[ALAS2-2023-2325] Amazon Linux 2 2017.12 - ALAS2-2023-2325: important priority package update for cni-plugins
Severity
Important
Affected Packages
4
CVEs
1
Package updates are available for Amazon Linux 2 that fix the following vulnerabilities:
CVE-2023-39325:
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Package | Affected Version |
---|---|
pkg:rpm/amazonlinux/cni-plugins?arch=x86_64&distro=amazonlinux-2 | < 1.2.0-1.amzn2.0.4 |
pkg:rpm/amazonlinux/cni-plugins?arch=aarch64&distro=amazonlinux-2 | < 1.2.0-1.amzn2.0.4 |
pkg:rpm/amazonlinux/cni-plugins-debuginfo?arch=x86_64&distro=amazonlinux-2 | < 1.2.0-1.amzn2.0.4 |
pkg:rpm/amazonlinux/cni-plugins-debuginfo?arch=aarch64&distro=amazonlinux-2 | < 1.2.0-1.amzn2.0.4 |
- ID
- ALAS2-2023-2325
- Severity
- important
- URL
- https://alas.aws.amazon.com/AL2/ALAS-2023-2325.html
- Published
-
2023-10-30T23:59:00
(10 months ago) - Modified
-
2023-11-01T22:21:00
(10 months ago) - Rights
- Amazon Linux Security Team
- Other Advisories
-
- ALAS-2023-1871
- ALAS-2024-1920
- ALAS2-2023-2313
- ALAS2-2023-2324
- ALAS2-2023-2326
- ALAS2-2023-2339
- ALAS2-2024-2424
- ALAS2-2024-2458
- ALPINE:CVE-2023-39325
- ALSA-2023:5721
- ALSA-2023:5738
- ALSA-2023:5863
- ALSA-2023:5867
- ALSA-2023:6077
- ELSA-2023-13028
- ELSA-2023-13029
- ELSA-2023-13053
- ELSA-2023-13054
- ELSA-2023-5721
- ELSA-2023-5738
- ELSA-2023-5863
- ELSA-2023-5867
- FEDORA-2023-0d46257314
- FEDORA-2023-257f33c602
- FEDORA-2023-327346caa5
- FEDORA-2023-3a895ff65c
- FEDORA-2023-4bf641255e
- FEDORA-2023-5029b92850
- FEDORA-2023-548163deb1
- FEDORA-2023-66966ae3d0
- FEDORA-2023-6f4c5b6331
- FEDORA-2023-822aab0a5a
- FEDORA-2023-a5a5542890
- FEDORA-2023-b43faebc9f
- FEDORA-2023-b60ff8c9ec
- FEDORA-2023-b75ee820ce
- FEDORA-2023-c858d2c53b
- FEDORA-2023-d58c8eeb7c
- FEDORA-2023-e359fd31d2
- FEDORA-2023-e3e4e3f51a
- FEDORA-2023-fa2d7b25d9
- FEDORA-2023-fa2ec3d3e0
- FEDORA-2023-fe53e13b5b
- FEDORA-2024-07c811c7a5
- FEDORA-2024-0ac454dafc
- FEDORA-2024-0d4d9925a2
- FEDORA-2024-35c28f59d1
- FEDORA-2024-5d8e87ec66
- FEDORA-2024-80e062d21a
- FEDORA-2024-9cc0e0c63e
- FEDORA-2024-ae653fb07b
- FEDORA-2024-b85b97c0e9
- FEDORA-2024-c3e32c5635
- FEDORA-2024-cafa04a149
- FEDORA-2024-d652859efb
- FEDORA-2024-f99ecead66
- FEDORA-2024-fb32950d11
- FEDORA-2024-fd3545a844
- FREEBSD:7A1B2624-6A89-11EE-AF06-5404A68AD561
- GLSA-202311-09
- GO-2023-2102
- openSUSE-SU-2023:0360-1
- RHSA-2023:5721
- RHSA-2023:5738
- RHSA-2023:5835
- RHSA-2023:5863
- RHSA-2023:5867
- RHSA-2023:6077
- RLSA-2023:5863
- RLSA-2023:6077
- SUSE-SU-2023:4068-1
- SUSE-SU-2023:4069-1
- SUSE-SU-2023:4469-1
- SUSE-SU-2023:4472-1
- SUSE-SU-2024:3094-1
- SUSE-SU-2024:3097-1
- SUSE-SU-2024:3098-1
- USN-6574-1
Source | # ID | Name | URL |
---|---|---|---|
CVE | CVE-2023-39325 | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/amazonlinux/cni-plugins?arch=x86_64&distro=amazonlinux-2 | amazonlinux | cni-plugins | < 1.2.0-1.amzn2.0.4 | amazonlinux-2 | x86_64 | |
Affected | pkg:rpm/amazonlinux/cni-plugins?arch=aarch64&distro=amazonlinux-2 | amazonlinux | cni-plugins | < 1.2.0-1.amzn2.0.4 | amazonlinux-2 | aarch64 | |
Affected | pkg:rpm/amazonlinux/cni-plugins-debuginfo?arch=x86_64&distro=amazonlinux-2 | amazonlinux | cni-plugins-debuginfo | < 1.2.0-1.amzn2.0.4 | amazonlinux-2 | x86_64 | |
Affected | pkg:rpm/amazonlinux/cni-plugins-debuginfo?arch=aarch64&distro=amazonlinux-2 | amazonlinux | cni-plugins-debuginfo | < 1.2.0-1.amzn2.0.4 | amazonlinux-2 | aarch64 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |