[ALAS-2023-1701] Amazon Linux AMI 2014.03 - ALAS-2023-1701: important priority package update for kernel

Severity Important

Affected Packages 20

CVEs 9

Package updates are available for Amazon Linux AMI that fix the following vulnerabilities:
CVE-2023-45862:
An issue was discovered in drivers/usb/storage/ene_ub6250.c for the ENE UB6250 reader driver in the Linux kernel before 6.2.5. An object could potentially extend beyond the end of an allocation.

CVE-2023-2985:
A use-after-free flaw was found in hfsplus_put_super in fs/hfsplus/super.c in the Linux Kernel. This flaw could allow a local user to cause a denial of service.

CVE-2023-26545:
In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device.

CVE-2023-2162:
A use-after-free flaw was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in the SCSI sub-component in the Linux Kernel. This issue could allow an attacker to leak kernel internal information.

CVE-2023-1998:
When plain IBRS is enabled (not enhanced IBRS), the logic in spectre_v2_user_select_mitigation() determines that STIBP is not needed. The IBRS bit implicitly protects against cross-thread branch target
injection. However, with legacy IBRS, the IBRS bit is cleared on returning to userspace for performance reasons which leaves userspace threads vulnerable to cross-thread branch target injection against which STIBP protects.

CVE-2023-1829:
A use-after-free vulnerability in the Linux Kernel traffic control index filter (tcindex) can be exploited to achieve local privilege escalation. The tcindex_delete function which does not properly deactivate filters in case of a perfect hashes while deleting the underlying structure which can later lead to double freeing the structure. A local attacker user can use this vulnerability to elevate its privileges to root.
We recommend upgrading past commit 8c710f75256bb3cf05ac7b1672c82b92c43f3d28.

CVE-2023-1281:
Use After Free vulnerability in Linux kernel traffic control index filter (tcindex) allows Privilege Escalation. The imperfect hash area can be updated while packets are traversing, which will cause a use-after-free when 'tcf_exts_exec()' is called with the destroyed tcf_ext. A local attacker user can use this vulnerability to elevate its privileges to root. This issue affects Linux Kernel: from 4.14 before git commit ee059170b1f7e94e55fa6cadee544e176a6e59c2.

CVE-2023-0458:
Detected a few exploitable gadgets that could leak secret memory through a side-channel such as MDS as well as insufficient hardening of the usercopy functions against spectre-v1.

Package	Affected Version
pkg:rpm/amazonlinux/perf?arch=x86_64&distro=amazonlinux-1	< 4.14.309-159.529.amzn1
pkg:rpm/amazonlinux/perf?arch=i686&distro=amazonlinux-1	< 4.14.309-159.529.amzn1
pkg:rpm/amazonlinux/perf-debuginfo?arch=x86_64&distro=amazonlinux-1	< 4.14.309-159.529.amzn1
pkg:rpm/amazonlinux/perf-debuginfo?arch=i686&distro=amazonlinux-1	< 4.14.309-159.529.amzn1
pkg:rpm/amazonlinux/kernel?arch=x86_64&distro=amazonlinux-1	< 4.14.309-159.529.amzn1
pkg:rpm/amazonlinux/kernel?arch=i686&distro=amazonlinux-1	< 4.14.309-159.529.amzn1
pkg:rpm/amazonlinux/kernel-tools?arch=x86_64&distro=amazonlinux-1	< 4.14.309-159.529.amzn1
pkg:rpm/amazonlinux/kernel-tools?arch=i686&distro=amazonlinux-1	< 4.14.309-159.529.amzn1
pkg:rpm/amazonlinux/kernel-tools-devel?arch=x86_64&distro=amazonlinux-1	< 4.14.309-159.529.amzn1
pkg:rpm/amazonlinux/kernel-tools-devel?arch=i686&distro=amazonlinux-1	< 4.14.309-159.529.amzn1
pkg:rpm/amazonlinux/kernel-tools-debuginfo?arch=x86_64&distro=amazonlinux-1	< 4.14.309-159.529.amzn1
pkg:rpm/amazonlinux/kernel-tools-debuginfo?arch=i686&distro=amazonlinux-1	< 4.14.309-159.529.amzn1
pkg:rpm/amazonlinux/kernel-headers?arch=x86_64&distro=amazonlinux-1	< 4.14.309-159.529.amzn1
pkg:rpm/amazonlinux/kernel-headers?arch=i686&distro=amazonlinux-1	< 4.14.309-159.529.amzn1
pkg:rpm/amazonlinux/kernel-devel?arch=x86_64&distro=amazonlinux-1	< 4.14.309-159.529.amzn1
pkg:rpm/amazonlinux/kernel-devel?arch=i686&distro=amazonlinux-1	< 4.14.309-159.529.amzn1
pkg:rpm/amazonlinux/kernel-debuginfo?arch=x86_64&distro=amazonlinux-1	< 4.14.309-159.529.amzn1
pkg:rpm/amazonlinux/kernel-debuginfo?arch=i686&distro=amazonlinux-1	< 4.14.309-159.529.amzn1
pkg:rpm/amazonlinux/kernel-debuginfo-common-x86_64?arch=x86_64&distro=amazonlinux-1	< 4.14.309-159.529.amzn1
pkg:rpm/amazonlinux/kernel-debuginfo-common-i686?arch=i686&distro=amazonlinux-1	< 4.14.309-159.529.amzn1

ID

ALAS-2023-1701

Severity

important

URL

https://alas.aws.amazon.com/ALAS-2023-1701.html

Published

2023-03-17T15:53:00
(18 months ago)

Modified

2023-10-25T21:00:00
(10 months ago)

Rights

Amazon Linux Security Team

Other Advisories

Source	# ID	URL
CVE	CVE-2023-0458	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0458
CVE	CVE-2023-1281	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1281
CVE	CVE-2023-1829	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1829
CVE	CVE-2023-1998	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1998
CVE	CVE-2023-2162	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2162
CVE	CVE-2023-26545	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26545
CVE	CVE-2023-2985	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2985
CVE	CVE-2023-45862	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45862

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform	Arch
Affected	pkg:rpm/amazonlinux/perf?arch=x86_64&distro=amazonlinux-1	amazonlinux	perf	< 4.14.309-159.529.amzn1	amazonlinux-1	x86_64
Affected	pkg:rpm/amazonlinux/perf?arch=i686&distro=amazonlinux-1	amazonlinux	perf	< 4.14.309-159.529.amzn1	amazonlinux-1	i686
Affected	pkg:rpm/amazonlinux/perf-debuginfo?arch=x86_64&distro=amazonlinux-1	amazonlinux	perf-debuginfo	< 4.14.309-159.529.amzn1	amazonlinux-1	x86_64
Affected	pkg:rpm/amazonlinux/perf-debuginfo?arch=i686&distro=amazonlinux-1	amazonlinux	perf-debuginfo	< 4.14.309-159.529.amzn1	amazonlinux-1	i686
Affected	pkg:rpm/amazonlinux/kernel?arch=x86_64&distro=amazonlinux-1	amazonlinux	kernel	< 4.14.309-159.529.amzn1	amazonlinux-1	x86_64
Affected	pkg:rpm/amazonlinux/kernel?arch=i686&distro=amazonlinux-1	amazonlinux	kernel	< 4.14.309-159.529.amzn1	amazonlinux-1	i686
Affected	pkg:rpm/amazonlinux/kernel-tools?arch=x86_64&distro=amazonlinux-1	amazonlinux	kernel-tools	< 4.14.309-159.529.amzn1	amazonlinux-1	x86_64
Affected	pkg:rpm/amazonlinux/kernel-tools?arch=i686&distro=amazonlinux-1	amazonlinux	kernel-tools	< 4.14.309-159.529.amzn1	amazonlinux-1	i686
Affected	pkg:rpm/amazonlinux/kernel-tools-devel?arch=x86_64&distro=amazonlinux-1	amazonlinux	kernel-tools-devel	< 4.14.309-159.529.amzn1	amazonlinux-1	x86_64
Affected	pkg:rpm/amazonlinux/kernel-tools-devel?arch=i686&distro=amazonlinux-1	amazonlinux	kernel-tools-devel	< 4.14.309-159.529.amzn1	amazonlinux-1	i686
Affected	pkg:rpm/amazonlinux/kernel-tools-debuginfo?arch=x86_64&distro=amazonlinux-1	amazonlinux	kernel-tools-debuginfo	< 4.14.309-159.529.amzn1	amazonlinux-1	x86_64
Affected	pkg:rpm/amazonlinux/kernel-tools-debuginfo?arch=i686&distro=amazonlinux-1	amazonlinux	kernel-tools-debuginfo	< 4.14.309-159.529.amzn1	amazonlinux-1	i686
Affected	pkg:rpm/amazonlinux/kernel-headers?arch=x86_64&distro=amazonlinux-1	amazonlinux	kernel-headers	< 4.14.309-159.529.amzn1	amazonlinux-1	x86_64
Affected	pkg:rpm/amazonlinux/kernel-headers?arch=i686&distro=amazonlinux-1	amazonlinux	kernel-headers	< 4.14.309-159.529.amzn1	amazonlinux-1	i686
Affected	pkg:rpm/amazonlinux/kernel-devel?arch=x86_64&distro=amazonlinux-1	amazonlinux	kernel-devel	< 4.14.309-159.529.amzn1	amazonlinux-1	x86_64
Affected	pkg:rpm/amazonlinux/kernel-devel?arch=i686&distro=amazonlinux-1	amazonlinux	kernel-devel	< 4.14.309-159.529.amzn1	amazonlinux-1	i686
Affected	pkg:rpm/amazonlinux/kernel-debuginfo?arch=x86_64&distro=amazonlinux-1	amazonlinux	kernel-debuginfo	< 4.14.309-159.529.amzn1	amazonlinux-1	x86_64
Affected	pkg:rpm/amazonlinux/kernel-debuginfo?arch=i686&distro=amazonlinux-1	amazonlinux	kernel-debuginfo	< 4.14.309-159.529.amzn1	amazonlinux-1	i686
Affected	pkg:rpm/amazonlinux/kernel-debuginfo-common-x86_64?arch=x86_64&distro=amazonlinux-1	amazonlinux	kernel-debuginfo-common-x86_64	< 4.14.309-159.529.amzn1	amazonlinux-1	x86_64
Affected	pkg:rpm/amazonlinux/kernel-debuginfo-common-i686?arch=i686&distro=amazonlinux-1	amazonlinux	kernel-debuginfo-common-i686	< 4.14.309-159.529.amzn1	amazonlinux-1	i686

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date