpm/amazonlinux/perf-debuginfo?arch=x86_64&distro=amazonlinux-1 | amazonlinux |
perf-debuginfo
|
< 4.14.152-98.182.amzn1 | amazonlinux-1 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/perf-debuginfo?arch=i686&distro=amazonlinux-1 | amazonlinux |
perf-debuginfo
|
< 4.14.152-98.182.amzn1 | amazonlinux-1 | i686 | |
| Affected | pkg:rpm/amazonlinux/microcode_ctl?arch=x86_64&distro=amazonlinux-1 | amazonlinux |
microcode_ctl
|
< 2.1-47.36.amzn1 | amazonlinux-1 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/microcode_ctl?arch=i686&distro=amazonlinux-1 | amazonlinux |
microcode_ctl
|
< 2.1-47.36.amzn1 | amazonlinux-1 | i686 | |
| Affected | pkg:rpm/amazonlinux/microcode_ctl-debuginfo?arch=x86_64&distro=amazonlinux-1 | amazonlinux |
microcode_ctl-debuginfo
|
< 2.1-47.36.amzn1 | amazonlinux-1 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/microcode_ctl-debuginfo?arch=i686&distro=amazonlinux-1 | amazonlinux |
microcode_ctl-debuginfo
|
< 2.1-47.36.amzn1 | amazonlinux-1 | i686 | |
| Affected | pkg:rpm/amazonlinux/kernel?arch=x86_64&distro=amazonlinux-1 | amazonlinux |
kernel
|
< 4.14.152-98.182.amzn1 | amazonlinux-1 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/kernel?arch=i686&distro=amazonlinux-1 | amazonlinux |
kernel
|
< 4.14.152-98.182.amzn1 | amazonlinux-1 | i686 | |
| Affected | pkg:rpm/amazonlinux/kernel-tools?arch=x86_64&distro=amazonlinux-1 | amazonlinux |
kernel-tools
|
< 4.14.152-98.182.amzn1 | amazonlinux-1 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/kernel-tools?arch=i686&distro=amazonlinux-1 | amazonlinux |
kernel-tools
|
< 4.14.152-98.182.amzn1 | amazonlinux-1 | i686 | |
| Affected | pkg:rpm/amazonlinux/kernel-tools-devel?arch=x86_64&distro=amazonlinux-1 | amazonlinux |
kernel-tools-devel
|
< 4.14.152-98.182.amzn1 | amazonlinux-1 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/kernel-tools-devel?arch=i686&distro=amazonlinux-1 | amazonlinux |
kernel-tools-devel
|
< 4.14.152-98.182.amzn1 | amazonlinux-1 | i686 | |
| Affected | pkg:rpm/amazonlinux/kernel-tools-debuginfo?arch=x86_64&distro=amazonlinux-1 | amazonlinux |
kernel-tools-debuginfo
|
< 4.14.152-98.182.amzn1 | amazonlinux-1 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/kernel-tools-debuginfo?arch=i686&distro=amazonlinux-1 | amazonlinux |
kernel-tools-debuginfo
|
< 4.14.152-98.182.amzn1 | amazonlinux-1 | i686 | |
| Affected | pkg:rpm/amazonlinux/kernel-headers?arch=x86_64&distro=amazonlinux-1 | amazonlinux |
kernel-headers
|
< 4.14.152-98.182.amzn1 | amazonlinux-1 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/kernel-headers?arch=i686&distro=amazonlinux-1 | amazonlinux |
kernel-headers
|
< 4.14.152-98.182.amzn1 | amazonlinux-1 | i686 | |
| Affected | pkg:rpm/amazonlinux/kernel-devel?arch=x86_64&distro=amazonlinux-1 | amazonlinux |
kernel-devel
|
< 4.14.152-98.182.amzn1 | amazonlinux-1 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/kernel-devel?arch=i686&distro=amazonlinux-1 | amazonlinux |
kernel-devel
|
< 4.14.152-98.182.amzn1 | amazonlinux-1 | i686 | |
| Affected | pkg:rpm/amazonlinux/kernel-debuginfo?arch=x86_64&distro=amazonlinux-1 | amazonlinux |
kernel-debuginfo
|
< 4.14.152-98.182.amzn1 | amazonlinux-1 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/kernel-debuginfo?arch=i686&distro=amazonlinux-1 | amazonlinux |
kernel-debuginfo
|
< 4.14.152-98.182.amzn1 | amazonlinux-1 | i686 | |
| Affected | pkg:rpm/amazonlinux/kernel-debuginfo-common-x86_64?arch=x86_64&distro=amazonlinux-1 | amazonlinux |
kernel-debuginfo-common-x86_64
|
< 4.14.152-98.182.amzn1 | amazonlinux-1 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/kernel-debuginfo-common-i686?arch=i686&distro=amazonlinux-1 | amazonlinux |
kernel-debuginfo-common-i686
|
< 4.14.152-98.182.amzn1 | amazonlinux-1 | i686 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |