[ALAS-2024-1919] Amazon Linux AMI 2014.03 - ALAS-2024-1919: important priority package update for kernel
Severity
Important
Affected Packages
20
CVEs
1
Package updates are available for Amazon Linux AMI that fix the following vulnerabilities:
CVE-2024-1086:
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.
The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cause a double free vulnerability when NF_DROP is issued with a drop error which resembles NF_ACCEPT.
We recommend upgrading past commit f342de4e2f33e0e39165d8639387aa6c19dff660.
- ID
- ALAS-2024-1919
- Severity
- important
- URL
- https://alas.aws.amazon.com/ALAS-2024-1919.html
- Published
-
2024-02-14T20:03:00
(6 months ago) - Modified
-
2024-02-14T20:03:00
(6 months ago) - Rights
- Amazon Linux Security Team
- Other Advisories
-
-
ALAS2-2024-2453
-
ALSA-2024:1607
-
CISA-2024:0530
-
ELSA-2024-12255
-
ELSA-2024-12256
-
ELSA-2024-12257
-
ELSA-2024-12258
-
ELSA-2024-12259
-
ELSA-2024-12260
-
ELSA-2024-12265
-
ELSA-2024-12266
-
ELSA-2024-12270
-
ELSA-2024-12271
-
ELSA-2024-12274
-
ELSA-2024-12275
-
ELSA-2024-12378
-
ELSA-2024-1249
-
ELSA-2024-1607
-
ELSA-2024-2394
-
FEDORA-2024-2116a8468b
-
RHSA-2024:1249
-
RHSA-2024:1332
-
RHSA-2024:1607
-
RHSA-2024:1614
-
RHSA-2024:4073
-
RLSA-2024:1607
-
SSA:2024-157-01
-
SUSE-SU-2024:0463-1
-
SUSE-SU-2024:0468-1
-
SUSE-SU-2024:0469-1
-
SUSE-SU-2024:0474-1
-
SUSE-SU-2024:0476-1
-
SUSE-SU-2024:0478-1
-
SUSE-SU-2024:0483-1
-
SUSE-SU-2024:0484-1
-
SUSE-SU-2024:0514-1
-
SUSE-SU-2024:0515-1
-
SUSE-SU-2024:0516-1
-
SUSE-SU-2024:1358-1
-
SUSE-SU-2024:1359-1
-
SUSE-SU-2024:1364-1
-
SUSE-SU-2024:1373-1
-
SUSE-SU-2024:1380-1
-
SUSE-SU-2024:1382-1
-
SUSE-SU-2024:1386-1
-
SUSE-SU-2024:1388-1
-
SUSE-SU-2024:1390-1
-
SUSE-SU-2024:1400-1
-
SUSE-SU-2024:1401-1
-
SUSE-SU-2024:1405-1
-
SUSE-SU-2024:1406-1
-
SUSE-SU-2024:1410-1
-
SUSE-SU-2024:1418-1
-
SUSE-SU-2024:1493-1
-
SUSE-SU-2024:1505-1
-
SUSE-SU-2024:1506-1
-
SUSE-SU-2024:1537-1
-
SUSE-SU-2024:1545-1
-
SUSE-SU-2024:1551-1
-
SUSE-SU-2024:1554-1
-
SUSE-SU-2024:1558-1
-
SUSE-SU-2024:1562-1
-
SUSE-SU-2024:1580-1
-
SUSE-SU-2024:1581-1
-
SUSE-SU-2024:1582-1
-
SUSE-SU-2024:1596-1
-
USN-6688-1
-
USN-6700-1
-
USN-6700-2
-
USN-6701-1
-
USN-6701-2
-
USN-6701-3
-
USN-6701-4
-
USN-6702-1
-
USN-6702-2
-
USN-6704-1
-
USN-6704-2
-
USN-6704-3
-
USN-6704-4
-
USN-6705-1
-
USN-6707-1
-
USN-6707-2
-
USN-6707-3
-
USN-6707-4
-
USN-6716-1
-
| Source | # ID | Name | URL |
|---|---|---|---|
| CVE | CVE-2024-1086 |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/amazonlinux/perf?arch=x86_64&distro=amazonlinux-1 | amazonlinux |
 perf
|
< 4.14.336-179.559.amzn1 | amazonlinux-1 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/perf?arch=i686&distro=amazonlinux-1 | amazonlinux |
perf
|
< 4.14.336-179.559.amzn1 | amazonlinux-1 | i686 | |
| Affected | pkg:rpm/amazonlinux/perf-debuginfo?arch=x86_64&distro=amazonlinux-1 | amazonlinux |
perf-debuginfo
|
< 4.14.336-179.559.amzn1 | amazonlinux-1 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/perf-debuginfo?arch=i686&distro=amazonlinux-1 | amazonlinux |
perf-debuginfo
|
< 4.14.336-179.559.amzn1 | amazonlinux-1 | i686 | |
| Affected | pkg:rpm/amazonlinux/kernel?arch=x86_64&distro=amazonlinux-1 | amazonlinux |
kernel
|
< 4.14.336-179.559.amzn1 | amazonlinux-1 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/kernel?arch=i686&distro=amazonlinux-1 | amazonlinux |
kernel
|
< 4.14.336-179.559.amzn1 | amazonlinux-1 | i686 | |
| Affected | pkg:rpm/amazonlinux/kernel-tools?arch=x86_64&distro=amazonlinux-1 | amazonlinux |
kernel-tools
|
< 4.14.336-179.559.amzn1 | amazonlinux-1 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/kernel-tools?arch=i686&distro=amazonlinux-1 | amazonlinux |
kernel-tools
|
< 4.14.336-179.559.amzn1 | amazonlinux-1 | i686 | |
| Affected | pkg:rpm/amazonlinux/kernel-tools-devel?arch=x86_64&distro=amazonlinux-1 | amazonlinux |
kernel-tools-devel
|
< 4.14.336-179.559.amzn1 | amazonlinux-1 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/kernel-tools-devel?arch=i686&distro=amazonlinux-1 | amazonlinux |
kernel-tools-devel
|
< 4.14.336-179.559.amzn1 | amazonlinux-1 | i686 | |
| Affected | pkg:rpm/amazonlinux/kernel-tools-debuginfo?arch=x86_64&distro=amazonlinux-1 | amazonlinux |
kernel-tools-debuginfo
|
< 4.14.336-179.559.amzn1 | amazonlinux-1 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/kernel-tools-debuginfo?arch=i686&distro=amazonlinux-1 | amazonlinux |
kernel-tools-debuginfo
|
< 4.14.336-179.559.amzn1 | amazonlinux-1 | i686 | |
| Affected | pkg:rpm/amazonlinux/kernel-headers?arch=x86_64&distro=amazonlinux-1 | amazonlinux |
kernel-headers
|
< 4.14.336-179.559.amzn1 | amazonlinux-1 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/kernel-headers?arch=i686&distro=amazonlinux-1 | amazonlinux |
kernel-headers
|
< 4.14.336-179.559.amzn1 | amazonlinux-1 | i686 | |
| Affected | pkg:rpm/amazonlinux/kernel-devel?arch=x86_64&distro=amazonlinux-1 | amazonlinux |
kernel-devel
|
< 4.14.336-179.559.amzn1 | amazonlinux-1 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/kernel-devel?arch=i686&distro=amazonlinux-1 | amazonlinux |
kernel-devel
|
< 4.14.336-179.559.amzn1 | amazonlinux-1 | i686 | |
| Affected | pkg:rpm/amazonlinux/kernel-debuginfo?arch=x86_64&distro=amazonlinux-1 | amazonlinux |
kernel-debuginfo
|
< 4.14.336-179.559.amzn1 | amazonlinux-1 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/kernel-debuginfo?arch=i686&distro=amazonlinux-1 | amazonlinux |
kernel-debuginfo
|
< 4.14.336-179.559.amzn1 | amazonlinux-1 | i686 | |
| Affected | pkg:rpm/amazonlinux/kernel-debuginfo-common-x86_64?arch=x86_64&distro=amazonlinux-1 | amazonlinux |
kernel-debuginfo-common-x86_64
|
< 4.14.336-179.559.amzn1 | amazonlinux-1 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/kernel-debuginfo-common-i686?arch=i686&distro=amazonlinux-1 | amazonlinux |
kernel-debuginfo-common-i686
|
< 4.14.336-179.559.amzn1 | amazonlinux-1 | i686 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |