[ALAS2-2021-1636] Amazon Linux 2 2017.12 - ALAS2-2021-1636: medium priority package update for kernel

Severity Medium

Affected Packages 26

CVEs 9

Package updates are available for Amazon Linux 2 that fix the following vulnerabilities:
CVE-2021-31829:
A flaw was found in the Linux kernel's eBPF verification code. By default, accessing the eBPF verifier is only accessible to privileged users with CAP_SYS_ADMIN. This flaw allows a local user who can insert eBPF instructions, to use the eBPF verifier to abuse a spectre-like flaw and infer all system memory. The highest threat from this vulnerability is to confidentiality.
1957788: CVE-2021-31829 kernel: protection of stack pointer against speculative pointer arithmetic can be bypassed to leak content of kernel memory

CVE-2021-29155:
A vulnerability was discovered in retrieve_ptr_limit in kernel/bpf/verifier.c in the Linux kernel mechanism to mitigate speculatively out-of-bounds loads (Spectre mitigation). In this flaw a local,
special user privileged (CAP_SYS_ADMIN) BPF program running on affected systems may bypass the protection, and execute speculatively out-of-bounds loads from the kernel memory. This can be abused to extract contents of kernel memory via side-channel.
1951595: CVE-2021-29155 kernel: protection for sequences of pointer arithmetic operations against speculatively out-of-bounds loads can be bypassed to leak content of kernel memory

CVE-2021-23133:
A use-after-free flaw was found in the Linux kernel's SCTP socket functionality that triggers a race condition. This flaw allows a local user to escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
1948772: CVE-2021-23133 kernel: Race condition in sctp_destroy_sock list_del

CVE-2020-29374:
An issue was discovered in the Linux kernel related to mm/gup.c and mm/huge_memory.c. The get_user_pages (aka gup) implementation, when used for a copy-on-write page, does not properly consider the semantics of read operations and therefore can grant unintended write access.
1903249: CVE-2020-29374 kernel: the get_user_pages implementation when used for a copy-on-write page does not properly consider the semantics of read operations and therefore can grant unintended write access

Package	Affected Version
pkg:rpm/amazonlinux/python-perf?arch=x86_64&distro=amazonlinux-2	< 4.14.232-176.381.amzn2
pkg:rpm/amazonlinux/python-perf?arch=aarch64&distro=amazonlinux-2	< 4.14.232-176.381.amzn2
pkg:rpm/amazonlinux/python-perf-debuginfo?arch=x86_64&distro=amazonlinux-2	< 4.14.232-176.381.amzn2
pkg:rpm/amazonlinux/python-perf-debuginfo?arch=aarch64&distro=amazonlinux-2	< 4.14.232-176.381.amzn2
pkg:rpm/amazonlinux/perf?arch=x86_64&distro=amazonlinux-2	< 4.14.232-176.381.amzn2
pkg:rpm/amazonlinux/perf?arch=aarch64&distro=amazonlinux-2	< 4.14.232-176.381.amzn2
pkg:rpm/amazonlinux/perf-debuginfo?arch=x86_64&distro=amazonlinux-2	< 4.14.232-176.381.amzn2
pkg:rpm/amazonlinux/perf-debuginfo?arch=aarch64&distro=amazonlinux-2	< 4.14.232-176.381.amzn2
pkg:rpm/amazonlinux/kernel?arch=x86_64&distro=amazonlinux-2	< 4.14.232-176.381.amzn2
pkg:rpm/amazonlinux/kernel?arch=aarch64&distro=amazonlinux-2	< 4.14.232-176.381.amzn2
pkg:rpm/amazonlinux/kernel-tools?arch=x86_64&distro=amazonlinux-2	< 4.14.232-176.381.amzn2
pkg:rpm/amazonlinux/kernel-tools?arch=aarch64&distro=amazonlinux-2	< 4.14.232-176.381.amzn2
pkg:rpm/amazonlinux/kernel-tools-devel?arch=x86_64&distro=amazonlinux-2	< 4.14.232-176.381.amzn2
pkg:rpm/amazonlinux/kernel-tools-devel?arch=aarch64&distro=amazonlinux-2	< 4.14.232-176.381.amzn2
pkg:rpm/amazonlinux/kernel-tools-debuginfo?arch=x86_64&distro=amazonlinux-2	< 4.14.232-176.381.amzn2
pkg:rpm/amazonlinux/kernel-tools-debuginfo?arch=aarch64&distro=amazonlinux-2	< 4.14.232-176.381.amzn2
pkg:rpm/amazonlinux/kernel-livepatch-4.14.232-176.381?arch=x86_64&distro=amazonlinux-2	< 1.0-0.amzn2
pkg:rpm/amazonlinux/kernel-headers?arch=x86_64&distro=amazonlinux-2	< 4.14.232-176.381.amzn2
pkg:rpm/amazonlinux/kernel-headers?arch=i686&distro=amazonlinux-2	< 4.14.232-176.381.amzn2
pkg:rpm/amazonlinux/kernel-headers?arch=aarch64&distro=amazonlinux-2	< 4.14.232-176.381.amzn2
pkg:rpm/amazonlinux/kernel-devel?arch=x86_64&distro=amazonlinux-2	< 4.14.232-176.381.amzn2
pkg:rpm/amazonlinux/kernel-devel?arch=aarch64&distro=amazonlinux-2	< 4.14.232-176.381.amzn2
pkg:rpm/amazonlinux/kernel-debuginfo?arch=x86_64&distro=amazonlinux-2	< 4.14.232-176.381.amzn2
pkg:rpm/amazonlinux/kernel-debuginfo?arch=aarch64&distro=amazonlinux-2	< 4.14.232-176.381.amzn2
pkg:rpm/amazonlinux/kernel-debuginfo-common-x86_64?arch=x86_64&distro=amazonlinux-2	< 4.14.232-176.381.amzn2
pkg:rpm/amazonlinux/kernel-debuginfo-common-aarch64?arch=aarch64&distro=amazonlinux-2	< 4.14.232-176.381.amzn2

ID

ALAS2-2021-1636

Severity

medium

URL

https://alas.aws.amazon.com/AL2/ALAS-2021-1636.html

Published

2021-05-20T15:51:00
(3 years ago)

Modified

2021-05-24T17:52:00
(3 years ago)

Rights

Amazon Linux Security Team

Other Advisories

Source	# ID	URL
CVE	CVE-2020-29374	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29374
CVE	CVE-2021-23133	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23133
CVE	CVE-2021-29155	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29155
CVE	CVE-2021-31829	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31829

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform	Arch
Affected	pkg:rpm/amazonlinux/python-perf?arch=x86_64&distro=amazonlinux-2	amazonlinux	python-perf	< 4.14.232-176.381.amzn2	amazonlinux-2	x86_64
Affected	pkg:rpm/amazonlinux/python-perf?arch=aarch64&distro=amazonlinux-2	amazonlinux	python-perf	< 4.14.232-176.381.amzn2	amazonlinux-2	aarch64
Affected	pkg:rpm/amazonlinux/python-perf-debuginfo?arch=x86_64&distro=amazonlinux-2	amazonlinux	python-perf-debuginfo	< 4.14.232-176.381.amzn2	amazonlinux-2	x86_64
Affected	pkg:rpm/amazonlinux/python-perf-debuginfo?arch=aarch64&distro=amazonlinux-2	amazonlinux	python-perf-debuginfo	< 4.14.232-176.381.amzn2	amazonlinux-2	aarch64
Affected	pkg:rpm/amazonlinux/perf?arch=x86_64&distro=amazonlinux-2	amazonlinux	perf	< 4.14.232-176.381.amzn2	amazonlinux-2	x86_64
Affected	pkg:rpm/amazonlinux/perf?arch=aarch64&distro=amazonlinux-2	amazonlinux	perf	< 4.14.232-176.381.amzn2	amazonlinux-2	aarch64
Affected	pkg:rpm/amazonlinux/perf-debuginfo?arch=x86_64&distro=amazonlinux-2	amazonlinux	perf-debuginfo	< 4.14.232-176.381.amzn2	amazonlinux-2	x86_64
Affected	pkg:rpm/amazonlinux/perf-debuginfo?arch=aarch64&distro=amazonlinux-2	amazonlinux	perf-debuginfo	< 4.14.232-176.381.amzn2	amazonlinux-2	aarch64
Affected	pkg:rpm/amazonlinux/kernel?arch=x86_64&distro=amazonlinux-2	amazonlinux	kernel	< 4.14.232-176.381.amzn2	amazonlinux-2	x86_64
Affected	pkg:rpm/amazonlinux/kernel?arch=aarch64&distro=amazonlinux-2	amazonlinux	kernel	< 4.14.232-176.381.amzn2	amazonlinux-2	aarch64
Affected	pkg:rpm/amazonlinux/kernel-tools?arch=x86_64&distro=amazonlinux-2	amazonlinux	kernel-tools	< 4.14.232-176.381.amzn2	amazonlinux-2	x86_64
Affected	pkg:rpm/amazonlinux/kernel-tools?arch=aarch64&distro=amazonlinux-2	amazonlinux	kernel-tools	< 4.14.232-176.381.amzn2	amazonlinux-2	aarch64
Affected	pkg:rpm/amazonlinux/kernel-tools-devel?arch=x86_64&distro=amazonlinux-2	amazonlinux	kernel-tools-devel	< 4.14.232-176.381.amzn2	amazonlinux-2	x86_64
Affected	pkg:rpm/amazonlinux/kernel-tools-devel?arch=aarch64&distro=amazonlinux-2	amazonlinux	kernel-tools-devel	< 4.14.232-176.381.amzn2	amazonlinux-2	aarch64
Affected	pkg:rpm/amazonlinux/kernel-tools-debuginfo?arch=x86_64&distro=amazonlinux-2	amazonlinux	kernel-tools-debuginfo	< 4.14.232-176.381.amzn2	amazonlinux-2	x86_64
Affected	pkg:rpm/amazonlinux/kernel-tools-debuginfo?arch=aarch64&distro=amazonlinux-2	amazonlinux	kernel-tools-debuginfo	< 4.14.232-176.381.amzn2	amazonlinux-2	aarch64
Affected	pkg:rpm/amazonlinux/kernel-livepatch-4.14.232-176.381?arch=x86_64&distro=amazonlinux-2	amazonlinux	kernel-livepatch-4.14.232-176.381	< 1.0-0.amzn2	amazonlinux-2	x86_64
Affected	pkg:rpm/amazonlinux/kernel-headers?arch=x86_64&distro=amazonlinux-2	amazonlinux	kernel-headers	< 4.14.232-176.381.amzn2	amazonlinux-2	x86_64
Affected	pkg:rpm/amazonlinux/kernel-headers?arch=i686&distro=amazonlinux-2	amazonlinux	kernel-headers	< 4.14.232-176.381.amzn2	amazonlinux-2	i686
Affected	pkg:rpm/amazonlinux/kernel-headers?arch=aarch64&distro=amazonlinux-2	amazonlinux	kernel-headers	< 4.14.232-176.381.amzn2	amazonlinux-2	aarch64
Affected	pkg:rpm/amazonlinux/kernel-devel?arch=x86_64&distro=amazonlinux-2	amazonlinux	kernel-devel	< 4.14.232-176.381.amzn2	amazonlinux-2	x86_64
Affected	pkg:rpm/amazonlinux/kernel-devel?arch=aarch64&distro=amazonlinux-2	amazonlinux	kernel-devel	< 4.14.232-176.381.amzn2	amazonlinux-2	aarch64
Affected	pkg:rpm/amazonlinux/kernel-debuginfo?arch=x86_64&distro=amazonlinux-2	amazonlinux	kernel-debuginfo	< 4.14.232-176.381.amzn2	amazonlinux-2	x86_64
Affected	pkg:rpm/amazonlinux/kernel-debuginfo?arch=aarch64&distro=amazonlinux-2	amazonlinux	kernel-debuginfo	< 4.14.232-176.381.amzn2	amazonlinux-2	aarch64
Affected	pkg:rpm/amazonlinux/kernel-debuginfo-common-x86_64?arch=x86_64&distro=amazonlinux-2	amazonlinux	kernel-debuginfo-common-x86_64	< 4.14.232-176.381.amzn2	amazonlinux-2	x86_64
Affected	pkg:rpm/amazonlinux/kernel-debuginfo-common-aarch64?arch=aarch64&distro=amazonlinux-2	amazonlinux	kernel-debuginfo-common-aarch64	< 4.14.232-176.381.amzn2	amazonlinux-2	aarch64

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date