[ALAS-2023-1827] Amazon Linux AMI 2014.03 - ALAS-2023-1827: important priority package update for kernel
Package updates are available for Amazon Linux AMI that fix the following vulnerabilities:
CVE-2023-4208:
A use-after-free vulnerability in the Linux kernel's net/sched: cls_u32 component can be exploited to achieve local privilege escalation.
When u32_change() is called on an existing filter, the whole tcf_result struct is always copied into the new instance of the filter. This causes a problem when updating a filter bound to a class, as tcf_unbind_filter() is always called on the old instance in the success path, decreasing filter_cnt of the still referenced class and allowing it to be deleted, leading to a use-after-free.
We recommend upgrading past commit 3044b16e7c6fe5d24b1cdbcf1bd0a9d92d1ebd81.
CVE-2023-4206:
A use-after-free vulnerability in the Linux kernel's net/sched: cls_route component can be exploited to achieve local privilege escalation.
When route4_change() is called on an existing filter, the whole tcf_result struct is always copied into the new instance of the filter. This causes a problem when updating a filter bound to a class, as tcf_unbind_filter() is always called on the old instance in the success path, decreasing filter_cnt of the still referenced class and allowing it to be deleted, leading to a use-after-free.
We recommend upgrading past commit b80b829e9e2c1b3f7aae34855e04d8f6ecaf13c8.
CVE-2023-4128:
A use-after-free flaw was found in net/sched/cls_fw.c in classifiers (cls_fw, cls_u32, and cls_route) in the Linux Kernel. This flaw allows a local attacker to perform a local privilege escalation due to incorrect handling of the existing filter, leading to a kernel information leak issue.
CVE-2023-34319:
A buffer overrun vulnerability was found in the netback driver in Xen due to an unusual split packet. This flaw allows an unprivileged guest to cause a denial of service (DoS) of the host by sending network packets to the backend, causing the backend to crash.
CVE-2023-3390:
A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nf_tables_api.c.
Mishandled error handling with NFT_MSG_NEWRULE makes it possible to use a dangling pointer in the same transaction causing a use-after-free vulnerability. This flaw allows a local attacker with user access to cause a privilege escalation issue.
We recommend upgrading past commit 1240eb93f0616b21c675416516ff3d74798fdc97.
- ID
- ALAS-2023-1827
- Severity
- important
- URL
- https://alas.aws.amazon.com/ALAS-2023-1827.html
- Published
-
2023-09-13T23:15:00
(12 months ago) - Modified
-
2023-09-27T22:15:00
(11 months ago) - Rights
- Amazon Linux Security Team
- Other Advisories
-
- ALAS-2023-1803
- ALAS2-2023-2206
- ALAS2-2023-2268
- ALSA-2023:5069
- ALSA-2023:5244
- ALSA-2023:7077
- DSA-5448-1
- DSA-5461-1
- DSA-5480-1
- DSA-5492-1
- ELSA-2023-12839
- ELSA-2023-12842
- ELSA-2023-12970
- ELSA-2023-5069
- ELSA-2023-6583
- ELSA-2023-7077
- ELSA-2023-7423
- FEDORA-2023-638681260a
- FEDORA-2023-d9509be489
- FEDORA-2023-ddfd3073b3
- FEDORA-2023-ee241dcf80
- MS:CVE-2023-4128
- MS:CVE-2023-4206
- MS:CVE-2023-4208
- RHSA-2023:5069
- RHSA-2023:5091
- RHSA-2023:5093
- RHSA-2023:5221
- RHSA-2023:5244
- RHSA-2023:5255
- RHSA-2023:6901
- RHSA-2023:7077
- RHSA-2023:7419
- RHSA-2023:7423
- RHSA-2023:7424
- RLSA-2023:5244
- SSA:2023-325-01
- SUSE-SU-2023:3171-1
- SUSE-SU-2023:3172-1
- SUSE-SU-2023:3180-1
- SUSE-SU-2023:3182-1
- SUSE-SU-2023:3302-1
- SUSE-SU-2023:3318-1
- SUSE-SU-2023:3390-1
- SUSE-SU-2023:3391-1
- SUSE-SU-2023:3392-1
- SUSE-SU-2023:3421-1
- SUSE-SU-2023:3599-1
- SUSE-SU-2023:3599-2
- SUSE-SU-2023:3600-1
- SUSE-SU-2023:3600-2
- SUSE-SU-2023:3601-1
- SUSE-SU-2023:3656-1
- SUSE-SU-2023:3680-1
- SUSE-SU-2023:3681-1
- SUSE-SU-2023:3682-1
- SUSE-SU-2023:3683-1
- SUSE-SU-2023:3684-1
- SUSE-SU-2023:3687-1
- SUSE-SU-2023:3704-1
- SUSE-SU-2023:3705-1
- SUSE-SU-2023:3785-1
- SUSE-SU-2023:3964-1
- SUSE-SU-2023:3969-1
- SUSE-SU-2023:3971-1
- SUSE-SU-2023:3988-1
- SUSE-SU-2023:4166-1
- SUSE-SU-2023:4175-1
- SUSE-SU-2023:4201-1
- SUSE-SU-2023:4219-1
- SUSE-SU-2023:4239-1
- SUSE-SU-2023:4245-1
- SUSE-SU-2023:4267-1
- SUSE-SU-2023:4279-1
- SUSE-SU-2023:4285-1
- SUSE-SU-2023:4308-1
- SUSE-SU-2023:4326-1
- SUSE-SU-2024:1642-1
- SUSE-SU-2024:1643-1
- SUSE-SU-2024:1644-1
- SUSE-SU-2024:1645-1
- SUSE-SU-2024:1650-1
- SUSE-SU-2024:1659-1
- SUSE-SU-2024:1663-1
- SUSE-SU-2024:1983-1
- SUSE-SU-2024:2011-1
- SUSE-SU-2024:2135-1
- SUSE-SU-2024:2184-1
- SUSE-SU-2024:2189-1
- SUSE-SU-2024:2203-1
- SUSE-SU-2024:2973-1
- USN-6246-1
- USN-6250-1
- USN-6251-1
- USN-6252-1
- USN-6254-1
- USN-6255-1
- USN-6260-1
- USN-6261-1
- USN-6285-1
- USN-6343-1
- USN-6383-1
- USN-6385-1
- USN-6386-1
- USN-6386-2
- USN-6386-3
- USN-6387-1
- USN-6387-2
- USN-6388-1
- USN-6396-1
- USN-6396-2
- USN-6396-3
- USN-6439-1
- USN-6439-2
- USN-6440-1
- USN-6440-2
- USN-6440-3
- USN-6441-1
- USN-6441-2
- USN-6441-3
- USN-6442-1
- USN-6444-1
- USN-6444-2
- USN-6445-1
- USN-6445-2
- USN-6446-1
- USN-6446-2
- USN-6446-3
- USN-6466-1
- USN-6740-1
- XSA-432
Source | # ID | Name | URL |
---|---|---|---|
CVE | CVE-2023-3390 | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3390 | |
CVE | CVE-2023-34319 | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34319 | |
CVE | CVE-2023-4128 | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4128 | |
CVE | CVE-2023-4206 | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4206 | |
CVE | CVE-2023-4208 | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4208 |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/amazonlinux/perf?arch=x86_64&distro=amazonlinux-1 | amazonlinux | perf | < 4.14.322-170.535.amzn1 | amazonlinux-1 | x86_64 | |
Affected | pkg:rpm/amazonlinux/perf?arch=i686&distro=amazonlinux-1 | amazonlinux | perf | < 4.14.322-170.535.amzn1 | amazonlinux-1 | i686 | |
Affected | pkg:rpm/amazonlinux/perf-debuginfo?arch=x86_64&distro=amazonlinux-1 | amazonlinux | perf-debuginfo | < 4.14.322-170.535.amzn1 | amazonlinux-1 | x86_64 | |
Affected | pkg:rpm/amazonlinux/perf-debuginfo?arch=i686&distro=amazonlinux-1 | amazonlinux | perf-debuginfo | < 4.14.322-170.535.amzn1 | amazonlinux-1 | i686 | |
Affected | pkg:rpm/amazonlinux/kernel?arch=x86_64&distro=amazonlinux-1 | amazonlinux | kernel | < 4.14.322-170.535.amzn1 | amazonlinux-1 | x86_64 | |
Affected | pkg:rpm/amazonlinux/kernel?arch=i686&distro=amazonlinux-1 | amazonlinux | kernel | < 4.14.322-170.535.amzn1 | amazonlinux-1 | i686 | |
Affected | pkg:rpm/amazonlinux/kernel-tools?arch=x86_64&distro=amazonlinux-1 | amazonlinux | kernel-tools | < 4.14.322-170.535.amzn1 | amazonlinux-1 | x86_64 | |
Affected | pkg:rpm/amazonlinux/kernel-tools?arch=i686&distro=amazonlinux-1 | amazonlinux | kernel-tools | < 4.14.322-170.535.amzn1 | amazonlinux-1 | i686 | |
Affected | pkg:rpm/amazonlinux/kernel-tools-devel?arch=x86_64&distro=amazonlinux-1 | amazonlinux | kernel-tools-devel | < 4.14.322-170.535.amzn1 | amazonlinux-1 | x86_64 | |
Affected | pkg:rpm/amazonlinux/kernel-tools-devel?arch=i686&distro=amazonlinux-1 | amazonlinux | kernel-tools-devel | < 4.14.322-170.535.amzn1 | amazonlinux-1 | i686 | |
Affected | pkg:rpm/amazonlinux/kernel-tools-debuginfo?arch=x86_64&distro=amazonlinux-1 | amazonlinux | kernel-tools-debuginfo | < 4.14.322-170.535.amzn1 | amazonlinux-1 | x86_64 | |
Affected | pkg:rpm/amazonlinux/kernel-tools-debuginfo?arch=i686&distro=amazonlinux-1 | amazonlinux | kernel-tools-debuginfo | < 4.14.322-170.535.amzn1 | amazonlinux-1 | i686 | |
Affected | pkg:rpm/amazonlinux/kernel-headers?arch=x86_64&distro=amazonlinux-1 | amazonlinux | kernel-headers | < 4.14.322-170.535.amzn1 | amazonlinux-1 | x86_64 | |
Affected | pkg:rpm/amazonlinux/kernel-headers?arch=i686&distro=amazonlinux-1 | amazonlinux | kernel-headers | < 4.14.322-170.535.amzn1 | amazonlinux-1 | i686 | |
Affected | pkg:rpm/amazonlinux/kernel-devel?arch=x86_64&distro=amazonlinux-1 | amazonlinux | kernel-devel | < 4.14.322-170.535.amzn1 | amazonlinux-1 | x86_64 | |
Affected | pkg:rpm/amazonlinux/kernel-devel?arch=i686&distro=amazonlinux-1 | amazonlinux | kernel-devel | < 4.14.322-170.535.amzn1 | amazonlinux-1 | i686 | |
Affected | pkg:rpm/amazonlinux/kernel-debuginfo?arch=x86_64&distro=amazonlinux-1 | amazonlinux | kernel-debuginfo | < 4.14.322-170.535.amzn1 | amazonlinux-1 | x86_64 | |
Affected | pkg:rpm/amazonlinux/kernel-debuginfo?arch=i686&distro=amazonlinux-1 | amazonlinux | kernel-debuginfo | < 4.14.322-170.535.amzn1 | amazonlinux-1 | i686 | |
Affected | pkg:rpm/amazonlinux/kernel-debuginfo-common-x86_64?arch=x86_64&distro=amazonlinux-1 | amazonlinux | kernel-debuginfo-common-x86_64 | < 4.14.322-170.535.amzn1 | amazonlinux-1 | x86_64 | |
Affected | pkg:rpm/amazonlinux/kernel-debuginfo-common-i686?arch=i686&distro=amazonlinux-1 | amazonlinux | kernel-debuginfo-common-i686 | < 4.14.322-170.535.amzn1 | amazonlinux-1 | i686 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |