[ALAS-2022-1581] Amazon Linux AMI 2014.03 - ALAS-2022-1581: important priority package update for kernel
Severity
Important
Affected Packages
20
CVEs
3
Package updates are available for Amazon Linux AMI that fix the following vulnerabilities:
CVE-2022-28356:
In the Linux kernel before 5.17.1, a refcount leak bug was found in net/llc/af_llc.c.
CVE-2022-27666:
A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat.
CVE-2022-26490:
A buffer overflow flaw was found in the Linux kernel's NFC protocol functionality. This flaw allows a local user to crash or escalate their privileges on the system.
- ID
- ALAS-2022-1581
- Severity
- important
- URL
- https://alas.aws.amazon.com/ALAS-2022-1581.html
- Published
-
2022-04-18T19:46:00
(2 years ago) - Modified
-
2022-04-19T18:47:00
(2 years ago) - Rights
- Amazon Linux Security Team
- Other Advisories
-
-
ALAS2-2022-1774
-
ALSA-2022:5249
-
ALSA-2022:5316
-
DSA-5127-1
-
DSA-5173-1
-
ELSA-2022-5249
-
ELSA-2022-5316
-
ELSA-2022-9365
-
ELSA-2022-9366
-
ELSA-2022-9367
-
ELSA-2022-9368
-
FEDORA-2022-9342e59a98
-
FEDORA-2022-de4474b89d
-
MS:CVE-2022-26490
-
MS:CVE-2022-27666
-
MS:CVE-2022-28356
-
openSUSE-SU-2022:1037-1
-
openSUSE-SU-2022:1039-1
-
RHSA-2022:5214
-
RHSA-2022:5219
-
RHSA-2022:5249
-
RHSA-2022:5267
-
RHSA-2022:5316
-
RHSA-2022:5344
-
RLSA-2022:5316
-
SSA:2022-129-01
-
SUSE-SU-2022:1037-1
-
SUSE-SU-2022:1038-1
-
SUSE-SU-2022:1039-1
-
SUSE-SU-2022:1163-1
-
SUSE-SU-2022:1172-1
-
SUSE-SU-2022:1182-1
-
SUSE-SU-2022:1183-1
-
SUSE-SU-2022:1189-1
-
SUSE-SU-2022:1192-1
-
SUSE-SU-2022:1193-1
-
SUSE-SU-2022:1194-1
-
SUSE-SU-2022:1196-1
-
SUSE-SU-2022:1197-1
-
SUSE-SU-2022:1212-1
-
SUSE-SU-2022:1215-1
-
SUSE-SU-2022:1223-1
-
SUSE-SU-2022:1224-1
-
SUSE-SU-2022:1230-1
-
SUSE-SU-2022:1242-1
-
SUSE-SU-2022:1246-1
-
SUSE-SU-2022:1248-1
-
SUSE-SU-2022:1255-1
-
SUSE-SU-2022:1256-1
-
SUSE-SU-2022:1257-1
-
SUSE-SU-2022:1261-1
-
SUSE-SU-2022:1266-1
-
SUSE-SU-2022:1267-1
-
SUSE-SU-2022:1268-1
-
SUSE-SU-2022:1269-1
-
SUSE-SU-2022:1270-1
-
SUSE-SU-2022:1278-1
-
SUSE-SU-2022:1283-1
-
SUSE-SU-2022:1303-1
-
SUSE-SU-2022:1402-1
-
SUSE-SU-2022:1407-1
-
SUSE-SU-2022:1668-1
-
SUSE-SU-2022:1669-1
-
SUSE-SU-2022:1676-1
-
SUSE-SU-2022:1686-1
-
SUSE-SU-2022:1687-1
-
SUSE-SU-2022:2520-1
-
SUSE-SU-2022:2615-1
-
SUSE-SU-2022:2699-1
-
SUSE-SU-2022:2700-1
-
SUSE-SU-2022:2709-1
-
SUSE-SU-2022:2726-1
-
SUSE-SU-2022:2728-1
-
SUSE-SU-2022:2738-1
-
SUSE-SU-2022:2745-1
-
SUSE-SU-2022:2766-1
-
SUSE-SU-2022:2770-1
-
SUSE-SU-2022:2776-1
-
SUSE-SU-2022:2780-1
-
SUSE-SU-2022:2783-1
-
SUSE-SU-2022:2789-1
-
SUSE-SU-2022:2854-1
-
SUSE-SU-2022:3288-1
-
SUSE-SU-2022:3293-1
-
SUSE-SU-2022:4617-1
-
SUSE-SU-2023:0416-1
-
USN-5353-1
-
USN-5357-1
-
USN-5357-2
-
USN-5358-1
-
USN-5358-2
-
USN-5368-1
-
USN-5377-1
-
USN-5381-1
-
USN-5390-1
-
USN-5390-2
-
USN-5413-1
-
USN-5415-1
-
USN-5417-1
-
USN-5418-1
-
USN-5466-1
-
USN-5467-1
-
USN-5469-1
-
USN-5500-1
-
USN-5505-1
-
USN-5513-1
-
| Source | # ID | Name | URL |
|---|---|---|---|
| CVE | CVE-2022-26490 |
|
|
| CVE | CVE-2022-27666 |
|
|
| CVE | CVE-2022-28356 |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/amazonlinux/perf?arch=x86_64&distro=amazonlinux-1 | amazonlinux |
 perf
|
< 4.14.275-142.503.amzn1 | amazonlinux-1 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/perf?arch=i686&distro=amazonlinux-1 | amazonlinux |
perf
|
< 4.14.275-142.503.amzn1 | amazonlinux-1 | i686 | |
| Affected | pkg:rpm/amazonlinux/perf-debuginfo?arch=x86_64&distro=amazonlinux-1 | amazonlinux |
perf-debuginfo
|
< 4.14.275-142.503.amzn1 | amazonlinux-1 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/perf-debuginfo?arch=i686&distro=amazonlinux-1 | amazonlinux |
perf-debuginfo
|
< 4.14.275-142.503.amzn1 | amazonlinux-1 | i686 | |
| Affected | pkg:rpm/amazonlinux/kernel?arch=x86_64&distro=amazonlinux-1 | amazonlinux |
kernel
|
< 4.14.275-142.503.amzn1 | amazonlinux-1 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/kernel?arch=i686&distro=amazonlinux-1 | amazonlinux |
kernel
|
< 4.14.275-142.503.amzn1 | amazonlinux-1 | i686 | |
| Affected | pkg:rpm/amazonlinux/kernel-tools?arch=x86_64&distro=amazonlinux-1 | amazonlinux |
kernel-tools
|
< 4.14.275-142.503.amzn1 | amazonlinux-1 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/kernel-tools?arch=i686&distro=amazonlinux-1 | amazonlinux |
kernel-tools
|
< 4.14.275-142.503.amzn1 | amazonlinux-1 | i686 | |
| Affected | pkg:rpm/amazonlinux/kernel-tools-devel?arch=x86_64&distro=amazonlinux-1 | amazonlinux |
kernel-tools-devel
|
< 4.14.275-142.503.amzn1 | amazonlinux-1 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/kernel-tools-devel?arch=i686&distro=amazonlinux-1 | amazonlinux |
kernel-tools-devel
|
< 4.14.275-142.503.amzn1 | amazonlinux-1 | i686 | |
| Affected | pkg:rpm/amazonlinux/kernel-tools-debuginfo?arch=x86_64&distro=amazonlinux-1 | amazonlinux |
kernel-tools-debuginfo
|
< 4.14.275-142.503.amzn1 | amazonlinux-1 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/kernel-tools-debuginfo?arch=i686&distro=amazonlinux-1 | amazonlinux |
kernel-tools-debuginfo
|
< 4.14.275-142.503.amzn1 | amazonlinux-1 | i686 | |
| Affected | pkg:rpm/amazonlinux/kernel-headers?arch=x86_64&distro=amazonlinux-1 | amazonlinux |
kernel-headers
|
< 4.14.275-142.503.amzn1 | amazonlinux-1 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/kernel-headers?arch=i686&distro=amazonlinux-1 | amazonlinux |
kernel-headers
|
< 4.14.275-142.503.amzn1 | amazonlinux-1 | i686 | |
| Affected | pkg:rpm/amazonlinux/kernel-devel?arch=x86_64&distro=amazonlinux-1 | amazonlinux |
kernel-devel
|
< 4.14.275-142.503.amzn1 | amazonlinux-1 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/kernel-devel?arch=i686&distro=amazonlinux-1 | amazonlinux |
kernel-devel
|
< 4.14.275-142.503.amzn1 | amazonlinux-1 | i686 | |
| Affected | pkg:rpm/amazonlinux/kernel-debuginfo?arch=x86_64&distro=amazonlinux-1 | amazonlinux |
kernel-debuginfo
|
< 4.14.275-142.503.amzn1 | amazonlinux-1 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/kernel-debuginfo?arch=i686&distro=amazonlinux-1 | amazonlinux |
kernel-debuginfo
|
< 4.14.275-142.503.amzn1 | amazonlinux-1 | i686 | |
| Affected | pkg:rpm/amazonlinux/kernel-debuginfo-common-x86_64?arch=x86_64&distro=amazonlinux-1 | amazonlinux |
kernel-debuginfo-common-x86_64
|
< 4.14.275-142.503.amzn1 | amazonlinux-1 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/kernel-debuginfo-common-i686?arch=i686&distro=amazonlinux-1 | amazonlinux |
kernel-debuginfo-common-i686
|
< 4.14.275-142.503.amzn1 | amazonlinux-1 | i686 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |