[ALAS2-2018-1051] Amazon Linux 2 2017.12 - ALAS2-2018-1051: low priority package update for kernel
Package updates are available for Amazon Linux 2 that fix the following vulnerabilities:
CVE-2018-13094:
An issue was discovered in the XFS filesystem in fs/xfs/libxfs/xfs_attr_leaf.c in the Linux kernel. A NULL pointer dereference may occur for a corrupted xfs image after xfs_da_shrink_inode() is called with a NULL bp. This can lead to a system crash and a denial of service.
1597771:
CVE-2018-13094 kernel: NULL pointer dereference in xfs_da_shrink_inode function
CVE-2018-13093:
An issue was discovered in the XFS filesystem in fs/xfs/xfs_icache.c in the Linux kernel. There is a NULL pointer dereference leading to a system panic in lookup_slow() on a NULL inode->i_ops pointer when doing pathwalks on a corrupted xfs image. This occurs because of a lack of proper validation that cached inodes are free during an allocation.
1597766:
CVE-2018-13093 kernel: NULL pointer dereference in lookup_slow function
- ID
- ALAS2-2018-1051
- Severity
- low
- URL
- https://alas.aws.amazon.com/AL2/ALAS-2018-1051.html
- Published
-
2018-08-04T23:49:00
(6 years ago) - Modified
-
2018-08-06T18:37:00
(6 years ago) - Rights
- Amazon Linux Security Team
- Other Advisories
-
- ALAS-2018-1048
- ALAS2-2018-1050
- ELSA-2018-4299
- ELSA-2019-2029
- FEDORA-2018-0edb45d9db
- FEDORA-2018-1621b2204a
- FEDORA-2018-1c80fea1cd
- FEDORA-2018-2ee3411cb8
- FEDORA-2018-2f6df9abfb
- FEDORA-2018-3857a8b41a
- FEDORA-2018-49bda79bd5
- FEDORA-2018-50075276e8
- FEDORA-2018-59e4747e0f
- FEDORA-2018-6e8c330d50
- FEDORA-2018-79d7c3d2df
- FEDORA-2018-8422d94975
- FEDORA-2018-8484550fff
- FEDORA-2018-94315e9a6b
- FEDORA-2018-9f4381d8c4
- FEDORA-2018-a0914af224
- FEDORA-2018-b68776e5b0
- FEDORA-2018-c0a1284064
- FEDORA-2018-ca0e10fc6e
- FEDORA-2018-cc812838fb
- FEDORA-2018-d77cc41f35
- FEDORA-2018-ddbaca855e
- FEDORA-2018-e820fccd83
- FEDORA-2018-f8cba144ae
- FEDORA-2019-16de0047d4
- FEDORA-2019-196ab64d65
- FEDORA-2019-1b986880ea
- FEDORA-2019-20a89ca9af
- FEDORA-2019-337484d88b
- FEDORA-2019-3da64f3e61
- FEDORA-2019-4002b91800
- FEDORA-2019-509c133845
- FEDORA-2019-65c6d11eba
- FEDORA-2019-7d3500d712
- FEDORA-2019-a6cd583a8d
- FEDORA-2019-c36afa818c
- FEDORA-2019-ce2933b003
- RHSA-2019:2029
- RHSA-2019:2043
- SSA:2020-295-01
- SUSE-SU-2018:2775-1
- SUSE-SU-2018:2776-1
- SUSE-SU-2018:2858-1
- SUSE-SU-2018:2862-1
- SUSE-SU-2018:2908-1
- SUSE-SU-2018:2908-2
- SUSE-SU-2018:2980-1
- SUSE-SU-2018:2981-1
- SUSE-SU-2018:3083-1
- SUSE-SU-2018:3084-1
- SUSE-SU-2018:3961-1
- USN-3752-1
- USN-3752-2
- USN-3752-3
- USN-3753-1
- USN-3753-2
- USN-3754-1
- USN-4094-1
- USN-4118-1
- USN-4708-1
- USN-4709-1
Source | # ID | Name | URL |
---|---|---|---|
CVE | CVE-2018-13093 | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13093 | |
CVE | CVE-2018-13094 | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13094 |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/amazonlinux/python-perf?arch=x86_64&distro=amazonlinux-2 | amazonlinux | python-perf | < 4.14.59-68.43.amzn2 | amazonlinux-2 | x86_64 | |
Affected | pkg:rpm/amazonlinux/python-perf-debuginfo?arch=x86_64&distro=amazonlinux-2 | amazonlinux | python-perf-debuginfo | < 4.14.59-68.43.amzn2 | amazonlinux-2 | x86_64 | |
Affected | pkg:rpm/amazonlinux/perf?arch=x86_64&distro=amazonlinux-2 | amazonlinux | perf | < 4.14.59-68.43.amzn2 | amazonlinux-2 | x86_64 | |
Affected | pkg:rpm/amazonlinux/perf-debuginfo?arch=x86_64&distro=amazonlinux-2 | amazonlinux | perf-debuginfo | < 4.14.59-68.43.amzn2 | amazonlinux-2 | x86_64 | |
Affected | pkg:rpm/amazonlinux/kernel?arch=x86_64&distro=amazonlinux-2 | amazonlinux | kernel | < 4.14.59-68.43.amzn2 | amazonlinux-2 | x86_64 | |
Affected | pkg:rpm/amazonlinux/kernel-tools?arch=x86_64&distro=amazonlinux-2 | amazonlinux | kernel-tools | < 4.14.59-68.43.amzn2 | amazonlinux-2 | x86_64 | |
Affected | pkg:rpm/amazonlinux/kernel-tools-devel?arch=x86_64&distro=amazonlinux-2 | amazonlinux | kernel-tools-devel | < 4.14.59-68.43.amzn2 | amazonlinux-2 | x86_64 | |
Affected | pkg:rpm/amazonlinux/kernel-tools-debuginfo?arch=x86_64&distro=amazonlinux-2 | amazonlinux | kernel-tools-debuginfo | < 4.14.59-68.43.amzn2 | amazonlinux-2 | x86_64 | |
Affected | pkg:rpm/amazonlinux/kernel-headers?arch=x86_64&distro=amazonlinux-2 | amazonlinux | kernel-headers | < 4.14.59-68.43.amzn2 | amazonlinux-2 | x86_64 | |
Affected | pkg:rpm/amazonlinux/kernel-devel?arch=x86_64&distro=amazonlinux-2 | amazonlinux | kernel-devel | < 4.14.59-68.43.amzn2 | amazonlinux-2 | x86_64 | |
Affected | pkg:rpm/amazonlinux/kernel-debuginfo?arch=x86_64&distro=amazonlinux-2 | amazonlinux | kernel-debuginfo | < 4.14.59-68.43.amzn2 | amazonlinux-2 | x86_64 | |
Affected | pkg:rpm/amazonlinux/kernel-debuginfo-common-x86_64?arch=x86_64&distro=amazonlinux-2 | amazonlinux | kernel-debuginfo-common-x86_64 | < 4.14.59-68.43.amzn2 | amazonlinux-2 | x86_64 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |