SB2017081724 - Amazon Linux AMI update for kernel
Published: August 17, 2017
Security Bulletin ID
SB2017081724
Severity
Medium
Patch available
YES
Number of vulnerabilities
3
Exploitation vector
Local access
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 3 secuirty vulnerabilities.
1) Buffer overflow (CVE-ID: CVE-2017-11473)
The vulnerability allows a local attacker to gain elevated privileges on the target system.The weakness exists in the mp_override_legacy_irq() function in arch/x86/kernel/acpi/boot.c due to buffer overflow. A local attacker can submit a specially crafted ACPI table, trigger memory corruption and gain root privileges.
2) Race condition (CVE-ID: CVE-2017-7533)
The vulnerability allows a local user to execute arbitrary code with escalated privileges.The vulnerability exists due to a race condition in the fsnotify implementation in the Linux kernel through 4.12.4. A local user can create an application, which leverages simultaneous execution of the inotify_handle_event and vfs_rename functions and trigger memory corruption and denials of service attack or execute arbitrary code on the target system with root privileges.
Successful exploitation of this vulnerability may allow a local user to obtain elevated privileges on the system.
Note: this vulnerability is being active exploited in the wild for 32-bit systems in August 2017.
3) Denial of service (CVE-ID: CVE-2017-7542)
The vulnerability allows a local attacker to cause DoS condition on the target system.The weakness exists in the ip6_find_1stfragopt function in net/ipv6/output_core.c due to leveraging the ability to open a raw socket. A local attacker can trigger integer overflow and infinite loop and cause a denial of service.
Remediation
Install update from vendor's website.