Amazon Linux AMI update for kernel
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 11 |
| CVE-ID | CVE-2017-1000407 CVE-2017-1000405 CVE-2017-16647 CVE-2017-16646 CVE-2017-16645 CVE-2017-16643 CVE-2017-16994 CVE-2017-16650 CVE-2017-16649 CVE-2017-15115 CVE-2016-5195 |
| CWE-ID | CWE-399 CWE-362 CWE-476 CWE-20 CWE-125 CWE-200 CWE-369 CWE-416 |
| Exploitation vector | Local |
| Public exploit |
Public exploit code for vulnerability #2 is available. Vulnerability #12 is being exploited in the wild. |
| Vulnerable software |
Amazon Linux AMI Operating systems & Components / Operating system |
| Vendor | Amazon Web Services |
Security Bulletin
This security bulletin contains information about 11 vulnerabilities.
1) Resource management error
EUVDB-ID: #VU9655
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2017-1000407
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service attack.
The vulnerability exists due to the possibility of flooding the diagnostic port 0x80. A local user can trigger an exception and cause a kernel panic.
Update the affected packages.
i686:Vulnerable software versions
perf-4.9.70-22.55.amzn1.i686
kernel-4.9.70-22.55.amzn1.i686
kernel-debuginfo-common-i686-4.9.70-22.55.amzn1.i686
kernel-debuginfo-4.9.70-22.55.amzn1.i686
perf-debuginfo-4.9.70-22.55.amzn1.i686
kernel-tools-devel-4.9.70-22.55.amzn1.i686
kernel-headers-4.9.70-22.55.amzn1.i686
kernel-tools-4.9.70-22.55.amzn1.i686
kernel-devel-4.9.70-22.55.amzn1.i686
kernel-tools-debuginfo-4.9.70-22.55.amzn1.i686
noarch:
kernel-doc-4.9.70-22.55.amzn1.noarch
src:
kernel-4.9.70-22.55.amzn1.src
x86_64:
kernel-tools-4.9.70-22.55.amzn1.x86_64
kernel-devel-4.9.70-22.55.amzn1.x86_64
kernel-headers-4.9.70-22.55.amzn1.x86_64
kernel-4.9.70-22.55.amzn1.x86_64
perf-4.9.70-22.55.amzn1.x86_64
kernel-tools-devel-4.9.70-22.55.amzn1.x86_64
kernel-tools-debuginfo-4.9.70-22.55.amzn1.x86_64
kernel-debuginfo-common-x86_64-4.9.70-22.55.amzn1.x86_64
perf-debuginfo-4.9.70-22.55.amzn1.x86_64
kernel-debuginfo-4.9.70-22.55.amzn1.x86_64
Amazon Linux AMI: All versions
CPE2.3 External linkshttps://alas.aws.amazon.com/ALAS-2017-937.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Race condition
EUVDB-ID: #VU9520
Risk: Low
CVSSv4.0: 5.4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear]
CVE-ID: CVE-2017-1000405
Exploit availability: Yes
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a race condition within touch_pmd() function in mmhugemem.c file when handling THPs. A local user can read read-only huge pages using the get_user_pages() function and overwrite arbitrary huge pages and files mapped via THP.
Successful exploitation of the vulnerability may allow an attacker to perform a denial of service (DoS) attack.
This vulnerability is a result of patch against a another privilege escalation vulnerability in Linux kernel known as Dirty Cow (CVE-2016-5195).
Update the affected packages.
i686:Vulnerable software versions
perf-4.9.70-22.55.amzn1.i686
kernel-4.9.70-22.55.amzn1.i686
kernel-debuginfo-common-i686-4.9.70-22.55.amzn1.i686
kernel-debuginfo-4.9.70-22.55.amzn1.i686
perf-debuginfo-4.9.70-22.55.amzn1.i686
kernel-tools-devel-4.9.70-22.55.amzn1.i686
kernel-headers-4.9.70-22.55.amzn1.i686
kernel-tools-4.9.70-22.55.amzn1.i686
kernel-devel-4.9.70-22.55.amzn1.i686
kernel-tools-debuginfo-4.9.70-22.55.amzn1.i686
noarch:
kernel-doc-4.9.70-22.55.amzn1.noarch
src:
kernel-4.9.70-22.55.amzn1.src
x86_64:
kernel-tools-4.9.70-22.55.amzn1.x86_64
kernel-devel-4.9.70-22.55.amzn1.x86_64
kernel-headers-4.9.70-22.55.amzn1.x86_64
kernel-4.9.70-22.55.amzn1.x86_64
perf-4.9.70-22.55.amzn1.x86_64
kernel-tools-devel-4.9.70-22.55.amzn1.x86_64
kernel-tools-debuginfo-4.9.70-22.55.amzn1.x86_64
kernel-debuginfo-common-x86_64-4.9.70-22.55.amzn1.x86_64
perf-debuginfo-4.9.70-22.55.amzn1.x86_64
kernel-debuginfo-4.9.70-22.55.amzn1.x86_64
Amazon Linux AMI: All versions
CPE2.3 External linkshttps://alas.aws.amazon.com/ALAS-2017-937.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
3) Null pointer dereference
EUVDB-ID: #VU9759
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2017-16647
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to cause DoS condition on the target system.
The weakness exists due to an error in drivers/net/usb/asix_devices.c in the Linux kernel. A local attacker can supply a specially crafted USB device, trigger null pointer dereference and cause the system to crash.
Successful exploitation of the vulnerability results in denial of service.
Update the affected packages.
i686:Vulnerable software versions
perf-4.9.70-22.55.amzn1.i686
kernel-4.9.70-22.55.amzn1.i686
kernel-debuginfo-common-i686-4.9.70-22.55.amzn1.i686
kernel-debuginfo-4.9.70-22.55.amzn1.i686
perf-debuginfo-4.9.70-22.55.amzn1.i686
kernel-tools-devel-4.9.70-22.55.amzn1.i686
kernel-headers-4.9.70-22.55.amzn1.i686
kernel-tools-4.9.70-22.55.amzn1.i686
kernel-devel-4.9.70-22.55.amzn1.i686
kernel-tools-debuginfo-4.9.70-22.55.amzn1.i686
noarch:
kernel-doc-4.9.70-22.55.amzn1.noarch
src:
kernel-4.9.70-22.55.amzn1.src
x86_64:
kernel-tools-4.9.70-22.55.amzn1.x86_64
kernel-devel-4.9.70-22.55.amzn1.x86_64
kernel-headers-4.9.70-22.55.amzn1.x86_64
kernel-4.9.70-22.55.amzn1.x86_64
perf-4.9.70-22.55.amzn1.x86_64
kernel-tools-devel-4.9.70-22.55.amzn1.x86_64
kernel-tools-debuginfo-4.9.70-22.55.amzn1.x86_64
kernel-debuginfo-common-x86_64-4.9.70-22.55.amzn1.x86_64
perf-debuginfo-4.9.70-22.55.amzn1.x86_64
kernel-debuginfo-4.9.70-22.55.amzn1.x86_64
Amazon Linux AMI: All versions
CPE2.3 External linkshttps://alas.aws.amazon.com/ALAS-2017-937.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Denial of service
EUVDB-ID: #VU9760
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2017-16646
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to cause DoS condition on the target system.
The weakness exists due to an error in drivers/media/usb/dvb-usb/dib0700_devices.c in the Linux kernel. A local attacker can supply a specially crafted USB device, trigger a BUG and cause the system to crash.
Successful exploitation of the vulnerability results in denial of service.
Update the affected packages.
i686:Vulnerable software versions
perf-4.9.70-22.55.amzn1.i686
kernel-4.9.70-22.55.amzn1.i686
kernel-debuginfo-common-i686-4.9.70-22.55.amzn1.i686
kernel-debuginfo-4.9.70-22.55.amzn1.i686
perf-debuginfo-4.9.70-22.55.amzn1.i686
kernel-tools-devel-4.9.70-22.55.amzn1.i686
kernel-headers-4.9.70-22.55.amzn1.i686
kernel-tools-4.9.70-22.55.amzn1.i686
kernel-devel-4.9.70-22.55.amzn1.i686
kernel-tools-debuginfo-4.9.70-22.55.amzn1.i686
noarch:
kernel-doc-4.9.70-22.55.amzn1.noarch
src:
kernel-4.9.70-22.55.amzn1.src
x86_64:
kernel-tools-4.9.70-22.55.amzn1.x86_64
kernel-devel-4.9.70-22.55.amzn1.x86_64
kernel-headers-4.9.70-22.55.amzn1.x86_64
kernel-4.9.70-22.55.amzn1.x86_64
perf-4.9.70-22.55.amzn1.x86_64
kernel-tools-devel-4.9.70-22.55.amzn1.x86_64
kernel-tools-debuginfo-4.9.70-22.55.amzn1.x86_64
kernel-debuginfo-common-x86_64-4.9.70-22.55.amzn1.x86_64
perf-debuginfo-4.9.70-22.55.amzn1.x86_64
kernel-debuginfo-4.9.70-22.55.amzn1.x86_64
Amazon Linux AMI: All versions
CPE2.3 External linkshttps://alas.aws.amazon.com/ALAS-2017-937.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Out-of-bounds read
EUVDB-ID: #VU9761
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2017-16645
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to cause DoS condition on the target system.
The weakness exists due to an error in the ims_pcu_get_cdc_union_desc function in drivers/input/misc/ims-pcu.c in the Linux kernel. A local attacker can supply a specially crafted USB device, trigger ims_pcu_parse_cdc_data out-of-bounds read and cause the system to crash.
Successful exploitation of the vulnerability results in denial of service.
Update the affected packages.
i686:Vulnerable software versions
perf-4.9.70-22.55.amzn1.i686
kernel-4.9.70-22.55.amzn1.i686
kernel-debuginfo-common-i686-4.9.70-22.55.amzn1.i686
kernel-debuginfo-4.9.70-22.55.amzn1.i686
perf-debuginfo-4.9.70-22.55.amzn1.i686
kernel-tools-devel-4.9.70-22.55.amzn1.i686
kernel-headers-4.9.70-22.55.amzn1.i686
kernel-tools-4.9.70-22.55.amzn1.i686
kernel-devel-4.9.70-22.55.amzn1.i686
kernel-tools-debuginfo-4.9.70-22.55.amzn1.i686
noarch:
kernel-doc-4.9.70-22.55.amzn1.noarch
src:
kernel-4.9.70-22.55.amzn1.src
x86_64:
kernel-tools-4.9.70-22.55.amzn1.x86_64
kernel-devel-4.9.70-22.55.amzn1.x86_64
kernel-headers-4.9.70-22.55.amzn1.x86_64
kernel-4.9.70-22.55.amzn1.x86_64
perf-4.9.70-22.55.amzn1.x86_64
kernel-tools-devel-4.9.70-22.55.amzn1.x86_64
kernel-tools-debuginfo-4.9.70-22.55.amzn1.x86_64
kernel-debuginfo-common-x86_64-4.9.70-22.55.amzn1.x86_64
perf-debuginfo-4.9.70-22.55.amzn1.x86_64
kernel-debuginfo-4.9.70-22.55.amzn1.x86_64
Amazon Linux AMI: All versions
CPE2.3 External linkshttps://alas.aws.amazon.com/ALAS-2017-937.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Out-of-bounds read
EUVDB-ID: #VU9605
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2017-16643
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to cause DoS condition on the target system.
The weakness exists due to out-of-bounds read in the parse_hid_report_descriptor function in drivers/input/tablet/gtco.c in the Linux kernel. A local attacker can use a specially crafted USB device and cause the service to crash.
Successful exploitation of the vulnerability results in denial of service.
Update the affected packages.
i686:Vulnerable software versions
perf-4.9.70-22.55.amzn1.i686
kernel-4.9.70-22.55.amzn1.i686
kernel-debuginfo-common-i686-4.9.70-22.55.amzn1.i686
kernel-debuginfo-4.9.70-22.55.amzn1.i686
perf-debuginfo-4.9.70-22.55.amzn1.i686
kernel-tools-devel-4.9.70-22.55.amzn1.i686
kernel-headers-4.9.70-22.55.amzn1.i686
kernel-tools-4.9.70-22.55.amzn1.i686
kernel-devel-4.9.70-22.55.amzn1.i686
kernel-tools-debuginfo-4.9.70-22.55.amzn1.i686
noarch:
kernel-doc-4.9.70-22.55.amzn1.noarch
src:
kernel-4.9.70-22.55.amzn1.src
x86_64:
kernel-tools-4.9.70-22.55.amzn1.x86_64
kernel-devel-4.9.70-22.55.amzn1.x86_64
kernel-headers-4.9.70-22.55.amzn1.x86_64
kernel-4.9.70-22.55.amzn1.x86_64
perf-4.9.70-22.55.amzn1.x86_64
kernel-tools-devel-4.9.70-22.55.amzn1.x86_64
kernel-tools-debuginfo-4.9.70-22.55.amzn1.x86_64
kernel-debuginfo-common-x86_64-4.9.70-22.55.amzn1.x86_64
perf-debuginfo-4.9.70-22.55.amzn1.x86_64
kernel-debuginfo-4.9.70-22.55.amzn1.x86_64
Amazon Linux AMI: All versions
CPE2.3 External linkshttps://alas.aws.amazon.com/ALAS-2017-937.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Information disclosure
EUVDB-ID: #VU9765
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2017-16994
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to obtain potentially sensitive information on the target system.
The weakness exists due to the walk_hugetlb_range function in mm/pagewalk.c in the Linux kernel mishandles holes in hugetlb ranges. A local attacker can make specially crafted mincore() system call and obtain sensitive information from uninitialized kernel memory.
Update the affected packages.
i686:Vulnerable software versions
perf-4.9.70-22.55.amzn1.i686
kernel-4.9.70-22.55.amzn1.i686
kernel-debuginfo-common-i686-4.9.70-22.55.amzn1.i686
kernel-debuginfo-4.9.70-22.55.amzn1.i686
perf-debuginfo-4.9.70-22.55.amzn1.i686
kernel-tools-devel-4.9.70-22.55.amzn1.i686
kernel-headers-4.9.70-22.55.amzn1.i686
kernel-tools-4.9.70-22.55.amzn1.i686
kernel-devel-4.9.70-22.55.amzn1.i686
kernel-tools-debuginfo-4.9.70-22.55.amzn1.i686
noarch:
kernel-doc-4.9.70-22.55.amzn1.noarch
src:
kernel-4.9.70-22.55.amzn1.src
x86_64:
kernel-tools-4.9.70-22.55.amzn1.x86_64
kernel-devel-4.9.70-22.55.amzn1.x86_64
kernel-headers-4.9.70-22.55.amzn1.x86_64
kernel-4.9.70-22.55.amzn1.x86_64
perf-4.9.70-22.55.amzn1.x86_64
kernel-tools-devel-4.9.70-22.55.amzn1.x86_64
kernel-tools-debuginfo-4.9.70-22.55.amzn1.x86_64
kernel-debuginfo-common-x86_64-4.9.70-22.55.amzn1.x86_64
perf-debuginfo-4.9.70-22.55.amzn1.x86_64
kernel-debuginfo-4.9.70-22.55.amzn1.x86_64
Amazon Linux AMI: All versions
CPE2.3 External linkshttps://alas.aws.amazon.com/ALAS-2017-937.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Divide by zero
EUVDB-ID: #VU9762
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2017-16650
CWE-ID:
CWE-369 - Divide By Zero
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to cause DoS condition on the target system.
The weakness exists due to an error in the qmi_wwan_bind function in drivers/net/usb/qmi_wwan.c in the Linux kernel. A local attacker can supply a specially crafted USB device, trigger divide-by-zero error and cause the system to crash.
Successful exploitation of the vulnerability results in denial of service.
Update the affected packages.
i686:Vulnerable software versions
perf-4.9.70-22.55.amzn1.i686
kernel-4.9.70-22.55.amzn1.i686
kernel-debuginfo-common-i686-4.9.70-22.55.amzn1.i686
kernel-debuginfo-4.9.70-22.55.amzn1.i686
perf-debuginfo-4.9.70-22.55.amzn1.i686
kernel-tools-devel-4.9.70-22.55.amzn1.i686
kernel-headers-4.9.70-22.55.amzn1.i686
kernel-tools-4.9.70-22.55.amzn1.i686
kernel-devel-4.9.70-22.55.amzn1.i686
kernel-tools-debuginfo-4.9.70-22.55.amzn1.i686
noarch:
kernel-doc-4.9.70-22.55.amzn1.noarch
src:
kernel-4.9.70-22.55.amzn1.src
x86_64:
kernel-tools-4.9.70-22.55.amzn1.x86_64
kernel-devel-4.9.70-22.55.amzn1.x86_64
kernel-headers-4.9.70-22.55.amzn1.x86_64
kernel-4.9.70-22.55.amzn1.x86_64
perf-4.9.70-22.55.amzn1.x86_64
kernel-tools-devel-4.9.70-22.55.amzn1.x86_64
kernel-tools-debuginfo-4.9.70-22.55.amzn1.x86_64
kernel-debuginfo-common-x86_64-4.9.70-22.55.amzn1.x86_64
perf-debuginfo-4.9.70-22.55.amzn1.x86_64
kernel-debuginfo-4.9.70-22.55.amzn1.x86_64
Amazon Linux AMI: All versions
CPE2.3 External linkshttps://alas.aws.amazon.com/ALAS-2017-937.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Divide by zero
EUVDB-ID: #VU9763
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2017-16649
CWE-ID:
CWE-369 - Divide By Zero
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to cause DoS condition on the target system.
The weakness exists due to an error in the qmi_wwan_bind function in drivers/net/usb/qmi_wwan.c in the Linux kernel. A local attacker can supply a specially crafted USB device, trigger divide-by-zero error and cause the system to crash.
Successful exploitation of the vulnerability results in denial of service.
Update the affected packages.
i686:Vulnerable software versions
perf-4.9.70-22.55.amzn1.i686
kernel-4.9.70-22.55.amzn1.i686
kernel-debuginfo-common-i686-4.9.70-22.55.amzn1.i686
kernel-debuginfo-4.9.70-22.55.amzn1.i686
perf-debuginfo-4.9.70-22.55.amzn1.i686
kernel-tools-devel-4.9.70-22.55.amzn1.i686
kernel-headers-4.9.70-22.55.amzn1.i686
kernel-tools-4.9.70-22.55.amzn1.i686
kernel-devel-4.9.70-22.55.amzn1.i686
kernel-tools-debuginfo-4.9.70-22.55.amzn1.i686
noarch:
kernel-doc-4.9.70-22.55.amzn1.noarch
src:
kernel-4.9.70-22.55.amzn1.src
x86_64:
kernel-tools-4.9.70-22.55.amzn1.x86_64
kernel-devel-4.9.70-22.55.amzn1.x86_64
kernel-headers-4.9.70-22.55.amzn1.x86_64
kernel-4.9.70-22.55.amzn1.x86_64
perf-4.9.70-22.55.amzn1.x86_64
kernel-tools-devel-4.9.70-22.55.amzn1.x86_64
kernel-tools-debuginfo-4.9.70-22.55.amzn1.x86_64
kernel-debuginfo-common-x86_64-4.9.70-22.55.amzn1.x86_64
perf-debuginfo-4.9.70-22.55.amzn1.x86_64
kernel-debuginfo-4.9.70-22.55.amzn1.x86_64
Amazon Linux AMI: All versions
CPE2.3 External linkshttps://alas.aws.amazon.com/ALAS-2017-937.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Use-after-free error
EUVDB-ID: #VU9764
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2017-15115
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to cause DoS condition on the target system.
The weakness exists due to the sctp_do_peeloff function in net/sctp/socket.c in the Linux kernel does not check whether the intended netns is used in a peel-off action. A local attacker can make specially crafted system calls, trigger use-after-free error and cause the system to crash.
Successful exploitation of the vulnerability results in denial of service.
Update the affected packages.
i686:Vulnerable software versions
perf-4.9.70-22.55.amzn1.i686
kernel-4.9.70-22.55.amzn1.i686
kernel-debuginfo-common-i686-4.9.70-22.55.amzn1.i686
kernel-debuginfo-4.9.70-22.55.amzn1.i686
perf-debuginfo-4.9.70-22.55.amzn1.i686
kernel-tools-devel-4.9.70-22.55.amzn1.i686
kernel-headers-4.9.70-22.55.amzn1.i686
kernel-tools-4.9.70-22.55.amzn1.i686
kernel-devel-4.9.70-22.55.amzn1.i686
kernel-tools-debuginfo-4.9.70-22.55.amzn1.i686
noarch:
kernel-doc-4.9.70-22.55.amzn1.noarch
src:
kernel-4.9.70-22.55.amzn1.src
x86_64:
kernel-tools-4.9.70-22.55.amzn1.x86_64
kernel-devel-4.9.70-22.55.amzn1.x86_64
kernel-headers-4.9.70-22.55.amzn1.x86_64
kernel-4.9.70-22.55.amzn1.x86_64
perf-4.9.70-22.55.amzn1.x86_64
kernel-tools-devel-4.9.70-22.55.amzn1.x86_64
kernel-tools-debuginfo-4.9.70-22.55.amzn1.x86_64
kernel-debuginfo-common-x86_64-4.9.70-22.55.amzn1.x86_64
perf-debuginfo-4.9.70-22.55.amzn1.x86_64
kernel-debuginfo-4.9.70-22.55.amzn1.x86_64
Amazon Linux AMI: All versions
CPE2.3 External linkshttps://alas.aws.amazon.com/ALAS-2017-937.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Privilege escalation
EUVDB-ID: #VU1039
Risk: Medium
CVSSv4.0: 8.5 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Green]
CVE-ID: CVE-2016-5195
Exploit availability: Yes
DescriptionThe vulnerability allows a local user to obtain elevated privileges on the target system.
The weakness is due to race condition in the kernel memory subsystem in the management of copy-on-write operations on read-only memory mappings that lets attackers to overwrite kernel memory and gain kernel-level privileges.
Successful exploitation of the vulnerability results in gaining of root privileges on the vulnerable system.
Note: the vulnerability was being actively exploited.
Update the affected packages.
i686:Vulnerable software versions
perf-4.9.70-22.55.amzn1.i686
kernel-4.9.70-22.55.amzn1.i686
kernel-debuginfo-common-i686-4.9.70-22.55.amzn1.i686
kernel-debuginfo-4.9.70-22.55.amzn1.i686
perf-debuginfo-4.9.70-22.55.amzn1.i686
kernel-tools-devel-4.9.70-22.55.amzn1.i686
kernel-headers-4.9.70-22.55.amzn1.i686
kernel-tools-4.9.70-22.55.amzn1.i686
kernel-devel-4.9.70-22.55.amzn1.i686
kernel-tools-debuginfo-4.9.70-22.55.amzn1.i686
noarch:
kernel-doc-4.9.70-22.55.amzn1.noarch
src:
kernel-4.9.70-22.55.amzn1.src
x86_64:
kernel-tools-4.9.70-22.55.amzn1.x86_64
kernel-devel-4.9.70-22.55.amzn1.x86_64
kernel-headers-4.9.70-22.55.amzn1.x86_64
kernel-4.9.70-22.55.amzn1.x86_64
perf-4.9.70-22.55.amzn1.x86_64
kernel-tools-devel-4.9.70-22.55.amzn1.x86_64
kernel-tools-debuginfo-4.9.70-22.55.amzn1.x86_64
kernel-debuginfo-common-x86_64-4.9.70-22.55.amzn1.x86_64
perf-debuginfo-4.9.70-22.55.amzn1.x86_64
kernel-debuginfo-4.9.70-22.55.amzn1.x86_64
Amazon Linux AMI: All versions
CPE2.3 External linkshttps://alas.aws.amazon.com/ALAS-2017-937.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.
