[ALAS-2020-1338] Amazon Linux AMI 2014.03 - ALAS-2020-1338: important priority package update for kernel
Severity
Important
Affected Packages
20
CVEs
3
Package updates are available for Amazon Linux AMI that fix the following vulnerabilities:
CVE-2019-19332:
An out-of-bounds memory write issue was found in the Linux Kernel, version 3.13 through 5.4, in the way the Linux kernel's KVM hypervisor handled the 'KVM_GET_EMULATED_CPUID' ioctl(2) request to get CPUID features emulated by the KVM hypervisor. A user or process able to access the '/dev/kvm' device could use this flaw to crash the system, resulting in a denial of service.
1779594: CVE-2019-19332 Kernel: kvm: OOB memory write via kvm_dev_ioctl_get_cpuid
CVE-2019-19062:
A memory leak in the crypto_report() function in crypto/crypto_user_base.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_report_alg() failures, aka CID-ffdde5932042.
1775021: CVE-2019-19062 kernel: A memory leak in the crypto_report() function in crypto/crypto_user_base.c allows for a DoS
- ID
- ALAS-2020-1338
- Severity
- important
- URL
- https://alas.aws.amazon.com/ALAS-2020-1338.html
- Published
-
2020-02-04T22:39:00
(4 years ago) - Modified
-
2020-02-07T17:57:00
(4 years ago) - Rights
- Amazon Linux Security Team
- Other Advisories
-
-
ALAS2-2020-1392
-
ALSA-2020:4431
-
ELSA-2020-4060
-
ELSA-2020-5528
-
ELSA-2020-5533
-
ELSA-2020-5535
-
ELSA-2020-5676
-
ELSA-2020-5802
-
ELSA-2020-5804
-
ELSA-2020-5837
-
ELSA-2020-5866
-
ELSA-2020-5879
-
FEDORA-2019-021c968423
-
FEDORA-2019-124a241044
-
FEDORA-2019-34a75d7e61
-
FEDORA-2019-39e97683e8
-
FEDORA-2019-8846a1a5a2
-
FEDORA-2019-91f6e7bb71
-
FEDORA-2019-b86a7bdba0
-
FEDORA-2020-203ffedeb5
-
FEDORA-2020-227a4c0530
-
FEDORA-2020-2a5cdd665c
-
FEDORA-2020-3cd64d683c
-
FEDORA-2020-c2d89d14d0
-
FEDORA-2020-e328697628
-
FEDORA-2020-f884f9dd7d
-
FEDORA-2020-fe00e12580
-
openSUSE-SU-2019:2675-1
-
openSUSE-SU-2020:0336-1
-
RHSA-2020:4060
-
RHSA-2020:4062
-
RHSA-2020:4431
-
RHSA-2020:4609
-
SSA:2020-008-01
-
SSA:2020-086-01
-
SUSE-SU-2019:3200-1
-
SUSE-SU-2019:3289-1
-
SUSE-SU-2019:3316-1
-
SUSE-SU-2019:3317-1
-
SUSE-SU-2019:3371-1
-
SUSE-SU-2019:3372-1
-
SUSE-SU-2019:3379-1
-
SUSE-SU-2019:3381-1
-
SUSE-SU-2019:3389-1
-
SUSE-SU-2020:0093-1
-
SUSE-SU-2020:0511-1
-
SUSE-SU-2020:0558-1
-
SUSE-SU-2020:0559-1
-
SUSE-SU-2020:0560-1
-
SUSE-SU-2020:0580-1
-
SUSE-SU-2020:0584-1
-
SUSE-SU-2020:0599-1
-
SUSE-SU-2020:0605-1
-
SUSE-SU-2020:0613-1
-
SUSE-SU-2020:1255-1
-
SUSE-SU-2020:1275-1
-
SUSE-SU-2020:1663-1
-
USN-4254-1
-
USN-4254-2
-
USN-4258-1
-
USN-4284-1
-
USN-4285-1
-
USN-4286-1
-
USN-4286-2
-
USN-4287-1
-
USN-4287-2
-
| Source | # ID | Name | URL |
|---|---|---|---|
| CVE | CVE-2019-19062 |
|
|
| CVE | CVE-2019-19332 |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/amazonlinux/perf?arch=x86_64&distro=amazonlinux-1 | amazonlinux |
 perf
|
< 4.14.165-102.185.amzn1 | amazonlinux-1 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/perf?arch=i686&distro=amazonlinux-1 | amazonlinux |
perf
|
< 4.14.165-102.185.amzn1 | amazonlinux-1 | i686 | |
| Affected | pkg:rpm/amazonlinux/perf-debuginfo?arch=x86_64&distro=amazonlinux-1 | amazonlinux |
perf-debuginfo
|
< 4.14.165-102.185.amzn1 | amazonlinux-1 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/perf-debuginfo?arch=i686&distro=amazonlinux-1 | amazonlinux |
perf-debuginfo
|
< 4.14.165-102.185.amzn1 | amazonlinux-1 | i686 | |
| Affected | pkg:rpm/amazonlinux/kernel?arch=x86_64&distro=amazonlinux-1 | amazonlinux |
kernel
|
< 4.14.165-102.185.amzn1 | amazonlinux-1 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/kernel?arch=i686&distro=amazonlinux-1 | amazonlinux |
kernel
|
< 4.14.165-102.185.amzn1 | amazonlinux-1 | i686 | |
| Affected | pkg:rpm/amazonlinux/kernel-tools?arch=x86_64&distro=amazonlinux-1 | amazonlinux |
kernel-tools
|
< 4.14.165-102.185.amzn1 | amazonlinux-1 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/kernel-tools?arch=i686&distro=amazonlinux-1 | amazonlinux |
kernel-tools
|
< 4.14.165-102.185.amzn1 | amazonlinux-1 | i686 | |
| Affected | pkg:rpm/amazonlinux/kernel-tools-devel?arch=x86_64&distro=amazonlinux-1 | amazonlinux |
kernel-tools-devel
|
< 4.14.165-102.185.amzn1 | amazonlinux-1 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/kernel-tools-devel?arch=i686&distro=amazonlinux-1 | amazonlinux |
kernel-tools-devel
|
< 4.14.165-102.185.amzn1 | amazonlinux-1 | i686 | |
| Affected | pkg:rpm/amazonlinux/kernel-tools-debuginfo?arch=x86_64&distro=amazonlinux-1 | amazonlinux |
kernel-tools-debuginfo
|
< 4.14.165-102.185.amzn1 | amazonlinux-1 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/kernel-tools-debuginfo?arch=i686&distro=amazonlinux-1 | amazonlinux |
kernel-tools-debuginfo
|
< 4.14.165-102.185.amzn1 | amazonlinux-1 | i686 | |
| Affected | pkg:rpm/amazonlinux/kernel-headers?arch=x86_64&distro=amazonlinux-1 | amazonlinux |
kernel-headers
|
< 4.14.165-102.185.amzn1 | amazonlinux-1 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/kernel-headers?arch=i686&distro=amazonlinux-1 | amazonlinux |
kernel-headers
|
< 4.14.165-102.185.amzn1 | amazonlinux-1 | i686 | |
| Affected | pkg:rpm/amazonlinux/kernel-devel?arch=x86_64&distro=amazonlinux-1 | amazonlinux |
kernel-devel
|
< 4.14.165-102.185.amzn1 | amazonlinux-1 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/kernel-devel?arch=i686&distro=amazonlinux-1 | amazonlinux |
kernel-devel
|
< 4.14.165-102.185.amzn1 | amazonlinux-1 | i686 | |
| Affected | pkg:rpm/amazonlinux/kernel-debuginfo?arch=x86_64&distro=amazonlinux-1 | amazonlinux |
kernel-debuginfo
|
< 4.14.165-102.185.amzn1 | amazonlinux-1 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/kernel-debuginfo?arch=i686&distro=amazonlinux-1 | amazonlinux |
kernel-debuginfo
|
< 4.14.165-102.185.amzn1 | amazonlinux-1 | i686 | |
| Affected | pkg:rpm/amazonlinux/kernel-debuginfo-common-x86_64?arch=x86_64&distro=amazonlinux-1 | amazonlinux |
kernel-debuginfo-common-x86_64
|
< 4.14.165-102.185.amzn1 | amazonlinux-1 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/kernel-debuginfo-common-i686?arch=i686&distro=amazonlinux-1 | amazonlinux |
kernel-debuginfo-common-i686
|
< 4.14.165-102.185.amzn1 | amazonlinux-1 | i686 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |