[ALAS2-2024-2569] Amazon Linux 2 2017.12 - ALAS2-2024-2569: important priority package update for kernel
Severity
Important
Affected Packages
26
CVEs
5
Package updates are available for Amazon Linux 2 that fix the following vulnerabilities:
CVE-2022-2977:
A flaw was found in the Linux kernel implementation of proxied virtualized TPM devices. On a system where virtualized TPM devices are configured (this is not the default) a local attacker can create a use-after-free and create a situation where it may be possible to escalate privileges on the system.
- ID
- ALAS2-2024-2569
- Severity
- important
- URL
- https://alas.aws.amazon.com/AL2/ALAS-2024-2569.html
- Published
-
2024-06-06T20:17:00
(3 months ago) - Modified
-
2024-06-06T20:17:00
(3 months ago) - Rights
- Amazon Linux Security Team
- Other Advisories
-
-
ALAS-2022-1591
-
ALAS2-2022-1793
-
ALSA-2022:1988
-
ALSA-2022:7110
-
ALSA-2022:8267
-
ALSA-2023:5069
-
ALSA-2024:0897
-
DSA-5127-1
-
DSA-5173-1
-
ELSA-2022-1988
-
ELSA-2022-7110
-
ELSA-2022-8267
-
ELSA-2022-9479
-
ELSA-2022-9480
-
ELSA-2022-9761
-
ELSA-2023-12160
-
ELSA-2023-5069
-
ELSA-2024-0461
-
ELSA-2024-0897
-
ELSA-2024-12094
-
ELSA-2024-12169
-
FEDORA-2022-9342e59a98
-
FEDORA-2022-de4474b89d
-
MS:CVE-2022-1011
-
MS:CVE-2022-1353
-
MS:CVE-2022-2977
-
MS:CVE-2022-41858
-
RHSA-2022:1975
-
RHSA-2022:1988
-
RHSA-2022:7110
-
RHSA-2022:7134
-
RHSA-2022:7933
-
RHSA-2022:8267
-
RHSA-2023:5069
-
RHSA-2023:5091
-
RHSA-2023:5244
-
RHSA-2023:5255
-
RHSA-2024:0881
-
RHSA-2024:0897
-
RLSA-2022:1988
-
RLSA-2022:7110
-
SSA:2022-129-01
-
SUSE-SU-2022:1163-1
-
SUSE-SU-2022:1183-1
-
SUSE-SU-2022:1318-1
-
SUSE-SU-2022:1320-1
-
SUSE-SU-2022:1322-1
-
SUSE-SU-2022:1326-1
-
SUSE-SU-2022:1329-1
-
SUSE-SU-2022:1335-1
-
SUSE-SU-2022:1369-1
-
SUSE-SU-2022:1407-1
-
SUSE-SU-2022:1440-1
-
SUSE-SU-2022:1453-1
-
SUSE-SU-2022:1486-1
-
SUSE-SU-2022:1593-1
-
SUSE-SU-2022:1598-1
-
SUSE-SU-2022:1611-1
-
SUSE-SU-2022:1634-1
-
SUSE-SU-2022:1641-1
-
SUSE-SU-2022:1651-1
-
SUSE-SU-2022:1668-1
-
SUSE-SU-2022:1669-1
-
SUSE-SU-2022:1676-1
-
SUSE-SU-2022:1686-1
-
SUSE-SU-2022:1687-1
-
SUSE-SU-2022:2077-1
-
SUSE-SU-2022:2082-1
-
SUSE-SU-2022:2083-1
-
SUSE-SU-2022:2103-1
-
SUSE-SU-2022:2104-1
-
SUSE-SU-2022:2111-1
-
SUSE-SU-2022:3264-1
-
SUSE-SU-2022:3265-1
-
SUSE-SU-2022:3274-1
-
SUSE-SU-2022:3282-1
-
SUSE-SU-2022:3288-1
-
SUSE-SU-2022:3291-1
-
SUSE-SU-2022:3293-1
-
SUSE-SU-2022:3408-1
-
SUSE-SU-2022:3422-1
-
SUSE-SU-2022:3450-1
-
SUSE-SU-2022:3609-1
-
SUSE-SU-2022:3809-1
-
SUSE-SU-2022:4503-1
-
SUSE-SU-2022:4504-1
-
SUSE-SU-2022:4505-1
-
SUSE-SU-2022:4561-1
-
SUSE-SU-2022:4566-1
-
SUSE-SU-2022:4573-1
-
SUSE-SU-2022:4574-1
-
SUSE-SU-2022:4585-1
-
SUSE-SU-2022:4589-1
-
SUSE-SU-2022:4611-1
-
SUSE-SU-2022:4613-1
-
SUSE-SU-2022:4614-1
-
SUSE-SU-2022:4615-1
-
SUSE-SU-2022:4616-1
-
SUSE-SU-2022:4617-1
-
SUSE-SU-2023:0416-1
-
SUSE-SU-2023:1802-1
-
SUSE-SU-2023:1897-1
-
SUSE-SU-2023:1992-1
-
SUSE-SU-2023:2502-1
-
SUSE-SU-2023:2611-1
-
SUSE-SU-2023:2646-1
-
SUSE-SU-2023:2651-1
-
SUSE-SU-2023:2804-1
-
SUSE-SU-2023:2808-1
-
SUSE-SU-2023:2809-1
-
SUSE-SU-2023:2822-1
-
SUSE-SU-2023:2830-1
-
SUSE-SU-2023:2871-1
-
SUSE-SU-2023:3324-1
-
USN-5381-1
-
USN-5467-1
-
USN-5469-1
-
USN-5500-1
-
USN-5505-1
-
USN-5513-1
-
USN-5515-1
-
USN-5541-1
-
USN-5884-1
-
USN-5926-1
-
| Source | # ID | Name | URL |
|---|---|---|---|
| CVE | CVE-2022-2977 |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/amazonlinux/python-perf?arch=x86_64&distro=amazonlinux-2 | amazonlinux |
 python-perf
|
< 4.14.276-211.499.amzn2 | amazonlinux-2 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/python-perf?arch=aarch64&distro=amazonlinux-2 | amazonlinux |
python-perf
|
< 4.14.276-211.499.amzn2 | amazonlinux-2 | aarch64 | |
| Affected | pkg:rpm/amazonlinux/python-perf-debuginfo?arch=x86_64&distro=amazonlinux-2 | amazonlinux |
python-perf-debuginfo
|
< 4.14.276-211.499.amzn2 | amazonlinux-2 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/python-perf-debuginfo?arch=aarch64&distro=amazonlinux-2 | amazonlinux |
python-perf-debuginfo
|
< 4.14.276-211.499.amzn2 | amazonlinux-2 | aarch64 | |
| Affected | pkg:rpm/amazonlinux/perf?arch=x86_64&distro=amazonlinux-2 | amazonlinux |
perf
|
< 4.14.276-211.499.amzn2 | amazonlinux-2 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/perf?arch=aarch64&distro=amazonlinux-2 | amazonlinux |
perf
|
< 4.14.276-211.499.amzn2 | amazonlinux-2 | aarch64 | |
| Affected | pkg:rpm/amazonlinux/perf-debuginfo?arch=x86_64&distro=amazonlinux-2 | amazonlinux |
perf-debuginfo
|
< 4.14.276-211.499.amzn2 | amazonlinux-2 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/perf-debuginfo?arch=aarch64&distro=amazonlinux-2 | amazonlinux |
perf-debuginfo
|
< 4.14.276-211.499.amzn2 | amazonlinux-2 | aarch64 | |
| Affected | pkg:rpm/amazonlinux/kernel?arch=x86_64&distro=amazonlinux-2 | amazonlinux |
kernel
|
< 4.14.276-211.499.amzn2 | amazonlinux-2 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/kernel?arch=aarch64&distro=amazonlinux-2 | amazonlinux |
kernel
|
< 4.14.276-211.499.amzn2 | amazonlinux-2 | aarch64 | |
| Affected | pkg:rpm/amazonlinux/kernel-tools?arch=x86_64&distro=amazonlinux-2 | amazonlinux |
kernel-tools
|
< 4.14.276-211.499.amzn2 | amazonlinux-2 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/kernel-tools?arch=aarch64&distro=amazonlinux-2 | amazonlinux |
kernel-tools
|
< 4.14.276-211.499.amzn2 | amazonlinux-2 | aarch64 | |
| Affected | pkg:rpm/amazonlinux/kernel-tools-devel?arch=x86_64&distro=amazonlinux-2 | amazonlinux |
kernel-tools-devel
|
< 4.14.276-211.499.amzn2 | amazonlinux-2 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/kernel-tools-devel?arch=aarch64&distro=amazonlinux-2 | amazonlinux |
kernel-tools-devel
|
< 4.14.276-211.499.amzn2 | amazonlinux-2 | aarch64 | |
| Affected | pkg:rpm/amazonlinux/kernel-tools-debuginfo?arch=x86_64&distro=amazonlinux-2 | amazonlinux |
kernel-tools-debuginfo
|
< 4.14.276-211.499.amzn2 | amazonlinux-2 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/kernel-tools-debuginfo?arch=aarch64&distro=amazonlinux-2 | amazonlinux |
kernel-tools-debuginfo
|
< 4.14.276-211.499.amzn2 | amazonlinux-2 | aarch64 | |
| Affected | pkg:rpm/amazonlinux/kernel-livepatch-4.14.276-211.499?arch=x86_64&distro=amazonlinux-2 | amazonlinux |
kernel-livepatch-4.14.276-211.499
|
< 1.0-0.amzn2 | amazonlinux-2 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/kernel-headers?arch=x86_64&distro=amazonlinux-2 | amazonlinux |
kernel-headers
|
< 4.14.276-211.499.amzn2 | amazonlinux-2 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/kernel-headers?arch=i686&distro=amazonlinux-2 | amazonlinux |
kernel-headers
|
< 4.14.276-211.499.amzn2 | amazonlinux-2 | i686 | |
| Affected | pkg:rpm/amazonlinux/kernel-headers?arch=aarch64&distro=amazonlinux-2 | amazonlinux |
kernel-headers
|
< 4.14.276-211.499.amzn2 | amazonlinux-2 | aarch64 | |
| Affected | pkg:rpm/amazonlinux/kernel-devel?arch=x86_64&distro=amazonlinux-2 | amazonlinux |
kernel-devel
|
< 4.14.276-211.499.amzn2 | amazonlinux-2 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/kernel-devel?arch=aarch64&distro=amazonlinux-2 | amazonlinux |
kernel-devel
|
< 4.14.276-211.499.amzn2 | amazonlinux-2 | aarch64 | |
| Affected | pkg:rpm/amazonlinux/kernel-debuginfo?arch=x86_64&distro=amazonlinux-2 | amazonlinux |
kernel-debuginfo
|
< 4.14.276-211.499.amzn2 | amazonlinux-2 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/kernel-debuginfo?arch=aarch64&distro=amazonlinux-2 | amazonlinux |
kernel-debuginfo
|
< 4.14.276-211.499.amzn2 | amazonlinux-2 | aarch64 | |
| Affected | pkg:rpm/amazonlinux/kernel-debuginfo-common-x86_64?arch=x86_64&distro=amazonlinux-2 | amazonlinux |
kernel-debuginfo-common-x86_64
|
< 4.14.276-211.499.amzn2 | amazonlinux-2 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/kernel-debuginfo-common-aarch64?arch=aarch64&distro=amazonlinux-2 | amazonlinux |
kernel-debuginfo-common-aarch64
|
< 4.14.276-211.499.amzn2 | amazonlinux-2 | aarch64 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |