Risk | Low |
Patch available | YES |
Number of vulnerabilities | 5 |
CVE-ID | CVE-2017-17741 CVE-2017-17448 CVE-2017-8824 CVE-2017-17712 CVE-2017-17450 |
CWE-ID | CWE-125 CWE-264 CWE-416 CWE-362 |
Exploitation vector | Local |
Public exploit | Public exploit code for vulnerability #3 is available. |
Vulnerable software |
Amazon Linux AMI Operating systems & Components / Operating system |
Vendor | Amazon Web Services |
Security Bulletin
This security bulletin contains information about 5 vulnerabilities.
EUVDB-ID: #VU9773
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2017-17741
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to cause DoS condition on the target system.
The weakness exists due to an error in the KVM implementation in the Linux kernel. A local attacker can trigger write_mmio stack-based out-of-bounds read or possibly have unspecified other impact, related to arch/x86/kvm/x86.c and include/trace/events/kvm.h and cause the system to crash.
Successful exploitation of the vulnerability results in denial of service.
Update the affected packages.
i686:Vulnerable software versions
kernel-tools-debuginfo-4.9.77-31.58.amzn1.i686
kernel-debuginfo-common-i686-4.9.77-31.58.amzn1.i686
kernel-devel-4.9.77-31.58.amzn1.i686
kernel-headers-4.9.77-31.58.amzn1.i686
kernel-4.9.77-31.58.amzn1.i686
kernel-debuginfo-4.9.77-31.58.amzn1.i686
kernel-tools-4.9.77-31.58.amzn1.i686
kernel-tools-devel-4.9.77-31.58.amzn1.i686
perf-debuginfo-4.9.77-31.58.amzn1.i686
perf-4.9.77-31.58.amzn1.i686
noarch:
kernel-doc-4.9.77-31.58.amzn1.noarch
src:
kernel-4.9.77-31.58.amzn1.src
x86_64:
perf-4.9.77-31.58.amzn1.x86_64
kernel-devel-4.9.77-31.58.amzn1.x86_64
kernel-4.9.77-31.58.amzn1.x86_64
kernel-tools-debuginfo-4.9.77-31.58.amzn1.x86_64
kernel-tools-devel-4.9.77-31.58.amzn1.x86_64
kernel-headers-4.9.77-31.58.amzn1.x86_64
kernel-tools-4.9.77-31.58.amzn1.x86_64
perf-debuginfo-4.9.77-31.58.amzn1.x86_64
kernel-debuginfo-common-x86_64-4.9.77-31.58.amzn1.x86_64
kernel-debuginfo-4.9.77-31.58.amzn1.x86_64
Amazon Linux AMI: All versions
CPE2.3 External linkshttps://alas.aws.amazon.com/ALAS-2018-944.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU9768
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2017-17448
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to bypass security restrictions on the target system.
The weakness exists due to net/netfilter/nfnetlink_cthelper.c in the Linux kernel does not require the CAP_NET_ADMIN capability for new, get, and del operations. A local attacker can bypass intended access
restrictions because the nfnl_cthelper_list data structure is shared
across all net namespaces.
Update the affected packages.
i686:Vulnerable software versions
kernel-tools-debuginfo-4.9.77-31.58.amzn1.i686
kernel-debuginfo-common-i686-4.9.77-31.58.amzn1.i686
kernel-devel-4.9.77-31.58.amzn1.i686
kernel-headers-4.9.77-31.58.amzn1.i686
kernel-4.9.77-31.58.amzn1.i686
kernel-debuginfo-4.9.77-31.58.amzn1.i686
kernel-tools-4.9.77-31.58.amzn1.i686
kernel-tools-devel-4.9.77-31.58.amzn1.i686
perf-debuginfo-4.9.77-31.58.amzn1.i686
perf-4.9.77-31.58.amzn1.i686
noarch:
kernel-doc-4.9.77-31.58.amzn1.noarch
src:
kernel-4.9.77-31.58.amzn1.src
x86_64:
perf-4.9.77-31.58.amzn1.x86_64
kernel-devel-4.9.77-31.58.amzn1.x86_64
kernel-4.9.77-31.58.amzn1.x86_64
kernel-tools-debuginfo-4.9.77-31.58.amzn1.x86_64
kernel-tools-devel-4.9.77-31.58.amzn1.x86_64
kernel-headers-4.9.77-31.58.amzn1.x86_64
kernel-tools-4.9.77-31.58.amzn1.x86_64
perf-debuginfo-4.9.77-31.58.amzn1.x86_64
kernel-debuginfo-common-x86_64-4.9.77-31.58.amzn1.x86_64
kernel-debuginfo-4.9.77-31.58.amzn1.x86_64
Amazon Linux AMI: All versions
CPE2.3 External linkshttps://alas.aws.amazon.com/ALAS-2018-944.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU9767
Risk: Low
CVSSv4.0: 7.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear]
CVE-ID: CVE-2017-8824
CWE-ID:
CWE-416 - Use After Free
Exploit availability: Yes
DescriptionThe vulnerability allows a local attacker to gain elevated privileges or cause DoS condition on the target system.
The weakness exists due to an error in the dccp_disconnect function in net/dccp/proto.c in the Linux kernel. A local attacker can make specially crafted AF_UNSPEC connect system call during the DCCP_LISTEN state, trigger use-after-free error and gain root privileges or cause the system to crash.
Update the affected packages.
i686:Vulnerable software versions
kernel-tools-debuginfo-4.9.77-31.58.amzn1.i686
kernel-debuginfo-common-i686-4.9.77-31.58.amzn1.i686
kernel-devel-4.9.77-31.58.amzn1.i686
kernel-headers-4.9.77-31.58.amzn1.i686
kernel-4.9.77-31.58.amzn1.i686
kernel-debuginfo-4.9.77-31.58.amzn1.i686
kernel-tools-4.9.77-31.58.amzn1.i686
kernel-tools-devel-4.9.77-31.58.amzn1.i686
perf-debuginfo-4.9.77-31.58.amzn1.i686
perf-4.9.77-31.58.amzn1.i686
noarch:
kernel-doc-4.9.77-31.58.amzn1.noarch
src:
kernel-4.9.77-31.58.amzn1.src
x86_64:
perf-4.9.77-31.58.amzn1.x86_64
kernel-devel-4.9.77-31.58.amzn1.x86_64
kernel-4.9.77-31.58.amzn1.x86_64
kernel-tools-debuginfo-4.9.77-31.58.amzn1.x86_64
kernel-tools-devel-4.9.77-31.58.amzn1.x86_64
kernel-headers-4.9.77-31.58.amzn1.x86_64
kernel-tools-4.9.77-31.58.amzn1.x86_64
perf-debuginfo-4.9.77-31.58.amzn1.x86_64
kernel-debuginfo-common-x86_64-4.9.77-31.58.amzn1.x86_64
kernel-debuginfo-4.9.77-31.58.amzn1.x86_64
Amazon Linux AMI: All versions
CPE2.3 External linkshttps://alas.aws.amazon.com/ALAS-2018-944.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU9772
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2017-17712
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to gain elevated privileges on the target system.
The weakness exists due to a race condition in inet->hdrincl in the raw_sendmsg() function in net/ipv4/raw.c in the Linux kernel. A local attacker can trigger uninitialized stack pointer usage and execute arbitrary code with root privileges.
Successful exploitation of the vulnerability may result in system compromise.
Update the affected packages.
i686:Vulnerable software versions
kernel-tools-debuginfo-4.9.77-31.58.amzn1.i686
kernel-debuginfo-common-i686-4.9.77-31.58.amzn1.i686
kernel-devel-4.9.77-31.58.amzn1.i686
kernel-headers-4.9.77-31.58.amzn1.i686
kernel-4.9.77-31.58.amzn1.i686
kernel-debuginfo-4.9.77-31.58.amzn1.i686
kernel-tools-4.9.77-31.58.amzn1.i686
kernel-tools-devel-4.9.77-31.58.amzn1.i686
perf-debuginfo-4.9.77-31.58.amzn1.i686
perf-4.9.77-31.58.amzn1.i686
noarch:
kernel-doc-4.9.77-31.58.amzn1.noarch
src:
kernel-4.9.77-31.58.amzn1.src
x86_64:
perf-4.9.77-31.58.amzn1.x86_64
kernel-devel-4.9.77-31.58.amzn1.x86_64
kernel-4.9.77-31.58.amzn1.x86_64
kernel-tools-debuginfo-4.9.77-31.58.amzn1.x86_64
kernel-tools-devel-4.9.77-31.58.amzn1.x86_64
kernel-headers-4.9.77-31.58.amzn1.x86_64
kernel-tools-4.9.77-31.58.amzn1.x86_64
perf-debuginfo-4.9.77-31.58.amzn1.x86_64
kernel-debuginfo-common-x86_64-4.9.77-31.58.amzn1.x86_64
kernel-debuginfo-4.9.77-31.58.amzn1.x86_64
Amazon Linux AMI: All versions
CPE2.3 External linkshttps://alas.aws.amazon.com/ALAS-2018-944.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU9770
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2017-17450
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to bypass security restrictions on the target system.
The weakness exists due to net/netfilter/xt_osf.c in the Linux kernel through does not require the CAP_NET_ADMIN capability for add_callback and remove_callback operations. A local attacker can bypass intended access restrictions because the xt_osf_fingers data structure is shared across all net namespaces.
Update the affected packages.
i686:Vulnerable software versions
kernel-tools-debuginfo-4.9.77-31.58.amzn1.i686
kernel-debuginfo-common-i686-4.9.77-31.58.amzn1.i686
kernel-devel-4.9.77-31.58.amzn1.i686
kernel-headers-4.9.77-31.58.amzn1.i686
kernel-4.9.77-31.58.amzn1.i686
kernel-debuginfo-4.9.77-31.58.amzn1.i686
kernel-tools-4.9.77-31.58.amzn1.i686
kernel-tools-devel-4.9.77-31.58.amzn1.i686
perf-debuginfo-4.9.77-31.58.amzn1.i686
perf-4.9.77-31.58.amzn1.i686
noarch:
kernel-doc-4.9.77-31.58.amzn1.noarch
src:
kernel-4.9.77-31.58.amzn1.src
x86_64:
perf-4.9.77-31.58.amzn1.x86_64
kernel-devel-4.9.77-31.58.amzn1.x86_64
kernel-4.9.77-31.58.amzn1.x86_64
kernel-tools-debuginfo-4.9.77-31.58.amzn1.x86_64
kernel-tools-devel-4.9.77-31.58.amzn1.x86_64
kernel-headers-4.9.77-31.58.amzn1.x86_64
kernel-tools-4.9.77-31.58.amzn1.x86_64
perf-debuginfo-4.9.77-31.58.amzn1.x86_64
kernel-debuginfo-common-x86_64-4.9.77-31.58.amzn1.x86_64
kernel-debuginfo-4.9.77-31.58.amzn1.x86_64
Amazon Linux AMI: All versions
CPE2.3 External linkshttps://alas.aws.amazon.com/ALAS-2018-944.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.