[ALAS-2022-1645] Amazon Linux AMI 2014.03 - ALAS-2022-1645: important priority package update for kernel

Severity Important

Affected Packages 20

CVEs 17

Package updates are available for Amazon Linux AMI that fix the following vulnerabilities:
CVE-2022-43750:
drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user-space client to corrupt the monitor's internal memory.

CVE-2022-41850:
roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free in certain situations where a report is received while copying a report->value is in progress.

CVE-2022-41849:
drivers/video/fbdev/smscufx.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a USB device while calling open(), aka a race condition between ufx_ops_open and ufx_usb_disconnect.

CVE-2022-40768:
drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stex_queuecommand_lck lacks a memset for the PASSTHRU_CMD case.

CVE-2022-39842:
An issue was discovered in the Linux kernel before 5.19. In pxa3xx_gcu_write in drivers/video/fbdev/pxa3xx-gcu.c, the count parameter has a type conflict of size_t versus int, causing an integer overflow and bypassing the size check. After that, because it is used as the third argument to copy_from_user(), a heap overflow may occur.

CVE-2022-3649:
A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_new_inode of the file fs/nilfs2/inode.c of the component BPF. The manipulation leads to use after free. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211992.

CVE-2022-3646:
A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function nilfs_attach_log_writer of the file fs/nilfs2/segment.c of the component BPF. The manipulation leads to memory leak. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211961 was assigned to this vulnerability.

CVE-2022-3621:
A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_bmap_lookup_at_level of the file fs/nilfs2/inode.c of the component nilfs2. The manipulation leads to null pointer dereference. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211920.

CVE-2022-3594:
A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. The manipulation leads to logging of excessive data. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211363.

CVE-2022-3565:
A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211088.

CVE-2022-3564:
A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211087.

CVE-2022-3542:
A vulnerability classified as problematic was found in Linux Kernel. This vulnerability affects the function bnx2x_tpa_stop of the file drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c of the component BPF. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. VDB-211042 is the identifier assigned to this vulnerability.

CVE-2022-2978:
A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function security_inode_alloc to fail with following call to function nilfs_mdt_destroy. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.

CVE-2022-26373:
A flaw was found in hw. In certain processors with Intel's Enhanced Indirect Branch Restricted Speculation (eIBRS) capabilities, soon after VM exit or IBPB command event, the linear address following the most recent near CALL instruction prior to a VM exit may be used as the Return Stack Buffer (RSB) prediction.

CVE-2022-20369:
In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-223375145References: Upstream kernel

Package	Affected Version
pkg:rpm/amazonlinux/perf?arch=x86_64&distro=amazonlinux-1	< 4.14.299-152.520.amzn1
pkg:rpm/amazonlinux/perf?arch=i686&distro=amazonlinux-1	< 4.14.299-152.520.amzn1
pkg:rpm/amazonlinux/perf-debuginfo?arch=x86_64&distro=amazonlinux-1	< 4.14.299-152.520.amzn1
pkg:rpm/amazonlinux/perf-debuginfo?arch=i686&distro=amazonlinux-1	< 4.14.299-152.520.amzn1
pkg:rpm/amazonlinux/kernel?arch=x86_64&distro=amazonlinux-1	< 4.14.299-152.520.amzn1
pkg:rpm/amazonlinux/kernel?arch=i686&distro=amazonlinux-1	< 4.14.299-152.520.amzn1
pkg:rpm/amazonlinux/kernel-tools?arch=x86_64&distro=amazonlinux-1	< 4.14.299-152.520.amzn1
pkg:rpm/amazonlinux/kernel-tools?arch=i686&distro=amazonlinux-1	< 4.14.299-152.520.amzn1
pkg:rpm/amazonlinux/kernel-tools-devel?arch=x86_64&distro=amazonlinux-1	< 4.14.299-152.520.amzn1
pkg:rpm/amazonlinux/kernel-tools-devel?arch=i686&distro=amazonlinux-1	< 4.14.299-152.520.amzn1
pkg:rpm/amazonlinux/kernel-tools-debuginfo?arch=x86_64&distro=amazonlinux-1	< 4.14.299-152.520.amzn1
pkg:rpm/amazonlinux/kernel-tools-debuginfo?arch=i686&distro=amazonlinux-1	< 4.14.299-152.520.amzn1
pkg:rpm/amazonlinux/kernel-headers?arch=x86_64&distro=amazonlinux-1	< 4.14.299-152.520.amzn1
pkg:rpm/amazonlinux/kernel-headers?arch=i686&distro=amazonlinux-1	< 4.14.299-152.520.amzn1
pkg:rpm/amazonlinux/kernel-devel?arch=x86_64&distro=amazonlinux-1	< 4.14.299-152.520.amzn1
pkg:rpm/amazonlinux/kernel-devel?arch=i686&distro=amazonlinux-1	< 4.14.299-152.520.amzn1
pkg:rpm/amazonlinux/kernel-debuginfo?arch=x86_64&distro=amazonlinux-1	< 4.14.299-152.520.amzn1
pkg:rpm/amazonlinux/kernel-debuginfo?arch=i686&distro=amazonlinux-1	< 4.14.299-152.520.amzn1
pkg:rpm/amazonlinux/kernel-debuginfo-common-x86_64?arch=x86_64&distro=amazonlinux-1	< 4.14.299-152.520.amzn1
pkg:rpm/amazonlinux/kernel-debuginfo-common-i686?arch=i686&distro=amazonlinux-1	< 4.14.299-152.520.amzn1

ID

ALAS-2022-1645

Severity

important

URL

https://alas.aws.amazon.com/ALAS-2022-1645.html

Published

2022-12-01T17:33:00
(21 months ago)

Modified

2022-12-10T00:45:00
(21 months ago)

Rights

Amazon Linux Security Team

Other Advisories

Source	# ID	URL
CVE	CVE-2022-20369	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20369
CVE	CVE-2022-26373	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26373
CVE	CVE-2022-2978	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2978
CVE	CVE-2022-3542	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3542
CVE	CVE-2022-3564	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3564
CVE	CVE-2022-3565	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3565
CVE	CVE-2022-3594	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3594
CVE	CVE-2022-3621	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3621
CVE	CVE-2022-3646	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3646
CVE	CVE-2022-3649	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3649
CVE	CVE-2022-39842	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39842
CVE	CVE-2022-40768	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40768
CVE	CVE-2022-41849	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41849
CVE	CVE-2022-41850	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41850
CVE	CVE-2022-43750	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43750

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform	Arch
Affected	pkg:rpm/amazonlinux/perf?arch=x86_64&distro=amazonlinux-1	amazonlinux	perf	< 4.14.299-152.520.amzn1	amazonlinux-1	x86_64
Affected	pkg:rpm/amazonlinux/perf?arch=i686&distro=amazonlinux-1	amazonlinux	perf	< 4.14.299-152.520.amzn1	amazonlinux-1	i686
Affected	pkg:rpm/amazonlinux/perf-debuginfo?arch=x86_64&distro=amazonlinux-1	amazonlinux	perf-debuginfo	< 4.14.299-152.520.amzn1	amazonlinux-1	x86_64
Affected	pkg:rpm/amazonlinux/perf-debuginfo?arch=i686&distro=amazonlinux-1	amazonlinux	perf-debuginfo	< 4.14.299-152.520.amzn1	amazonlinux-1	i686
Affected	pkg:rpm/amazonlinux/kernel?arch=x86_64&distro=amazonlinux-1	amazonlinux	kernel	< 4.14.299-152.520.amzn1	amazonlinux-1	x86_64
Affected	pkg:rpm/amazonlinux/kernel?arch=i686&distro=amazonlinux-1	amazonlinux	kernel	< 4.14.299-152.520.amzn1	amazonlinux-1	i686
Affected	pkg:rpm/amazonlinux/kernel-tools?arch=x86_64&distro=amazonlinux-1	amazonlinux	kernel-tools	< 4.14.299-152.520.amzn1	amazonlinux-1	x86_64
Affected	pkg:rpm/amazonlinux/kernel-tools?arch=i686&distro=amazonlinux-1	amazonlinux	kernel-tools	< 4.14.299-152.520.amzn1	amazonlinux-1	i686
Affected	pkg:rpm/amazonlinux/kernel-tools-devel?arch=x86_64&distro=amazonlinux-1	amazonlinux	kernel-tools-devel	< 4.14.299-152.520.amzn1	amazonlinux-1	x86_64
Affected	pkg:rpm/amazonlinux/kernel-tools-devel?arch=i686&distro=amazonlinux-1	amazonlinux	kernel-tools-devel	< 4.14.299-152.520.amzn1	amazonlinux-1	i686
Affected	pkg:rpm/amazonlinux/kernel-tools-debuginfo?arch=x86_64&distro=amazonlinux-1	amazonlinux	kernel-tools-debuginfo	< 4.14.299-152.520.amzn1	amazonlinux-1	x86_64
Affected	pkg:rpm/amazonlinux/kernel-tools-debuginfo?arch=i686&distro=amazonlinux-1	amazonlinux	kernel-tools-debuginfo	< 4.14.299-152.520.amzn1	amazonlinux-1	i686
Affected	pkg:rpm/amazonlinux/kernel-headers?arch=x86_64&distro=amazonlinux-1	amazonlinux	kernel-headers	< 4.14.299-152.520.amzn1	amazonlinux-1	x86_64
Affected	pkg:rpm/amazonlinux/kernel-headers?arch=i686&distro=amazonlinux-1	amazonlinux	kernel-headers	< 4.14.299-152.520.amzn1	amazonlinux-1	i686
Affected	pkg:rpm/amazonlinux/kernel-devel?arch=x86_64&distro=amazonlinux-1	amazonlinux	kernel-devel	< 4.14.299-152.520.amzn1	amazonlinux-1	x86_64
Affected	pkg:rpm/amazonlinux/kernel-devel?arch=i686&distro=amazonlinux-1	amazonlinux	kernel-devel	< 4.14.299-152.520.amzn1	amazonlinux-1	i686
Affected	pkg:rpm/amazonlinux/kernel-debuginfo?arch=x86_64&distro=amazonlinux-1	amazonlinux	kernel-debuginfo	< 4.14.299-152.520.amzn1	amazonlinux-1	x86_64
Affected	pkg:rpm/amazonlinux/kernel-debuginfo?arch=i686&distro=amazonlinux-1	amazonlinux	kernel-debuginfo	< 4.14.299-152.520.amzn1	amazonlinux-1	i686
Affected	pkg:rpm/amazonlinux/kernel-debuginfo-common-x86_64?arch=x86_64&distro=amazonlinux-1	amazonlinux	kernel-debuginfo-common-x86_64	< 4.14.299-152.520.amzn1	amazonlinux-1	x86_64
Affected	pkg:rpm/amazonlinux/kernel-debuginfo-common-i686?arch=i686&distro=amazonlinux-1	amazonlinux	kernel-debuginfo-common-i686	< 4.14.299-152.520.amzn1	amazonlinux-1	i686

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date