[ALAS2-2023-1987] Amazon Linux 2 2017.12 - ALAS2-2023-1987: important priority package update for kernel

Severity Important

Affected Packages 26

CVEs 11

Package updates are available for Amazon Linux 2 that fix the following vulnerabilities:
CVE-2023-45862:
An issue was discovered in drivers/usb/storage/ene_ub6250.c for the ENE UB6250 reader driver in the Linux kernel before 6.2.5. An object could potentially extend beyond the end of an allocation.

CVE-2023-3161:
A flaw was found in the Framebuffer Console (fbcon) in the Linux Kernel. When providing a font->width and font->height greater than 32 to the fbcon_set_font, since there are no checks in place, a shift-out-of-bounds occurs, leading to undefined behavior and possible denial of service.

CVE-2023-2985:
A use-after-free flaw was found in hfsplus_put_super in fs/hfsplus/super.c in the Linux Kernel. This flaw could allow a local user to cause a denial of service.

CVE-2023-26545:
In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device.

CVE-2023-2162:
A use-after-free flaw was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in the SCSI sub-component in the Linux Kernel. This issue could allow an attacker to leak kernel internal information.

CVE-2023-1998:
When plain IBRS is enabled (not enhanced IBRS), the logic in spectre_v2_user_select_mitigation() determines that STIBP is not needed. The IBRS bit implicitly protects against cross-thread branch target
injection. However, with legacy IBRS, the IBRS bit is cleared on returning to userspace for performance reasons which leaves userspace threads vulnerable to cross-thread branch target injection against which STIBP protects.

CVE-2023-1829:
A use-after-free vulnerability in the Linux Kernel traffic control index filter (tcindex) can be exploited to achieve local privilege escalation. The tcindex_delete function which does not properly deactivate filters in case of a perfect hashes while deleting the underlying structure which can later lead to double freeing the structure. A local attacker user can use this vulnerability to elevate its privileges to root.
We recommend upgrading past commit 8c710f75256bb3cf05ac7b1672c82b92c43f3d28.

CVE-2023-1281:
Use After Free vulnerability in Linux kernel traffic control index filter (tcindex) allows Privilege Escalation. The imperfect hash area can be updated while packets are traversing, which will cause a use-after-free when 'tcf_exts_exec()' is called with the destroyed tcf_ext. A local attacker user can use this vulnerability to elevate its privileges to root. This issue affects Linux Kernel: from 4.14 before git commit ee059170b1f7e94e55fa6cadee544e176a6e59c2.

CVE-2023-0458:
Detected a few exploitable gadgets that could leak secret memory through a side-channel such as MDS as well as insufficient hardening of the usercopy functions against spectre-v1.

Package	Affected Version
pkg:rpm/amazonlinux/python-perf?arch=x86_64&distro=amazonlinux-2	< 4.14.309-231.529.amzn2
pkg:rpm/amazonlinux/python-perf?arch=aarch64&distro=amazonlinux-2	< 4.14.309-231.529.amzn2
pkg:rpm/amazonlinux/python-perf-debuginfo?arch=x86_64&distro=amazonlinux-2	< 4.14.309-231.529.amzn2
pkg:rpm/amazonlinux/python-perf-debuginfo?arch=aarch64&distro=amazonlinux-2	< 4.14.309-231.529.amzn2
pkg:rpm/amazonlinux/perf?arch=x86_64&distro=amazonlinux-2	< 4.14.309-231.529.amzn2
pkg:rpm/amazonlinux/perf?arch=aarch64&distro=amazonlinux-2	< 4.14.309-231.529.amzn2
pkg:rpm/amazonlinux/perf-debuginfo?arch=x86_64&distro=amazonlinux-2	< 4.14.309-231.529.amzn2
pkg:rpm/amazonlinux/perf-debuginfo?arch=aarch64&distro=amazonlinux-2	< 4.14.309-231.529.amzn2
pkg:rpm/amazonlinux/kernel?arch=x86_64&distro=amazonlinux-2	< 4.14.309-231.529.amzn2
pkg:rpm/amazonlinux/kernel?arch=aarch64&distro=amazonlinux-2	< 4.14.309-231.529.amzn2
pkg:rpm/amazonlinux/kernel-tools?arch=x86_64&distro=amazonlinux-2	< 4.14.309-231.529.amzn2
pkg:rpm/amazonlinux/kernel-tools?arch=aarch64&distro=amazonlinux-2	< 4.14.309-231.529.amzn2
pkg:rpm/amazonlinux/kernel-tools-devel?arch=x86_64&distro=amazonlinux-2	< 4.14.309-231.529.amzn2
pkg:rpm/amazonlinux/kernel-tools-devel?arch=aarch64&distro=amazonlinux-2	< 4.14.309-231.529.amzn2
pkg:rpm/amazonlinux/kernel-tools-debuginfo?arch=x86_64&distro=amazonlinux-2	< 4.14.309-231.529.amzn2
pkg:rpm/amazonlinux/kernel-tools-debuginfo?arch=aarch64&distro=amazonlinux-2	< 4.14.309-231.529.amzn2
pkg:rpm/amazonlinux/kernel-livepatch-4.14.309-231.529?arch=x86_64&distro=amazonlinux-2	< 1.0-0.amzn2
pkg:rpm/amazonlinux/kernel-headers?arch=x86_64&distro=amazonlinux-2	< 4.14.309-231.529.amzn2
pkg:rpm/amazonlinux/kernel-headers?arch=i686&distro=amazonlinux-2	< 4.14.309-231.529.amzn2
pkg:rpm/amazonlinux/kernel-headers?arch=aarch64&distro=amazonlinux-2	< 4.14.309-231.529.amzn2
pkg:rpm/amazonlinux/kernel-devel?arch=x86_64&distro=amazonlinux-2	< 4.14.309-231.529.amzn2
pkg:rpm/amazonlinux/kernel-devel?arch=aarch64&distro=amazonlinux-2	< 4.14.309-231.529.amzn2
pkg:rpm/amazonlinux/kernel-debuginfo?arch=x86_64&distro=amazonlinux-2	< 4.14.309-231.529.amzn2
pkg:rpm/amazonlinux/kernel-debuginfo?arch=aarch64&distro=amazonlinux-2	< 4.14.309-231.529.amzn2
pkg:rpm/amazonlinux/kernel-debuginfo-common-x86_64?arch=x86_64&distro=amazonlinux-2	< 4.14.309-231.529.amzn2
pkg:rpm/amazonlinux/kernel-debuginfo-common-aarch64?arch=aarch64&distro=amazonlinux-2	< 4.14.309-231.529.amzn2

ID

ALAS2-2023-1987

Severity

important

URL

https://alas.aws.amazon.com/AL2/ALAS-2023-1987.html

Published

2023-03-17T16:34:00
(18 months ago)

Modified

2023-10-25T21:40:00
(10 months ago)

Rights

Amazon Linux Security Team

Other Advisories

Source	# ID	URL
CVE	CVE-2023-0458	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0458
CVE	CVE-2023-1281	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1281
CVE	CVE-2023-1829	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1829
CVE	CVE-2023-1998	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1998
CVE	CVE-2023-2162	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2162
CVE	CVE-2023-26545	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26545
CVE	CVE-2023-2985	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2985
CVE	CVE-2023-3161	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3161
CVE	CVE-2023-45862	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45862

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform	Arch
Affected	pkg:rpm/amazonlinux/python-perf?arch=x86_64&distro=amazonlinux-2	amazonlinux	python-perf	< 4.14.309-231.529.amzn2	amazonlinux-2	x86_64
Affected	pkg:rpm/amazonlinux/python-perf?arch=aarch64&distro=amazonlinux-2	amazonlinux	python-perf	< 4.14.309-231.529.amzn2	amazonlinux-2	aarch64
Affected	pkg:rpm/amazonlinux/python-perf-debuginfo?arch=x86_64&distro=amazonlinux-2	amazonlinux	python-perf-debuginfo	< 4.14.309-231.529.amzn2	amazonlinux-2	x86_64
Affected	pkg:rpm/amazonlinux/python-perf-debuginfo?arch=aarch64&distro=amazonlinux-2	amazonlinux	python-perf-debuginfo	< 4.14.309-231.529.amzn2	amazonlinux-2	aarch64
Affected	pkg:rpm/amazonlinux/perf?arch=x86_64&distro=amazonlinux-2	amazonlinux	perf	< 4.14.309-231.529.amzn2	amazonlinux-2	x86_64
Affected	pkg:rpm/amazonlinux/perf?arch=aarch64&distro=amazonlinux-2	amazonlinux	perf	< 4.14.309-231.529.amzn2	amazonlinux-2	aarch64
Affected	pkg:rpm/amazonlinux/perf-debuginfo?arch=x86_64&distro=amazonlinux-2	amazonlinux	perf-debuginfo	< 4.14.309-231.529.amzn2	amazonlinux-2	x86_64
Affected	pkg:rpm/amazonlinux/perf-debuginfo?arch=aarch64&distro=amazonlinux-2	amazonlinux	perf-debuginfo	< 4.14.309-231.529.amzn2	amazonlinux-2	aarch64
Affected	pkg:rpm/amazonlinux/kernel?arch=x86_64&distro=amazonlinux-2	amazonlinux	kernel	< 4.14.309-231.529.amzn2	amazonlinux-2	x86_64
Affected	pkg:rpm/amazonlinux/kernel?arch=aarch64&distro=amazonlinux-2	amazonlinux	kernel	< 4.14.309-231.529.amzn2	amazonlinux-2	aarch64
Affected	pkg:rpm/amazonlinux/kernel-tools?arch=x86_64&distro=amazonlinux-2	amazonlinux	kernel-tools	< 4.14.309-231.529.amzn2	amazonlinux-2	x86_64
Affected	pkg:rpm/amazonlinux/kernel-tools?arch=aarch64&distro=amazonlinux-2	amazonlinux	kernel-tools	< 4.14.309-231.529.amzn2	amazonlinux-2	aarch64
Affected	pkg:rpm/amazonlinux/kernel-tools-devel?arch=x86_64&distro=amazonlinux-2	amazonlinux	kernel-tools-devel	< 4.14.309-231.529.amzn2	amazonlinux-2	x86_64
Affected	pkg:rpm/amazonlinux/kernel-tools-devel?arch=aarch64&distro=amazonlinux-2	amazonlinux	kernel-tools-devel	< 4.14.309-231.529.amzn2	amazonlinux-2	aarch64
Affected	pkg:rpm/amazonlinux/kernel-tools-debuginfo?arch=x86_64&distro=amazonlinux-2	amazonlinux	kernel-tools-debuginfo	< 4.14.309-231.529.amzn2	amazonlinux-2	x86_64
Affected	pkg:rpm/amazonlinux/kernel-tools-debuginfo?arch=aarch64&distro=amazonlinux-2	amazonlinux	kernel-tools-debuginfo	< 4.14.309-231.529.amzn2	amazonlinux-2	aarch64
Affected	pkg:rpm/amazonlinux/kernel-livepatch-4.14.309-231.529?arch=x86_64&distro=amazonlinux-2	amazonlinux	kernel-livepatch-4.14.309-231.529	< 1.0-0.amzn2	amazonlinux-2	x86_64
Affected	pkg:rpm/amazonlinux/kernel-headers?arch=x86_64&distro=amazonlinux-2	amazonlinux	kernel-headers	< 4.14.309-231.529.amzn2	amazonlinux-2	x86_64
Affected	pkg:rpm/amazonlinux/kernel-headers?arch=i686&distro=amazonlinux-2	amazonlinux	kernel-headers	< 4.14.309-231.529.amzn2	amazonlinux-2	i686
Affected	pkg:rpm/amazonlinux/kernel-headers?arch=aarch64&distro=amazonlinux-2	amazonlinux	kernel-headers	< 4.14.309-231.529.amzn2	amazonlinux-2	aarch64
Affected	pkg:rpm/amazonlinux/kernel-devel?arch=x86_64&distro=amazonlinux-2	amazonlinux	kernel-devel	< 4.14.309-231.529.amzn2	amazonlinux-2	x86_64
Affected	pkg:rpm/amazonlinux/kernel-devel?arch=aarch64&distro=amazonlinux-2	amazonlinux	kernel-devel	< 4.14.309-231.529.amzn2	amazonlinux-2	aarch64
Affected	pkg:rpm/amazonlinux/kernel-debuginfo?arch=x86_64&distro=amazonlinux-2	amazonlinux	kernel-debuginfo	< 4.14.309-231.529.amzn2	amazonlinux-2	x86_64
Affected	pkg:rpm/amazonlinux/kernel-debuginfo?arch=aarch64&distro=amazonlinux-2	amazonlinux	kernel-debuginfo	< 4.14.309-231.529.amzn2	amazonlinux-2	aarch64
Affected	pkg:rpm/amazonlinux/kernel-debuginfo-common-x86_64?arch=x86_64&distro=amazonlinux-2	amazonlinux	kernel-debuginfo-common-x86_64	< 4.14.309-231.529.amzn2	amazonlinux-2	x86_64
Affected	pkg:rpm/amazonlinux/kernel-debuginfo-common-aarch64?arch=aarch64&distro=amazonlinux-2	amazonlinux	kernel-debuginfo-common-aarch64	< 4.14.309-231.529.amzn2	amazonlinux-2	aarch64

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date