[ALAS2-2023-2027] Amazon Linux 2 2017.12 - ALAS2-2023-2027: important priority package update for kernel
Package updates are available for Amazon Linux 2 that fix the following vulnerabilities:
CVE-2023-33203:
The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/net/ethernet/qualcomm/emac/emac.c if a physically proximate attacker unplugs an emac based device.
CVE-2023-23454:
cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).
CVE-2023-2194:
An out-of-bounds write vulnerability was found in the Linux kernel's SLIMpro I2C device driver. The userspace "data->block[0]" variable was not capped to a number between 0-255 and was used as the size of a memcpy, possibly writing beyond the end of dma_buffer. This flaw could allow a local privileged user to crash the system or potentially achieve code execution.
CVE-2023-2124:
An out-of-bounds memory access flaw was found in the Linux kernel's XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user to crash or potentially escalate their privileges on the system.
CVE-2023-2002:
An insufficient permission check has been found in the Bluetooth subsystem of
the Linux kernel when handling ioctl system calls of HCI sockets. This causes
tasks without the proper CAP_NET_ADMIN capability can easily mark HCI sockets
as trusted. Trusted sockets are intended to enable the sending and receiving
of management commands and events, such as pairing or connecting with a new
device. As a result, unprivileged users can acquire a trusted socket, leading
to unauthorized execution of management commands. The exploit requires only
the presence of a set of commonly used setuid programs (e.g., su, sudo).
CVE-2023-1838:
A use-after-free flaw was found in vhost_net_set_backend in drivers/vhost/net.c in virtio network subcomponent in the Linux kernel due to a double fget. This flaw could allow a local attacker to crash the system, and could even lead to a kernel information leak problem.
- ID
- ALAS2-2023-2027
- Severity
- important
- URL
- https://alas.aws.amazon.com/AL2/ALAS-2023-2027.html
- Published
-
2023-04-27T18:37:00
(16 months ago) - Modified
-
2023-08-03T18:09:00
(13 months ago) - Rights
- Amazon Linux Security Team
- Other Advisories
-
- ALAS-2023-1735
- ALSA-2023:2951
- ALSA-2023:3723
- ALSA-2023:4517
- ALSA-2023:5244
- ALSA-2023:7077
- ALSA-2024:0897
- DSA-5324-1
- DSA-5448-1
- DSA-5480-1
- ELSA-2023-12196
- ELSA-2023-12206
- ELSA-2023-12207
- ELSA-2023-12375
- ELSA-2023-2951
- ELSA-2023-3723
- ELSA-2023-4517
- ELSA-2023-5244
- ELSA-2023-6583
- ELSA-2023-7077
- ELSA-2024-0897
- ELSA-2024-12169
- ELSA-2024-2004
- FEDORA-2023-00393126a0
- FEDORA-2023-26325e5399
- FEDORA-2023-dfd4a6e8f2
- MS:CVE-2023-23454
- RHSA-2023:2736
- RHSA-2023:2951
- RHSA-2023:3708
- RHSA-2023:3723
- RHSA-2023:4517
- RHSA-2023:4541
- RHSA-2023:5244
- RHSA-2023:5255
- RHSA-2023:6901
- RHSA-2023:7077
- RHSA-2024:0881
- RHSA-2024:0897
- RHSA-2024:2003
- RHSA-2024:2004
- RLSA-2023:4517
- RLSA-2023:5244
- SSA:2023-048-01
- SSA:2023-172-02
- SSA:2023-325-01
- SUSE-SU-2023:0145-1
- SUSE-SU-2023:0152-1
- SUSE-SU-2023:0406-1
- SUSE-SU-2023:0407-1
- SUSE-SU-2023:0410-1
- SUSE-SU-2023:0420-1
- SUSE-SU-2023:0433-1
- SUSE-SU-2023:0485-1
- SUSE-SU-2023:0488-1
- SUSE-SU-2023:0591-1
- SUSE-SU-2023:0618-1
- SUSE-SU-2023:0774-1
- SUSE-SU-2023:1608-1
- SUSE-SU-2023:1801-1
- SUSE-SU-2023:1803-1
- SUSE-SU-2023:1848-1
- SUSE-SU-2023:1895-1
- SUSE-SU-2023:1897-1
- SUSE-SU-2023:1992-1
- SUSE-SU-2023:2146-1
- SUSE-SU-2023:2147-1
- SUSE-SU-2023:2148-1
- SUSE-SU-2023:2151-1
- SUSE-SU-2023:2156-1
- SUSE-SU-2023:2162-1
- SUSE-SU-2023:2163-1
- SUSE-SU-2023:2232-1
- SUSE-SU-2023:2367-1
- SUSE-SU-2023:2368-1
- SUSE-SU-2023:2369-1
- SUSE-SU-2023:2371-1
- SUSE-SU-2023:2376-1
- SUSE-SU-2023:2384-1
- SUSE-SU-2023:2385-1
- SUSE-SU-2023:2386-1
- SUSE-SU-2023:2389-1
- SUSE-SU-2023:2399-1
- SUSE-SU-2023:2401-1
- SUSE-SU-2023:2405-1
- SUSE-SU-2023:2413-1
- SUSE-SU-2023:2420-1
- SUSE-SU-2023:2422-1
- SUSE-SU-2023:2423-1
- SUSE-SU-2023:2425-1
- SUSE-SU-2023:2428-1
- SUSE-SU-2023:2429-1
- SUSE-SU-2023:2431-1
- SUSE-SU-2023:2442-1
- SUSE-SU-2023:2443-1
- SUSE-SU-2023:2448-1
- SUSE-SU-2023:2450-1
- SUSE-SU-2023:2453-1
- SUSE-SU-2023:2455-1
- SUSE-SU-2023:2459-1
- SUSE-SU-2023:2468-1
- SUSE-SU-2023:2500-1
- SUSE-SU-2023:2501-1
- SUSE-SU-2023:2502-1
- SUSE-SU-2023:2506-1
- SUSE-SU-2023:2507-1
- SUSE-SU-2023:2534-1
- SUSE-SU-2023:2537-1
- SUSE-SU-2023:2538-1
- SUSE-SU-2023:2611-1
- SUSE-SU-2023:2646-1
- SUSE-SU-2023:2651-1
- SUSE-SU-2023:2653-1
- SUSE-SU-2023:2782-1
- SUSE-SU-2023:2804-1
- SUSE-SU-2023:2805-1
- SUSE-SU-2023:2808-1
- SUSE-SU-2023:2809-1
- SUSE-SU-2023:2810-1
- SUSE-SU-2023:2822-1
- SUSE-SU-2023:2830-1
- SUSE-SU-2023:2834-1
- SUSE-SU-2023:2859-1
- SUSE-SU-2023:2871-1
- SUSE-SU-2023:3035-1
- SUSE-SU-2023:3036-1
- SUSE-SU-2023:3046-1
- SUSE-SU-2023:3055-1
- SUSE-SU-2023:3063-1
- SUSE-SU-2023:3069-1
- SUSE-SU-2023:3073-1
- SUSE-SU-2023:3075-1
- SUSE-SU-2023:3076-1
- SUSE-SU-2023:3079-1
- SUSE-SU-2023:3081-1
- SUSE-SU-2023:3083-1
- SUSE-SU-2023:3104-1
- SUSE-SU-2023:3107-1
- SUSE-SU-2023:3111-1
- SUSE-SU-2023:3116-1
- SUSE-SU-2023:3153-1
- SUSE-SU-2023:4030-1
- SUSE-SU-2023:4095-1
- USN-5915-1
- USN-5917-1
- USN-5934-1
- USN-5939-1
- USN-5940-1
- USN-5951-1
- USN-5982-1
- USN-5987-1
- USN-6000-1
- USN-6004-1
- USN-6079-1
- USN-6091-1
- USN-6096-1
- USN-6173-1
- USN-6175-1
- USN-6186-1
- USN-6206-1
- USN-6224-1
- USN-6228-1
- USN-6231-1
- USN-6235-1
- USN-6252-1
- USN-6254-1
- USN-6283-1
- USN-6284-1
- USN-6300-1
- USN-6301-1
- USN-6311-1
- USN-6312-1
- USN-6314-1
- USN-6331-1
- USN-6332-1
- USN-6337-1
- USN-6340-1
- USN-6340-2
- USN-6347-1
- USN-6349-1
- USN-6357-1
- USN-6385-1
- USN-6397-1
- USN-6701-1
- USN-6701-2
- USN-6701-3
- USN-6701-4
- USN-6740-1
Source | # ID | Name | URL |
---|---|---|---|
CVE | CVE-2023-1838 | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1838 | |
CVE | CVE-2023-2002 | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2002 | |
CVE | CVE-2023-2124 | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2124 | |
CVE | CVE-2023-2194 | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2194 | |
CVE | CVE-2023-23454 | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23454 | |
CVE | CVE-2023-33203 | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33203 |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/amazonlinux/python-perf?arch=x86_64&distro=amazonlinux-2 | amazonlinux | python-perf | < 4.14.313-235.533.amzn2 | amazonlinux-2 | x86_64 | |
Affected | pkg:rpm/amazonlinux/python-perf?arch=aarch64&distro=amazonlinux-2 | amazonlinux | python-perf | < 4.14.313-235.533.amzn2 | amazonlinux-2 | aarch64 | |
Affected | pkg:rpm/amazonlinux/python-perf-debuginfo?arch=x86_64&distro=amazonlinux-2 | amazonlinux | python-perf-debuginfo | < 4.14.313-235.533.amzn2 | amazonlinux-2 | x86_64 | |
Affected | pkg:rpm/amazonlinux/python-perf-debuginfo?arch=aarch64&distro=amazonlinux-2 | amazonlinux | python-perf-debuginfo | < 4.14.313-235.533.amzn2 | amazonlinux-2 | aarch64 | |
Affected | pkg:rpm/amazonlinux/perf?arch=x86_64&distro=amazonlinux-2 | amazonlinux | perf | < 4.14.313-235.533.amzn2 | amazonlinux-2 | x86_64 | |
Affected | pkg:rpm/amazonlinux/perf?arch=aarch64&distro=amazonlinux-2 | amazonlinux | perf | < 4.14.313-235.533.amzn2 | amazonlinux-2 | aarch64 | |
Affected | pkg:rpm/amazonlinux/perf-debuginfo?arch=x86_64&distro=amazonlinux-2 | amazonlinux | perf-debuginfo | < 4.14.313-235.533.amzn2 | amazonlinux-2 | x86_64 | |
Affected | pkg:rpm/amazonlinux/perf-debuginfo?arch=aarch64&distro=amazonlinux-2 | amazonlinux | perf-debuginfo | < 4.14.313-235.533.amzn2 | amazonlinux-2 | aarch64 | |
Affected | pkg:rpm/amazonlinux/kernel?arch=x86_64&distro=amazonlinux-2 | amazonlinux | kernel | < 4.14.313-235.533.amzn2 | amazonlinux-2 | x86_64 | |
Affected | pkg:rpm/amazonlinux/kernel?arch=aarch64&distro=amazonlinux-2 | amazonlinux | kernel | < 4.14.313-235.533.amzn2 | amazonlinux-2 | aarch64 | |
Affected | pkg:rpm/amazonlinux/kernel-tools?arch=x86_64&distro=amazonlinux-2 | amazonlinux | kernel-tools | < 4.14.313-235.533.amzn2 | amazonlinux-2 | x86_64 | |
Affected | pkg:rpm/amazonlinux/kernel-tools?arch=aarch64&distro=amazonlinux-2 | amazonlinux | kernel-tools | < 4.14.313-235.533.amzn2 | amazonlinux-2 | aarch64 | |
Affected | pkg:rpm/amazonlinux/kernel-tools-devel?arch=x86_64&distro=amazonlinux-2 | amazonlinux | kernel-tools-devel | < 4.14.313-235.533.amzn2 | amazonlinux-2 | x86_64 | |
Affected | pkg:rpm/amazonlinux/kernel-tools-devel?arch=aarch64&distro=amazonlinux-2 | amazonlinux | kernel-tools-devel | < 4.14.313-235.533.amzn2 | amazonlinux-2 | aarch64 | |
Affected | pkg:rpm/amazonlinux/kernel-tools-debuginfo?arch=x86_64&distro=amazonlinux-2 | amazonlinux | kernel-tools-debuginfo | < 4.14.313-235.533.amzn2 | amazonlinux-2 | x86_64 | |
Affected | pkg:rpm/amazonlinux/kernel-tools-debuginfo?arch=aarch64&distro=amazonlinux-2 | amazonlinux | kernel-tools-debuginfo | < 4.14.313-235.533.amzn2 | amazonlinux-2 | aarch64 | |
Affected | pkg:rpm/amazonlinux/kernel-livepatch-4.14.313-235.533?arch=x86_64&distro=amazonlinux-2 | amazonlinux | kernel-livepatch-4.14.313-235.533 | < 1.0-0.amzn2 | amazonlinux-2 | x86_64 | |
Affected | pkg:rpm/amazonlinux/kernel-headers?arch=x86_64&distro=amazonlinux-2 | amazonlinux | kernel-headers | < 4.14.313-235.533.amzn2 | amazonlinux-2 | x86_64 | |
Affected | pkg:rpm/amazonlinux/kernel-headers?arch=i686&distro=amazonlinux-2 | amazonlinux | kernel-headers | < 4.14.313-235.533.amzn2 | amazonlinux-2 | i686 | |
Affected | pkg:rpm/amazonlinux/kernel-headers?arch=aarch64&distro=amazonlinux-2 | amazonlinux | kernel-headers | < 4.14.313-235.533.amzn2 | amazonlinux-2 | aarch64 | |
Affected | pkg:rpm/amazonlinux/kernel-devel?arch=x86_64&distro=amazonlinux-2 | amazonlinux | kernel-devel | < 4.14.313-235.533.amzn2 | amazonlinux-2 | x86_64 | |
Affected | pkg:rpm/amazonlinux/kernel-devel?arch=aarch64&distro=amazonlinux-2 | amazonlinux | kernel-devel | < 4.14.313-235.533.amzn2 | amazonlinux-2 | aarch64 | |
Affected | pkg:rpm/amazonlinux/kernel-debuginfo?arch=x86_64&distro=amazonlinux-2 | amazonlinux | kernel-debuginfo | < 4.14.313-235.533.amzn2 | amazonlinux-2 | x86_64 | |
Affected | pkg:rpm/amazonlinux/kernel-debuginfo?arch=aarch64&distro=amazonlinux-2 | amazonlinux | kernel-debuginfo | < 4.14.313-235.533.amzn2 | amazonlinux-2 | aarch64 | |
Affected | pkg:rpm/amazonlinux/kernel-debuginfo-common-x86_64?arch=x86_64&distro=amazonlinux-2 | amazonlinux | kernel-debuginfo-common-x86_64 | < 4.14.313-235.533.amzn2 | amazonlinux-2 | x86_64 | |
Affected | pkg:rpm/amazonlinux/kernel-debuginfo-common-aarch64?arch=aarch64&distro=amazonlinux-2 | amazonlinux | kernel-debuginfo-common-aarch64 | < 4.14.313-235.533.amzn2 | amazonlinux-2 | aarch64 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |