[ALAS2-2021-1727] Amazon Linux 2 2017.12 - ALAS2-2021-1727: medium priority package update for kernel
Package updates are available for Amazon Linux 2 that fix the following vulnerabilities:
CVE-2021-4002:
A memory leak flaw in the Linux kernel's hugetlbfs memory usage was found in the way the user maps some regions of memory twice using shmget() which are aligned to PUD alignment with the fault of some of the memory pages. A local user could use this flaw to get unauthorized access to some data.
2025726: CVE-2021-4002 kernel: possible leak or coruption of data residing on hugetlbfs
CVE-2021-3772:
A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks if the attacker knows the IP-addresses and port numbers being used and the attacker can send packets with spoofed IP addresses.
2000694: CVE-2021-3772 kernel: sctp: Invalid chunks may be used to remotely remove existing associations
CVE-2021-3640:
A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del() together with the call sco_sock_sendmsg() with the expected controllable faulting memory page. A privileged local user could use this flaw to crash the system or escalate their privileges on the system.
1980646: CVE-2021-3640 kernel: use-after-free vulnerability in function sco_sock_sendmsg()
- ID
- ALAS2-2021-1727
- Severity
- medium
- URL
- https://alas.aws.amazon.com/AL2/ALAS-2021-1727.html
- Published
-
2021-12-08T02:23:00
(2 years ago) - Modified
-
2021-12-09T00:43:00
(2 years ago) - Rights
- Amazon Linux Security Team
- Other Advisories
-
- ALAS-2022-1563
- ALAS-2023-1688
- ALSA-2022:1988
- ALSA-2022:7683
- ALSA-2022:8267
- ALSA-2024:3618
- DSA-5096-1
- ELSA-2022-1988
- ELSA-2022-7683
- ELSA-2022-8267
- ELSA-2022-9147
- ELSA-2022-9148
- ELSA-2022-9260
- ELSA-2022-9313
- ELSA-2022-9314
- ELSA-2022-9348
- ELSA-2024-3618
- FEDORA-2021-19ad835cb3
- FEDORA-2021-a093973910
- MS:CVE-2021-3640
- MS:CVE-2021-3772
- MS:CVE-2021-4002
- openSUSE-SU-2021:1271-1
- openSUSE-SU-2021:1477-1
- openSUSE-SU-2021:3179-1
- openSUSE-SU-2021:3205-1
- openSUSE-SU-2021:3641-1
- openSUSE-SU-2021:3675-1
- openSUSE-SU-2021:3876-1
- openSUSE-SU-2022:0056-1
- openSUSE-SU-2022:0131-1
- openSUSE-SU-2022:0366-1
- RHSA-2022:1975
- RHSA-2022:1988
- RHSA-2022:7444
- RHSA-2022:7683
- RHSA-2022:7933
- RHSA-2022:8267
- RHSA-2024:3618
- RHSA-2024:3627
- RLSA-2022:1988
- RLSA-2022:7683
- RLSA-2024:3618
- SSA:2022-031-01
- SUSE-SU-2021:3177-1
- SUSE-SU-2021:3178-1
- SUSE-SU-2021:3179-1
- SUSE-SU-2021:3192-1
- SUSE-SU-2021:3205-1
- SUSE-SU-2021:3205-2
- SUSE-SU-2021:3206-1
- SUSE-SU-2021:3207-1
- SUSE-SU-2021:3217-1
- SUSE-SU-2021:3360-1
- SUSE-SU-2021:3361-1
- SUSE-SU-2021:3371-1
- SUSE-SU-2021:3374-1
- SUSE-SU-2021:3401-1
- SUSE-SU-2021:3440-1
- SUSE-SU-2021:3443-1
- SUSE-SU-2021:3459-1
- SUSE-SU-2021:3640-1
- SUSE-SU-2021:3641-1
- SUSE-SU-2021:3642-1
- SUSE-SU-2021:3658-1
- SUSE-SU-2021:3675-1
- SUSE-SU-2021:3723-1
- SUSE-SU-2021:3754-1
- SUSE-SU-2021:3848-1
- SUSE-SU-2021:3876-1
- SUSE-SU-2021:3929-1
- SUSE-SU-2021:3935-1
- SUSE-SU-2021:3969-1
- SUSE-SU-2021:3972-1
- SUSE-SU-2022:0056-1
- SUSE-SU-2022:0068-1
- SUSE-SU-2022:0079-1
- SUSE-SU-2022:0080-1
- SUSE-SU-2022:0090-1
- SUSE-SU-2022:0131-1
- SUSE-SU-2022:0181-1
- SUSE-SU-2022:0197-1
- SUSE-SU-2022:0362-1
- SUSE-SU-2022:0366-1
- SUSE-SU-2022:0367-1
- SUSE-SU-2022:0371-1
- SUSE-SU-2022:0477-1
- SUSE-SU-2024:1454-1
- SUSE-SU-2024:1465-1
- SUSE-SU-2024:1489-1
- SUSE-SU-2024:1490-1
- SUSE-SU-2024:1641-1
- SUSE-SU-2024:1642-1
- SUSE-SU-2024:1643-1
- SUSE-SU-2024:1644-1
- SUSE-SU-2024:1645-1
- SUSE-SU-2024:1646-1
- SUSE-SU-2024:1647-1
- SUSE-SU-2024:1648-1
- SUSE-SU-2024:1650-1
- SUSE-SU-2024:1659-1
- SUSE-SU-2024:1663-1
- SUSE-SU-2024:1870-1
- USN-5165-1
- USN-5206-1
- USN-5207-1
- USN-5208-1
- USN-5209-1
- USN-5210-1
- USN-5211-1
- USN-5218-1
- USN-5265-1
- USN-5267-1
- USN-5267-3
- USN-5268-1
- USN-5466-1
- USN-5467-1
- USN-6001-1
- USN-6013-1
- USN-6014-1
Source | # ID | Name | URL |
---|---|---|---|
CVE | CVE-2021-3640 | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3640 | |
CVE | CVE-2021-3772 | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3772 | |
CVE | CVE-2021-4002 | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4002 |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/amazonlinux/python-perf?arch=x86_64&distro=amazonlinux-2 | amazonlinux | python-perf | < 4.14.256-197.484.amzn2 | amazonlinux-2 | x86_64 | |
Affected | pkg:rpm/amazonlinux/python-perf?arch=aarch64&distro=amazonlinux-2 | amazonlinux | python-perf | < 4.14.256-197.484.amzn2 | amazonlinux-2 | aarch64 | |
Affected | pkg:rpm/amazonlinux/python-perf-debuginfo?arch=x86_64&distro=amazonlinux-2 | amazonlinux | python-perf-debuginfo | < 4.14.256-197.484.amzn2 | amazonlinux-2 | x86_64 | |
Affected | pkg:rpm/amazonlinux/python-perf-debuginfo?arch=aarch64&distro=amazonlinux-2 | amazonlinux | python-perf-debuginfo | < 4.14.256-197.484.amzn2 | amazonlinux-2 | aarch64 | |
Affected | pkg:rpm/amazonlinux/perf?arch=x86_64&distro=amazonlinux-2 | amazonlinux | perf | < 4.14.256-197.484.amzn2 | amazonlinux-2 | x86_64 | |
Affected | pkg:rpm/amazonlinux/perf?arch=aarch64&distro=amazonlinux-2 | amazonlinux | perf | < 4.14.256-197.484.amzn2 | amazonlinux-2 | aarch64 | |
Affected | pkg:rpm/amazonlinux/perf-debuginfo?arch=x86_64&distro=amazonlinux-2 | amazonlinux | perf-debuginfo | < 4.14.256-197.484.amzn2 | amazonlinux-2 | x86_64 | |
Affected | pkg:rpm/amazonlinux/perf-debuginfo?arch=aarch64&distro=amazonlinux-2 | amazonlinux | perf-debuginfo | < 4.14.256-197.484.amzn2 | amazonlinux-2 | aarch64 | |
Affected | pkg:rpm/amazonlinux/kernel?arch=x86_64&distro=amazonlinux-2 | amazonlinux | kernel | < 4.14.256-197.484.amzn2 | amazonlinux-2 | x86_64 | |
Affected | pkg:rpm/amazonlinux/kernel?arch=aarch64&distro=amazonlinux-2 | amazonlinux | kernel | < 4.14.256-197.484.amzn2 | amazonlinux-2 | aarch64 | |
Affected | pkg:rpm/amazonlinux/kernel-tools?arch=x86_64&distro=amazonlinux-2 | amazonlinux | kernel-tools | < 4.14.256-197.484.amzn2 | amazonlinux-2 | x86_64 | |
Affected | pkg:rpm/amazonlinux/kernel-tools?arch=aarch64&distro=amazonlinux-2 | amazonlinux | kernel-tools | < 4.14.256-197.484.amzn2 | amazonlinux-2 | aarch64 | |
Affected | pkg:rpm/amazonlinux/kernel-tools-devel?arch=x86_64&distro=amazonlinux-2 | amazonlinux | kernel-tools-devel | < 4.14.256-197.484.amzn2 | amazonlinux-2 | x86_64 | |
Affected | pkg:rpm/amazonlinux/kernel-tools-devel?arch=aarch64&distro=amazonlinux-2 | amazonlinux | kernel-tools-devel | < 4.14.256-197.484.amzn2 | amazonlinux-2 | aarch64 | |
Affected | pkg:rpm/amazonlinux/kernel-tools-debuginfo?arch=x86_64&distro=amazonlinux-2 | amazonlinux | kernel-tools-debuginfo | < 4.14.256-197.484.amzn2 | amazonlinux-2 | x86_64 | |
Affected | pkg:rpm/amazonlinux/kernel-tools-debuginfo?arch=aarch64&distro=amazonlinux-2 | amazonlinux | kernel-tools-debuginfo | < 4.14.256-197.484.amzn2 | amazonlinux-2 | aarch64 | |
Affected | pkg:rpm/amazonlinux/kernel-livepatch-4.14.256-197.484?arch=x86_64&distro=amazonlinux-2 | amazonlinux | kernel-livepatch-4.14.256-197.484 | < 1.0-0.amzn2 | amazonlinux-2 | x86_64 | |
Affected | pkg:rpm/amazonlinux/kernel-headers?arch=x86_64&distro=amazonlinux-2 | amazonlinux | kernel-headers | < 4.14.256-197.484.amzn2 | amazonlinux-2 | x86_64 | |
Affected | pkg:rpm/amazonlinux/kernel-headers?arch=i686&distro=amazonlinux-2 | amazonlinux | kernel-headers | < 4.14.256-197.484.amzn2 | amazonlinux-2 | i686 | |
Affected | pkg:rpm/amazonlinux/kernel-headers?arch=aarch64&distro=amazonlinux-2 | amazonlinux | kernel-headers | < 4.14.256-197.484.amzn2 | amazonlinux-2 | aarch64 | |
Affected | pkg:rpm/amazonlinux/kernel-devel?arch=x86_64&distro=amazonlinux-2 | amazonlinux | kernel-devel | < 4.14.256-197.484.amzn2 | amazonlinux-2 | x86_64 | |
Affected | pkg:rpm/amazonlinux/kernel-devel?arch=aarch64&distro=amazonlinux-2 | amazonlinux | kernel-devel | < 4.14.256-197.484.amzn2 | amazonlinux-2 | aarch64 | |
Affected | pkg:rpm/amazonlinux/kernel-debuginfo?arch=x86_64&distro=amazonlinux-2 | amazonlinux | kernel-debuginfo | < 4.14.256-197.484.amzn2 | amazonlinux-2 | x86_64 | |
Affected | pkg:rpm/amazonlinux/kernel-debuginfo?arch=aarch64&distro=amazonlinux-2 | amazonlinux | kernel-debuginfo | < 4.14.256-197.484.amzn2 | amazonlinux-2 | aarch64 | |
Affected | pkg:rpm/amazonlinux/kernel-debuginfo-common-x86_64?arch=x86_64&distro=amazonlinux-2 | amazonlinux | kernel-debuginfo-common-x86_64 | < 4.14.256-197.484.amzn2 | amazonlinux-2 | x86_64 | |
Affected | pkg:rpm/amazonlinux/kernel-debuginfo-common-aarch64?arch=aarch64&distro=amazonlinux-2 | amazonlinux | kernel-debuginfo-common-aarch64 | < 4.14.256-197.484.amzn2 | amazonlinux-2 | aarch64 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |