[ALAS-2023-1773] Amazon Linux AMI 2014.03 - ALAS-2023-1773: important priority package update for kernel
Package updates are available for Amazon Linux AMI that fix the following vulnerabilities:
CVE-2023-34256:
An issue was discovered in the Linux kernel before 6.3.3. There is an out-of-bounds read in crc16 in lib/crc16.c when called from fs/ext4/super.c because ext4_group_desc_csum does not properly check an offset.
CVE-2023-3111:
A use after free vulnerability was found in prepare_to_relocate in fs/btrfs/relocation.c in btrfs in the Linux Kernel. This possible flaw can be triggered by calling btrfs_ioctl_balance() before calling btrfs_ioctl_defrag().
CVE-2023-28466:
do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition (with a resultant use-after-free or NULL pointer dereference).
CVE-2023-2269:
A denial of service problem was found, due to a possible recursive locking scenario, resulting in a deadlock in table_clear in drivers/md/dm-ioctl.c in the Linux Kernel Device Mapper-Multipathing sub-component.
CVE-2022-34918:
A heap buffer overflow flaw was found in the Linux kernel's Netfilter subsystem in the way a user provides incorrect input of the NFT_DATA_VERDICT type. This flaw allows a local user to crash or potentially escalate their privileges on the system.
CVE-2022-2586:
A use-after-free flaw was found in nf_tables cross-table in the net/netfilter/nf_tables_api.c function in the Linux kernel. This flaw allows a local, privileged attacker to cause a use-after-free problem at the time of table deletion, possibly leading to local privilege escalation.
- ID
- ALAS-2023-1773
- Severity
- important
- URL
- https://alas.aws.amazon.com/ALAS-2023-1773.html
- Published
-
2023-06-21T19:11:00
(15 months ago) - Modified
-
2023-06-29T23:52:00
(14 months ago) - Rights
- Amazon Linux Security Team
- Other Advisories
-
- ALAS2-2023-2100
- ALSA-2022:6610
- ALSA-2022:7683
- ALSA-2022:8267
- ALSA-2023:3723
- ALSA-2023:3819
- ALSA-2023:3847
- CISA-2024:0626
- DSA-5191-1
- DSA-5207-1
- DSA-5448-1
- DSA-5480-1
- ELSA-2022-6610
- ELSA-2022-7683
- ELSA-2022-8267
- ELSA-2022-9827
- ELSA-2022-9828
- ELSA-2022-9829
- ELSA-2022-9830
- ELSA-2023-12565
- ELSA-2023-12566
- ELSA-2023-12588
- ELSA-2023-12590
- ELSA-2023-12591
- ELSA-2023-12842
- ELSA-2023-3723
- ELSA-2023-3847
- ELSA-2024-12193
- FEDORA-2022-484e226872
- FEDORA-2022-9bbb1d9b7b
- FEDORA-2023-00393126a0
- FEDORA-2023-26325e5399
- FEDORA-2023-dfd4a6e8f2
- MS:CVE-2022-34918
- MS:CVE-2023-34256
- openSUSE-SU-2022:2549-1
- RHSA-2022:6582
- RHSA-2022:6592
- RHSA-2022:6610
- RHSA-2022:7444
- RHSA-2022:7683
- RHSA-2022:7933
- RHSA-2022:8267
- RHSA-2023:3708
- RHSA-2023:3723
- RHSA-2023:3819
- RHSA-2023:3847
- RLSA-2022:7683
- RLSA-2023:3847
- SSA:2022-237-02
- SSA:2023-172-02
- SUSE-SU-2022:2376-1
- SUSE-SU-2022:2424-1
- SUSE-SU-2022:2424-2
- SUSE-SU-2022:2520-1
- SUSE-SU-2022:2549-1
- SUSE-SU-2022:2615-1
- SUSE-SU-2022:2696-1
- SUSE-SU-2022:2726-1
- SUSE-SU-2022:2727-1
- SUSE-SU-2022:2732-1
- SUSE-SU-2022:2738-1
- SUSE-SU-2022:2759-1
- SUSE-SU-2022:2766-1
- SUSE-SU-2022:2770-1
- SUSE-SU-2022:2854-1
- SUSE-SU-2022:3585-1
- SUSE-SU-2022:3609-1
- SUSE-SU-2022:3704-1
- SUSE-SU-2022:3775-1
- SUSE-SU-2022:3809-1
- SUSE-SU-2022:3844-1
- SUSE-SU-2022:4617-1
- SUSE-SU-2023:1800-1
- SUSE-SU-2023:1802-1
- SUSE-SU-2023:1811-1
- SUSE-SU-2023:1892-1
- SUSE-SU-2023:1897-1
- SUSE-SU-2023:1992-1
- SUSE-SU-2023:2500-1
- SUSE-SU-2023:2501-1
- SUSE-SU-2023:2507-1
- SUSE-SU-2023:2534-1
- SUSE-SU-2023:2538-1
- SUSE-SU-2023:2646-1
- SUSE-SU-2023:2653-1
- SUSE-SU-2023:2679-1
- SUSE-SU-2023:2680-1
- SUSE-SU-2023:2681-1
- SUSE-SU-2023:2686-1
- SUSE-SU-2023:2687-1
- SUSE-SU-2023:2689-1
- SUSE-SU-2023:2694-1
- SUSE-SU-2023:2695-1
- SUSE-SU-2023:2697-1
- SUSE-SU-2023:2698-1
- SUSE-SU-2023:2701-1
- SUSE-SU-2023:2702-1
- SUSE-SU-2023:2703-1
- SUSE-SU-2023:2710-1
- SUSE-SU-2023:2714-1
- SUSE-SU-2023:2718-1
- SUSE-SU-2023:2719-1
- SUSE-SU-2023:2721-1
- SUSE-SU-2023:2724-1
- SUSE-SU-2023:2727-1
- SUSE-SU-2023:2731-1
- SUSE-SU-2023:2735-1
- SUSE-SU-2023:2741-1
- SUSE-SU-2023:2743-1
- SUSE-SU-2023:2755-1
- SUSE-SU-2023:2782-1
- SUSE-SU-2023:2803-1
- SUSE-SU-2023:2804-1
- SUSE-SU-2023:2808-1
- SUSE-SU-2023:2809-1
- SUSE-SU-2023:2820-1
- SUSE-SU-2023:2822-1
- SUSE-SU-2023:2830-1
- SUSE-SU-2023:2831-1
- SUSE-SU-2023:2871-1
- SUSE-SU-2023:2892-1
- SUSE-SU-2023:3302-1
- SUSE-SU-2023:4348-1
- SUSE-SU-2023:4358-1
- SUSE-SU-2023:4377-1
- SUSE-SU-2024:0112-1
- SUSE-SU-2024:0113-1
- SUSE-SU-2024:0117-1
- SUSE-SU-2024:0118-1
- SUSE-SU-2024:0120-1
- SUSE-SU-2024:0463-1
- SUSE-SU-2024:0468-1
- SUSE-SU-2024:0469-1
- SUSE-SU-2024:0474-1
- SUSE-SU-2024:0476-1
- SUSE-SU-2024:0478-1
- SUSE-SU-2024:0483-1
- SUSE-SU-2024:0484-1
- SUSE-SU-2024:0514-1
- SUSE-SU-2024:0515-1
- SUSE-SU-2024:0516-1
- SUSE-SU-2024:1358-1
- SUSE-SU-2024:1491-1
- SUSE-SU-2024:1493-1
- SUSE-SU-2024:1505-1
- SUSE-SU-2024:1506-1
- SUSE-SU-2024:1537-1
- SUSE-SU-2024:1545-1
- SUSE-SU-2024:1551-1
- SUSE-SU-2024:1554-1
- SUSE-SU-2024:1558-1
- SUSE-SU-2024:1562-1
- SUSE-SU-2024:1580-1
- SUSE-SU-2024:1581-1
- SUSE-SU-2024:1582-1
- SUSE-SU-2024:1596-1
- USN-5540-1
- USN-5544-1
- USN-5545-1
- USN-5557-1
- USN-5560-1
- USN-5560-2
- USN-5562-1
- USN-5564-1
- USN-5565-1
- USN-5566-1
- USN-5567-1
- USN-5582-1
- USN-6033-1
- USN-6173-1
- USN-6175-1
- USN-6186-1
- USN-6221-1
- USN-6252-1
- USN-6283-1
- USN-6284-1
- USN-6300-1
- USN-6301-1
- USN-6309-1
- USN-6311-1
- USN-6312-1
- USN-6314-1
- USN-6327-1
- USN-6331-1
- USN-6332-1
- USN-6337-1
- USN-6340-1
- USN-6340-2
- USN-6342-1
- USN-6342-2
- USN-6347-1
- USN-6349-1
- USN-6357-1
- USN-6385-1
- USN-6397-1
- USN-6700-1
- USN-6700-2
- USN-6701-1
- USN-6701-2
- USN-6701-3
- USN-6701-4
Source | # ID | Name | URL |
---|---|---|---|
CVE | CVE-2022-2586 | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2586 | |
CVE | CVE-2022-34918 | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34918 | |
CVE | CVE-2023-2269 | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2269 | |
CVE | CVE-2023-28466 | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28466 | |
CVE | CVE-2023-3111 | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3111 | |
CVE | CVE-2023-34256 | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34256 |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/amazonlinux/perf?arch=x86_64&distro=amazonlinux-1 | amazonlinux | perf | < 4.14.318-166.529.amzn1 | amazonlinux-1 | x86_64 | |
Affected | pkg:rpm/amazonlinux/perf?arch=i686&distro=amazonlinux-1 | amazonlinux | perf | < 4.14.318-166.529.amzn1 | amazonlinux-1 | i686 | |
Affected | pkg:rpm/amazonlinux/perf-debuginfo?arch=x86_64&distro=amazonlinux-1 | amazonlinux | perf-debuginfo | < 4.14.318-166.529.amzn1 | amazonlinux-1 | x86_64 | |
Affected | pkg:rpm/amazonlinux/perf-debuginfo?arch=i686&distro=amazonlinux-1 | amazonlinux | perf-debuginfo | < 4.14.318-166.529.amzn1 | amazonlinux-1 | i686 | |
Affected | pkg:rpm/amazonlinux/kernel?arch=x86_64&distro=amazonlinux-1 | amazonlinux | kernel | < 4.14.318-166.529.amzn1 | amazonlinux-1 | x86_64 | |
Affected | pkg:rpm/amazonlinux/kernel?arch=i686&distro=amazonlinux-1 | amazonlinux | kernel | < 4.14.318-166.529.amzn1 | amazonlinux-1 | i686 | |
Affected | pkg:rpm/amazonlinux/kernel-tools?arch=x86_64&distro=amazonlinux-1 | amazonlinux | kernel-tools | < 4.14.318-166.529.amzn1 | amazonlinux-1 | x86_64 | |
Affected | pkg:rpm/amazonlinux/kernel-tools?arch=i686&distro=amazonlinux-1 | amazonlinux | kernel-tools | < 4.14.318-166.529.amzn1 | amazonlinux-1 | i686 | |
Affected | pkg:rpm/amazonlinux/kernel-tools-devel?arch=x86_64&distro=amazonlinux-1 | amazonlinux | kernel-tools-devel | < 4.14.318-166.529.amzn1 | amazonlinux-1 | x86_64 | |
Affected | pkg:rpm/amazonlinux/kernel-tools-devel?arch=i686&distro=amazonlinux-1 | amazonlinux | kernel-tools-devel | < 4.14.318-166.529.amzn1 | amazonlinux-1 | i686 | |
Affected | pkg:rpm/amazonlinux/kernel-tools-debuginfo?arch=x86_64&distro=amazonlinux-1 | amazonlinux | kernel-tools-debuginfo | < 4.14.318-166.529.amzn1 | amazonlinux-1 | x86_64 | |
Affected | pkg:rpm/amazonlinux/kernel-tools-debuginfo?arch=i686&distro=amazonlinux-1 | amazonlinux | kernel-tools-debuginfo | < 4.14.318-166.529.amzn1 | amazonlinux-1 | i686 | |
Affected | pkg:rpm/amazonlinux/kernel-headers?arch=x86_64&distro=amazonlinux-1 | amazonlinux | kernel-headers | < 4.14.318-166.529.amzn1 | amazonlinux-1 | x86_64 | |
Affected | pkg:rpm/amazonlinux/kernel-headers?arch=i686&distro=amazonlinux-1 | amazonlinux | kernel-headers | < 4.14.318-166.529.amzn1 | amazonlinux-1 | i686 | |
Affected | pkg:rpm/amazonlinux/kernel-devel?arch=x86_64&distro=amazonlinux-1 | amazonlinux | kernel-devel | < 4.14.318-166.529.amzn1 | amazonlinux-1 | x86_64 | |
Affected | pkg:rpm/amazonlinux/kernel-devel?arch=i686&distro=amazonlinux-1 | amazonlinux | kernel-devel | < 4.14.318-166.529.amzn1 | amazonlinux-1 | i686 | |
Affected | pkg:rpm/amazonlinux/kernel-debuginfo?arch=x86_64&distro=amazonlinux-1 | amazonlinux | kernel-debuginfo | < 4.14.318-166.529.amzn1 | amazonlinux-1 | x86_64 | |
Affected | pkg:rpm/amazonlinux/kernel-debuginfo?arch=i686&distro=amazonlinux-1 | amazonlinux | kernel-debuginfo | < 4.14.318-166.529.amzn1 | amazonlinux-1 | i686 | |
Affected | pkg:rpm/amazonlinux/kernel-debuginfo-common-x86_64?arch=x86_64&distro=amazonlinux-1 | amazonlinux | kernel-debuginfo-common-x86_64 | < 4.14.318-166.529.amzn1 | amazonlinux-1 | x86_64 | |
Affected | pkg:rpm/amazonlinux/kernel-debuginfo-common-i686?arch=i686&distro=amazonlinux-1 | amazonlinux | kernel-debuginfo-common-i686 | < 4.14.318-166.529.amzn1 | amazonlinux-1 | i686 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |