[ALAS-2023-1838] Amazon Linux AMI 2014.03 - ALAS-2023-1838: important priority package update for kernel
Package updates are available for Amazon Linux AMI that fix the following vulnerabilities:
CVE-2023-4921:
A use-after-free vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation.
When the plug qdisc is used as a class of the qfq qdisc, sending network packets triggers use-after-free in qfq_dequeue() due to the incorrect .peek handler of sch_plug and lack of error checking in agg_dequeue().
We recommend upgrading past commit 8fc134fee27f2263988ae38920bc03da416b03d8.
CVE-2023-4623:
A use-after-free vulnerability in the Linux kernel's net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local privilege escalation.
If a class with a link-sharing curve (i.e. with the HFSC_FSC flag set) has a parent without a link-sharing curve, then init_vf() will call vttree_insert() on the parent, but vttree_remove() will be skipped in update_vf(). This leaves a dangling pointer that can cause a use-after-free.
We recommend upgrading past commit b3d26c5702c7d6c45456326e56d2ccf3f103e60f.
CVE-2023-4622:
A use-after-free vulnerability in the Linux kernel's af_unix component can be exploited to achieve local privilege escalation.
The unix_stream_sendpage() function tries to add data to the last skb in the peer's recv queue without locking the queue. Thus there is a race where unix_stream_sendpage() could access an skb locklessly that is being released by garbage collection, resulting in use-after-free.
We recommend upgrading past commit 790c2f9d15b594350ae9bca7b236f2b1859de02c.
CVE-2023-45871:
An issue was discovered in drivers/net/ethernet/intel/igb/igb_main.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU.
CVE-2023-42755:
A flaw was found in rsvp_change(). The root cause is an slab-out-of-bound access, but since the offset to the original pointer is an unsign int
fully controlled by users, the behavior is usually a wild pointer access.
CVE-2023-42753:
The upstream commit describes this issue as follows:
The missing IP_SET_HASH_WITH_NET0 macro in ip_set_hash_netportnet can lead to the use of wrong CIDR_POS(c)
for calculating array offsets, which can lead to integer underflow. As a result, it leads to slab out-of-bound access.
CVE-2023-4207:
A use-after-free vulnerability in the Linux kernel's net/sched: cls_fw component can be exploited to achieve local privilege escalation.
When fw_change() is called on an existing filter, the whole tcf_result struct is always copied into the new instance of the filter. This causes a problem when updating a filter bound to a class, as tcf_unbind_filter() is always called on the old instance in the success path, decreasing filter_cnt of the still referenced class and allowing it to be deleted, leading to a use-after-free.
We recommend upgrading past commit 76e42ae831991c828cffa8c37736ebfb831ad5ec.
CVE-2023-39194:
net: xfrm: Fix xfrm_address_filter OOB read
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-23-1492/
NOTE: https://git.kernel.org/linus/dfa73c17d55b921e1d4e154976de35317e43a93a (6.5-rc7)
CVE-2023-39193:
netfilter: xt_sctp: validate the flag_info count
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-23-1491/
NOTE: https://git.kernel.org/linus/e99476497687ef9e850748fe6d232264f30bc8f9 (6.6-rc1)
CVE-2023-39192:
netfilter: xt_u32: validate user space input
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-23-1490/
NOTE: https://git.kernel.org/linus/69c5d284f67089b4750d28ff6ac6f52ec224b330 (6.6-rc1)
CVE-2023-3772:
A flaw was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params(), leading to a possible kernel crash and denial of service.
- ID
- ALAS-2023-1838
- Severity
- important
- URL
- https://alas.aws.amazon.com/ALAS-2023-1838.html
- Published
-
2023-09-27T22:15:00
(11 months ago) - Modified
-
2023-10-25T21:00:00
(10 months ago) - Rights
- Amazon Linux Security Team
- Other Advisories
-
- ALAS2-2023-2264
- ALSA-2023:7077
- ALSA-2024:0113
- ALSA-2024:0897
- ALSA-2024:3138
- DSA-5492-1
- ELSA-2023-12824
- ELSA-2023-12825
- ELSA-2023-12826
- ELSA-2023-12842
- ELSA-2023-12858
- ELSA-2023-12874
- ELSA-2023-12875
- ELSA-2023-12910
- ELSA-2023-12911
- ELSA-2023-12914
- ELSA-2023-12915
- ELSA-2023-13019
- ELSA-2023-13039
- ELSA-2023-13043
- ELSA-2023-13047
- ELSA-2023-6583
- ELSA-2023-7077
- ELSA-2023-7423
- ELSA-2023-7749
- ELSA-2024-0346
- ELSA-2024-0461
- ELSA-2024-0897
- ELSA-2024-12069
- ELSA-2024-12094
- ELSA-2024-12110
- ELSA-2024-12149
- ELSA-2024-12151
- ELSA-2024-12153
- ELSA-2024-12154
- ELSA-2024-12169
- ELSA-2024-12187
- ELSA-2024-12258
- ELSA-2024-1248
- ELSA-2024-1249
- ELSA-2024-1831
- ELSA-2024-2004
- ELSA-2024-2394
- ELSA-2024-3138
- MS:CVE-2023-4207
- MS:CVE-2023-4622
- RHSA-2023:6901
- RHSA-2023:7077
- RHSA-2023:7419
- RHSA-2023:7423
- RHSA-2023:7424
- RHSA-2023:7734
- RHSA-2024:0089
- RHSA-2024:0113
- RHSA-2024:0134
- RHSA-2024:0340
- RHSA-2024:0346
- RHSA-2024:0347
- RHSA-2024:0371
- RHSA-2024:0876
- RHSA-2024:0881
- RHSA-2024:0897
- RHSA-2024:1249
- RHSA-2024:1323
- RHSA-2024:1332
- RHSA-2024:1960
- RHSA-2024:2003
- RHSA-2024:2004
- RHSA-2024:2950
- RHSA-2024:3138
- RLSA-2024:3138
- SSA:2023-325-01
- SUSE-SU-2023:3599-1
- SUSE-SU-2023:3599-2
- SUSE-SU-2023:3600-1
- SUSE-SU-2023:3600-2
- SUSE-SU-2023:3601-1
- SUSE-SU-2023:3656-1
- SUSE-SU-2023:3680-1
- SUSE-SU-2023:3681-1
- SUSE-SU-2023:3682-1
- SUSE-SU-2023:3683-1
- SUSE-SU-2023:3684-1
- SUSE-SU-2023:3687-1
- SUSE-SU-2023:3704-1
- SUSE-SU-2023:3705-1
- SUSE-SU-2023:3785-1
- SUSE-SU-2023:3964-1
- SUSE-SU-2023:3969-1
- SUSE-SU-2023:3971-1
- SUSE-SU-2023:3988-1
- SUSE-SU-2023:4028-1
- SUSE-SU-2023:4030-1
- SUSE-SU-2023:4031-1
- SUSE-SU-2023:4032-1
- SUSE-SU-2023:4033-1
- SUSE-SU-2023:4035-1
- SUSE-SU-2023:4057-1
- SUSE-SU-2023:4058-1
- SUSE-SU-2023:4071-1
- SUSE-SU-2023:4072-1
- SUSE-SU-2023:4072-2
- SUSE-SU-2023:4093-1
- SUSE-SU-2023:4095-1
- SUSE-SU-2023:4142-1
- SUSE-SU-2023:4164-1
- SUSE-SU-2023:4165-1
- SUSE-SU-2023:4166-1
- SUSE-SU-2023:4175-1
- SUSE-SU-2023:4201-1
- SUSE-SU-2023:4204-1
- SUSE-SU-2023:4208-1
- SUSE-SU-2023:4219-1
- SUSE-SU-2023:4239-1
- SUSE-SU-2023:4243-1
- SUSE-SU-2023:4244-1
- SUSE-SU-2023:4245-1
- SUSE-SU-2023:4260-1
- SUSE-SU-2023:4261-1
- SUSE-SU-2023:4267-1
- SUSE-SU-2023:4273-1
- SUSE-SU-2023:4278-1
- SUSE-SU-2023:4279-1
- SUSE-SU-2023:4280-1
- SUSE-SU-2023:4285-1
- SUSE-SU-2023:4300-1
- SUSE-SU-2023:4301-1
- SUSE-SU-2023:4308-1
- SUSE-SU-2023:4313-1
- SUSE-SU-2023:4321-1
- SUSE-SU-2023:4322-1
- SUSE-SU-2023:4325-1
- SUSE-SU-2023:4326-1
- SUSE-SU-2023:4328-1
- SUSE-SU-2023:4343-1
- SUSE-SU-2023:4345-1
- SUSE-SU-2023:4347-1
- SUSE-SU-2023:4348-1
- SUSE-SU-2023:4358-1
- SUSE-SU-2023:4375-1
- SUSE-SU-2023:4377-1
- SUSE-SU-2023:4378-1
- SUSE-SU-2023:4414-1
- SUSE-SU-2023:4730-1
- SUSE-SU-2023:4731-1
- SUSE-SU-2023:4732-1
- SUSE-SU-2023:4733-1
- SUSE-SU-2023:4734-1
- SUSE-SU-2023:4735-1
- SUSE-SU-2023:4766-1
- SUSE-SU-2023:4775-1
- SUSE-SU-2023:4782-1
- SUSE-SU-2023:4783-1
- SUSE-SU-2023:4784-1
- SUSE-SU-2023:4795-1
- SUSE-SU-2023:4796-1
- SUSE-SU-2023:4799-1
- SUSE-SU-2023:4801-1
- SUSE-SU-2023:4802-1
- SUSE-SU-2023:4805-1
- SUSE-SU-2023:4810-1
- SUSE-SU-2023:4811-1
- SUSE-SU-2023:4817-1
- SUSE-SU-2023:4820-1
- SUSE-SU-2023:4822-1
- SUSE-SU-2023:4831-1
- SUSE-SU-2023:4833-1
- SUSE-SU-2023:4836-1
- SUSE-SU-2023:4841-1
- SUSE-SU-2023:4847-1
- SUSE-SU-2023:4848-1
- SUSE-SU-2023:4849-1
- SUSE-SU-2023:4862-1
- SUSE-SU-2023:4863-1
- SUSE-SU-2023:4866-1
- SUSE-SU-2023:4871-1
- SUSE-SU-2023:4872-1
- SUSE-SU-2023:4882-1
- SUSE-SU-2023:4883-1
- SUSE-SU-2024:0112-1
- SUSE-SU-2024:0469-1
- SUSE-SU-2024:0474-1
- SUSE-SU-2024:0478-1
- SUSE-SU-2024:0514-1
- SUSE-SU-2024:0515-1
- SUSE-SU-2024:0516-1
- SUSE-SU-2024:0622-1
- SUSE-SU-2024:0624-1
- SUSE-SU-2024:0655-1
- SUSE-SU-2024:0666-1
- SUSE-SU-2024:0685-1
- SUSE-SU-2024:0698-1
- SUSE-SU-2024:0727-1
- SUSE-SU-2024:1181-1
- SUSE-SU-2024:1183-1
- SUSE-SU-2024:1236-1
- SUSE-SU-2024:1246-1
- SUSE-SU-2024:1249-1
- SUSE-SU-2024:1251-1
- SUSE-SU-2024:1252-1
- SUSE-SU-2024:1257-1
- SUSE-SU-2024:1288-1
- SUSE-SU-2024:1299-1
- SUSE-SU-2024:1312-1
- SUSE-SU-2024:1979-1
- SUSE-SU-2024:1983-1
- SUSE-SU-2024:2008-1
- SUSE-SU-2024:2010-1
- SUSE-SU-2024:2019-1
- SUSE-SU-2024:2183-1
- SUSE-SU-2024:2184-1
- SUSE-SU-2024:2185-1
- SUSE-SU-2024:2190-1
- SUSE-SU-2024:2493-1
- SUSE-SU-2024:2561-1
- SUSE-SU-2024:2901-1
- USN-6415-1
- USN-6439-1
- USN-6439-2
- USN-6440-1
- USN-6440-2
- USN-6440-3
- USN-6441-1
- USN-6441-2
- USN-6441-3
- USN-6442-1
- USN-6443-1
- USN-6444-1
- USN-6444-2
- USN-6445-1
- USN-6445-2
- USN-6446-1
- USN-6446-2
- USN-6446-3
- USN-6454-1
- USN-6454-2
- USN-6454-3
- USN-6454-4
- USN-6460-1
- USN-6461-1
- USN-6462-1
- USN-6462-2
- USN-6464-1
- USN-6465-1
- USN-6465-2
- USN-6465-3
- USN-6466-1
- USN-6479-1
- USN-6494-1
- USN-6494-2
- USN-6495-1
- USN-6495-2
- USN-6496-1
- USN-6496-2
- USN-6502-1
- USN-6502-2
- USN-6502-3
- USN-6502-4
- USN-6503-1
- USN-6516-1
- USN-6520-1
- USN-6532-1
- USN-6534-1
- USN-6534-2
- USN-6534-3
- USN-6537-1
- USN-6548-1
- USN-6548-2
- USN-6548-3
- USN-6548-4
- USN-6548-5
- USN-6549-1
- USN-6549-2
- USN-6549-3
- USN-6549-4
- USN-6549-5
- USN-6572-1
- USN-6635-1
- USN-6681-1
- USN-6681-2
- USN-6681-3
- USN-6681-4
- USN-6699-1
- USN-6716-1
Source | # ID | Name | URL |
---|---|---|---|
CVE | CVE-2023-3772 | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3772 | |
CVE | CVE-2023-39192 | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39192 | |
CVE | CVE-2023-39193 | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39193 | |
CVE | CVE-2023-39194 | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39194 | |
CVE | CVE-2023-4207 | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4207 | |
CVE | CVE-2023-42753 | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42753 | |
CVE | CVE-2023-42755 | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42755 | |
CVE | CVE-2023-45871 | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45871 | |
CVE | CVE-2023-4622 | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4622 | |
CVE | CVE-2023-4623 | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4623 | |
CVE | CVE-2023-4921 | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4921 |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/amazonlinux/perf?arch=x86_64&distro=amazonlinux-1 | amazonlinux | perf | < 4.14.326-171.539.amzn1 | amazonlinux-1 | x86_64 | |
Affected | pkg:rpm/amazonlinux/perf?arch=i686&distro=amazonlinux-1 | amazonlinux | perf | < 4.14.326-171.539.amzn1 | amazonlinux-1 | i686 | |
Affected | pkg:rpm/amazonlinux/perf-debuginfo?arch=x86_64&distro=amazonlinux-1 | amazonlinux | perf-debuginfo | < 4.14.326-171.539.amzn1 | amazonlinux-1 | x86_64 | |
Affected | pkg:rpm/amazonlinux/perf-debuginfo?arch=i686&distro=amazonlinux-1 | amazonlinux | perf-debuginfo | < 4.14.326-171.539.amzn1 | amazonlinux-1 | i686 | |
Affected | pkg:rpm/amazonlinux/kernel?arch=x86_64&distro=amazonlinux-1 | amazonlinux | kernel | < 4.14.326-171.539.amzn1 | amazonlinux-1 | x86_64 | |
Affected | pkg:rpm/amazonlinux/kernel?arch=i686&distro=amazonlinux-1 | amazonlinux | kernel | < 4.14.326-171.539.amzn1 | amazonlinux-1 | i686 | |
Affected | pkg:rpm/amazonlinux/kernel-tools?arch=x86_64&distro=amazonlinux-1 | amazonlinux | kernel-tools | < 4.14.326-171.539.amzn1 | amazonlinux-1 | x86_64 | |
Affected | pkg:rpm/amazonlinux/kernel-tools?arch=i686&distro=amazonlinux-1 | amazonlinux | kernel-tools | < 4.14.326-171.539.amzn1 | amazonlinux-1 | i686 | |
Affected | pkg:rpm/amazonlinux/kernel-tools-devel?arch=x86_64&distro=amazonlinux-1 | amazonlinux | kernel-tools-devel | < 4.14.326-171.539.amzn1 | amazonlinux-1 | x86_64 | |
Affected | pkg:rpm/amazonlinux/kernel-tools-devel?arch=i686&distro=amazonlinux-1 | amazonlinux | kernel-tools-devel | < 4.14.326-171.539.amzn1 | amazonlinux-1 | i686 | |
Affected | pkg:rpm/amazonlinux/kernel-tools-debuginfo?arch=x86_64&distro=amazonlinux-1 | amazonlinux | kernel-tools-debuginfo | < 4.14.326-171.539.amzn1 | amazonlinux-1 | x86_64 | |
Affected | pkg:rpm/amazonlinux/kernel-tools-debuginfo?arch=i686&distro=amazonlinux-1 | amazonlinux | kernel-tools-debuginfo | < 4.14.326-171.539.amzn1 | amazonlinux-1 | i686 | |
Affected | pkg:rpm/amazonlinux/kernel-headers?arch=x86_64&distro=amazonlinux-1 | amazonlinux | kernel-headers | < 4.14.326-171.539.amzn1 | amazonlinux-1 | x86_64 | |
Affected | pkg:rpm/amazonlinux/kernel-headers?arch=i686&distro=amazonlinux-1 | amazonlinux | kernel-headers | < 4.14.326-171.539.amzn1 | amazonlinux-1 | i686 | |
Affected | pkg:rpm/amazonlinux/kernel-devel?arch=x86_64&distro=amazonlinux-1 | amazonlinux | kernel-devel | < 4.14.326-171.539.amzn1 | amazonlinux-1 | x86_64 | |
Affected | pkg:rpm/amazonlinux/kernel-devel?arch=i686&distro=amazonlinux-1 | amazonlinux | kernel-devel | < 4.14.326-171.539.amzn1 | amazonlinux-1 | i686 | |
Affected | pkg:rpm/amazonlinux/kernel-debuginfo?arch=x86_64&distro=amazonlinux-1 | amazonlinux | kernel-debuginfo | < 4.14.326-171.539.amzn1 | amazonlinux-1 | x86_64 | |
Affected | pkg:rpm/amazonlinux/kernel-debuginfo?arch=i686&distro=amazonlinux-1 | amazonlinux | kernel-debuginfo | < 4.14.326-171.539.amzn1 | amazonlinux-1 | i686 | |
Affected | pkg:rpm/amazonlinux/kernel-debuginfo-common-x86_64?arch=x86_64&distro=amazonlinux-1 | amazonlinux | kernel-debuginfo-common-x86_64 | < 4.14.326-171.539.amzn1 | amazonlinux-1 | x86_64 | |
Affected | pkg:rpm/amazonlinux/kernel-debuginfo-common-i686?arch=i686&distro=amazonlinux-1 | amazonlinux | kernel-debuginfo-common-i686 | < 4.14.326-171.539.amzn1 | amazonlinux-1 | i686 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |