[ALAS2-2022-1903] Amazon Linux 2 2017.12 - ALAS2-2022-1903: important priority package update for kernel
Severity
Important
Affected Packages
26
CVEs
3
Package updates are available for Amazon Linux 2 that fix the following vulnerabilities:
CVE-2022-42896:
A use-after-free flaw was found in the Linux kernel's implementation of logical link control and adaptation protocol (L2CAP), part of the Bluetooth stack in the l2cap_connect and l2cap_le_connect_req functions. An attacker with physical access within the range of standard Bluetooth transmission could execute code leaking kernel memory via Bluetooth if within proximity of the victim.
CVE-2022-3524:
A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6_renew_options of the component IPv6 Handler. The manipulation leads to memory leak. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211021 was assigned to this vulnerability.
- ID
- ALAS2-2022-1903
- Severity
- important
- URL
- https://alas.aws.amazon.com/AL2/ALAS-2022-1903.html
- Published
-
2022-12-09T20:58:00
(21 months ago) - Modified
-
2022-12-13T00:01:00
(21 months ago) - Rights
- Amazon Linux Security Team
- Other Advisories
-
-
ALAS-2023-1707
-
ALSA-2023:2458
-
ALSA-2023:2951
-
ALSA-2023:4517
-
ELSA-2023-12017
-
ELSA-2023-12018
-
ELSA-2023-12109
-
ELSA-2023-12117
-
ELSA-2023-12118
-
ELSA-2023-12119
-
ELSA-2023-12121
-
ELSA-2023-2458
-
ELSA-2023-2951
-
ELSA-2023-4517
-
ELSA-2024-1249
-
RHSA-2023:2148
-
RHSA-2023:2458
-
RHSA-2023:2736
-
RHSA-2023:2951
-
RHSA-2023:4517
-
RHSA-2023:4531
-
RHSA-2023:4541
-
RHSA-2024:1249
-
RHSA-2024:1323
-
RHSA-2024:1332
-
RLSA-2023:4517
-
SSA:2022-333-01
-
SUSE-SU-2022:3897-1
-
SUSE-SU-2022:3929-1
-
SUSE-SU-2022:3930-1
-
SUSE-SU-2022:3998-1
-
SUSE-SU-2022:4053-1
-
SUSE-SU-2022:4072-1
-
SUSE-SU-2022:4272-1
-
SUSE-SU-2022:4273-1
-
SUSE-SU-2022:4503-1
-
SUSE-SU-2022:4504-1
-
SUSE-SU-2022:4505-1
-
SUSE-SU-2022:4561-1
-
SUSE-SU-2022:4566-1
-
SUSE-SU-2022:4573-1
-
SUSE-SU-2022:4574-1
-
SUSE-SU-2022:4585-1
-
SUSE-SU-2022:4589-1
-
SUSE-SU-2022:4611-1
-
SUSE-SU-2022:4613-1
-
SUSE-SU-2022:4614-1
-
SUSE-SU-2022:4615-1
-
SUSE-SU-2022:4616-1
-
SUSE-SU-2022:4617-1
-
SUSE-SU-2023:0416-1
-
SUSE-SU-2023:0420-1
-
USN-5754-1
-
USN-5754-2
-
USN-5755-1
-
USN-5755-2
-
USN-5756-1
-
USN-5756-2
-
USN-5756-3
-
USN-5757-1
-
USN-5757-2
-
USN-5758-1
-
USN-5773-1
-
USN-5774-1
-
USN-5779-1
-
USN-5780-1
-
USN-5783-1
-
USN-5789-1
-
USN-5794-1
-
USN-5802-1
-
USN-5803-1
-
USN-5804-1
-
USN-5804-2
-
USN-5808-1
-
USN-5809-1
-
USN-5813-1
-
USN-5814-1
-
USN-5829-1
-
USN-5830-1
-
USN-5831-1
-
USN-5832-1
-
USN-5860-1
-
USN-5861-1
-
USN-5863-1
-
USN-5875-1
-
USN-5877-1
-
USN-5879-1
-
USN-5914-1
-
USN-5918-1
-
USN-5975-1
-
USN-6000-1
-
USN-6001-1
-
USN-6007-1
-
USN-6013-1
-
USN-6014-1
-
USN-6031-1
-
USN-6032-1
-
| Source | # ID | Name | URL |
|---|---|---|---|
| CVE | CVE-2022-3524 |
|
|
| CVE | CVE-2022-42896 |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/amazonlinux/python-perf?arch=x86_64&distro=amazonlinux-2 | amazonlinux |
 python-perf
|
< 4.14.301-224.520.amzn2 | amazonlinux-2 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/python-perf?arch=aarch64&distro=amazonlinux-2 | amazonlinux |
python-perf
|
< 4.14.301-224.520.amzn2 | amazonlinux-2 | aarch64 | |
| Affected | pkg:rpm/amazonlinux/python-perf-debuginfo?arch=x86_64&distro=amazonlinux-2 | amazonlinux |
python-perf-debuginfo
|
< 4.14.301-224.520.amzn2 | amazonlinux-2 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/python-perf-debuginfo?arch=aarch64&distro=amazonlinux-2 | amazonlinux |
python-perf-debuginfo
|
< 4.14.301-224.520.amzn2 | amazonlinux-2 | aarch64 | |
| Affected | pkg:rpm/amazonlinux/perf?arch=x86_64&distro=amazonlinux-2 | amazonlinux |
perf
|
< 4.14.301-224.520.amzn2 | amazonlinux-2 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/perf?arch=aarch64&distro=amazonlinux-2 | amazonlinux |
perf
|
< 4.14.301-224.520.amzn2 | amazonlinux-2 | aarch64 | |
| Affected | pkg:rpm/amazonlinux/perf-debuginfo?arch=x86_64&distro=amazonlinux-2 | amazonlinux |
perf-debuginfo
|
< 4.14.301-224.520.amzn2 | amazonlinux-2 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/perf-debuginfo?arch=aarch64&distro=amazonlinux-2 | amazonlinux |
perf-debuginfo
|
< 4.14.301-224.520.amzn2 | amazonlinux-2 | aarch64 | |
| Affected | pkg:rpm/amazonlinux/kernel?arch=x86_64&distro=amazonlinux-2 | amazonlinux |
kernel
|
< 4.14.301-224.520.amzn2 | amazonlinux-2 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/kernel?arch=aarch64&distro=amazonlinux-2 | amazonlinux |
kernel
|
< 4.14.301-224.520.amzn2 | amazonlinux-2 | aarch64 | |
| Affected | pkg:rpm/amazonlinux/kernel-tools?arch=x86_64&distro=amazonlinux-2 | amazonlinux |
kernel-tools
|
< 4.14.301-224.520.amzn2 | amazonlinux-2 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/kernel-tools?arch=aarch64&distro=amazonlinux-2 | amazonlinux |
kernel-tools
|
< 4.14.301-224.520.amzn2 | amazonlinux-2 | aarch64 | |
| Affected | pkg:rpm/amazonlinux/kernel-tools-devel?arch=x86_64&distro=amazonlinux-2 | amazonlinux |
kernel-tools-devel
|
< 4.14.301-224.520.amzn2 | amazonlinux-2 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/kernel-tools-devel?arch=aarch64&distro=amazonlinux-2 | amazonlinux |
kernel-tools-devel
|
< 4.14.301-224.520.amzn2 | amazonlinux-2 | aarch64 | |
| Affected | pkg:rpm/amazonlinux/kernel-tools-debuginfo?arch=x86_64&distro=amazonlinux-2 | amazonlinux |
kernel-tools-debuginfo
|
< 4.14.301-224.520.amzn2 | amazonlinux-2 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/kernel-tools-debuginfo?arch=aarch64&distro=amazonlinux-2 | amazonlinux |
kernel-tools-debuginfo
|
< 4.14.301-224.520.amzn2 | amazonlinux-2 | aarch64 | |
| Affected | pkg:rpm/amazonlinux/kernel-livepatch-4.14.301-224.520?arch=x86_64&distro=amazonlinux-2 | amazonlinux |
kernel-livepatch-4.14.301-224.520
|
< 1.0-0.amzn2 | amazonlinux-2 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/kernel-headers?arch=x86_64&distro=amazonlinux-2 | amazonlinux |
kernel-headers
|
< 4.14.301-224.520.amzn2 | amazonlinux-2 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/kernel-headers?arch=i686&distro=amazonlinux-2 | amazonlinux |
kernel-headers
|
< 4.14.301-224.520.amzn2 | amazonlinux-2 | i686 | |
| Affected | pkg:rpm/amazonlinux/kernel-headers?arch=aarch64&distro=amazonlinux-2 | amazonlinux |
kernel-headers
|
< 4.14.301-224.520.amzn2 | amazonlinux-2 | aarch64 | |
| Affected | pkg:rpm/amazonlinux/kernel-devel?arch=x86_64&distro=amazonlinux-2 | amazonlinux |
kernel-devel
|
< 4.14.301-224.520.amzn2 | amazonlinux-2 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/kernel-devel?arch=aarch64&distro=amazonlinux-2 | amazonlinux |
kernel-devel
|
< 4.14.301-224.520.amzn2 | amazonlinux-2 | aarch64 | |
| Affected | pkg:rpm/amazonlinux/kernel-debuginfo?arch=x86_64&distro=amazonlinux-2 | amazonlinux |
kernel-debuginfo
|
< 4.14.301-224.520.amzn2 | amazonlinux-2 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/kernel-debuginfo?arch=aarch64&distro=amazonlinux-2 | amazonlinux |
kernel-debuginfo
|
< 4.14.301-224.520.amzn2 | amazonlinux-2 | aarch64 | |
| Affected | pkg:rpm/amazonlinux/kernel-debuginfo-common-x86_64?arch=x86_64&distro=amazonlinux-2 | amazonlinux |
kernel-debuginfo-common-x86_64
|
< 4.14.301-224.520.amzn2 | amazonlinux-2 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/kernel-debuginfo-common-aarch64?arch=aarch64&distro=amazonlinux-2 | amazonlinux |
kernel-debuginfo-common-aarch64
|
< 4.14.301-224.520.amzn2 | amazonlinux-2 | aarch64 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |