Amazon Linux AMI update for kernel



Risk Medium
Patch available YES
Number of vulnerabilities 11
CVE-ID CVE-2020-14351
CVE-2020-25656
CVE-2020-25668
CVE-2020-25669
CVE-2020-25704
CVE-2020-27673
CVE-2020-27675
CVE-2020-27777
CVE-2020-28941
CVE-2020-28974
CVE-2020-8694
CWE-ID CWE-416
CWE-401
CWE-20
CWE-476
CWE-862
CWE-763
CWE-125
CWE-284
Exploitation vector Local
Public exploit N/A
Vulnerable software
Amazon Linux AMI
Operating systems & Components / Operating system

kernel
Operating systems & Components / Operating system package or component

Vendor Amazon Web Services

Security Bulletin

This security bulletin contains information about 11 vulnerabilities.

1) Use-after-free

EUVDB-ID: #VU51544

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2020-14351

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the perf subsystem. A local user with permission to monitor perf events cam corrupt memory and execute arbitrary code with elevated privileges.


Mitigation

Update the affected packages:

i686:
    kernel-debuginfo-common-i686-4.14.209-117.337.amzn1.i686
    kernel-tools-devel-4.14.209-117.337.amzn1.i686
    kernel-headers-4.14.209-117.337.amzn1.i686
    kernel-tools-4.14.209-117.337.amzn1.i686
    perf-4.14.209-117.337.amzn1.i686
    kernel-devel-4.14.209-117.337.amzn1.i686
    kernel-tools-debuginfo-4.14.209-117.337.amzn1.i686
    kernel-debuginfo-4.14.209-117.337.amzn1.i686
    perf-debuginfo-4.14.209-117.337.amzn1.i686
    kernel-4.14.209-117.337.amzn1.i686

src:
    kernel-4.14.209-117.337.amzn1.src

x86_64:
    kernel-4.14.209-117.337.amzn1.x86_64
    kernel-tools-devel-4.14.209-117.337.amzn1.x86_64
    kernel-debuginfo-common-x86_64-4.14.209-117.337.amzn1.x86_64
    kernel-debuginfo-4.14.209-117.337.amzn1.x86_64
    kernel-tools-4.14.209-117.337.amzn1.x86_64
    kernel-headers-4.14.209-117.337.amzn1.x86_64
    perf-debuginfo-4.14.209-117.337.amzn1.x86_64
    kernel-devel-4.14.209-117.337.amzn1.x86_64
    kernel-tools-debuginfo-4.14.209-117.337.amzn1.x86_64
    perf-4.14.209-117.337.amzn1.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 4.14.209-117.337

CPE2.3 External links

https://alas.aws.amazon.com/ALAS-2021-1461.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Use-after-free

EUVDB-ID: #VU51547

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2020-25656

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to a use-after-free error in the way the console subsystem uses KDGKBSENT and KDSKBSENT IOCTLs. A local user can run a specially crafted program to trigger an out-of-bounds read and gain access to sensitive information.


Mitigation

Update the affected packages:

i686:
    kernel-debuginfo-common-i686-4.14.209-117.337.amzn1.i686
    kernel-tools-devel-4.14.209-117.337.amzn1.i686
    kernel-headers-4.14.209-117.337.amzn1.i686
    kernel-tools-4.14.209-117.337.amzn1.i686
    perf-4.14.209-117.337.amzn1.i686
    kernel-devel-4.14.209-117.337.amzn1.i686
    kernel-tools-debuginfo-4.14.209-117.337.amzn1.i686
    kernel-debuginfo-4.14.209-117.337.amzn1.i686
    perf-debuginfo-4.14.209-117.337.amzn1.i686
    kernel-4.14.209-117.337.amzn1.i686

src:
    kernel-4.14.209-117.337.amzn1.src

x86_64:
    kernel-4.14.209-117.337.amzn1.x86_64
    kernel-tools-devel-4.14.209-117.337.amzn1.x86_64
    kernel-debuginfo-common-x86_64-4.14.209-117.337.amzn1.x86_64
    kernel-debuginfo-4.14.209-117.337.amzn1.x86_64
    kernel-tools-4.14.209-117.337.amzn1.x86_64
    kernel-headers-4.14.209-117.337.amzn1.x86_64
    perf-debuginfo-4.14.209-117.337.amzn1.x86_64
    kernel-devel-4.14.209-117.337.amzn1.x86_64
    kernel-tools-debuginfo-4.14.209-117.337.amzn1.x86_64
    perf-4.14.209-117.337.amzn1.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 4.14.209-117.337

CPE2.3 External links

https://alas.aws.amazon.com/ALAS-2021-1461.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Use-after-free

EUVDB-ID: #VU83431

Risk: Low

CVSSv4.0: 4.4 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2020-25668

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local authenticated user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the con_font_op. A local authenticated user can trigger a use-after-free error and escalate privileges on the system.

Mitigation

Update the affected packages:

i686:
    kernel-debuginfo-common-i686-4.14.209-117.337.amzn1.i686
    kernel-tools-devel-4.14.209-117.337.amzn1.i686
    kernel-headers-4.14.209-117.337.amzn1.i686
    kernel-tools-4.14.209-117.337.amzn1.i686
    perf-4.14.209-117.337.amzn1.i686
    kernel-devel-4.14.209-117.337.amzn1.i686
    kernel-tools-debuginfo-4.14.209-117.337.amzn1.i686
    kernel-debuginfo-4.14.209-117.337.amzn1.i686
    perf-debuginfo-4.14.209-117.337.amzn1.i686
    kernel-4.14.209-117.337.amzn1.i686

src:
    kernel-4.14.209-117.337.amzn1.src

x86_64:
    kernel-4.14.209-117.337.amzn1.x86_64
    kernel-tools-devel-4.14.209-117.337.amzn1.x86_64
    kernel-debuginfo-common-x86_64-4.14.209-117.337.amzn1.x86_64
    kernel-debuginfo-4.14.209-117.337.amzn1.x86_64
    kernel-tools-4.14.209-117.337.amzn1.x86_64
    kernel-headers-4.14.209-117.337.amzn1.x86_64
    perf-debuginfo-4.14.209-117.337.amzn1.x86_64
    kernel-devel-4.14.209-117.337.amzn1.x86_64
    kernel-tools-debuginfo-4.14.209-117.337.amzn1.x86_64
    perf-4.14.209-117.337.amzn1.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 4.14.209-117.337

CPE2.3 External links

https://alas.aws.amazon.com/ALAS-2021-1461.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Use after free

EUVDB-ID: #VU92762

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2020-25669

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

A vulnerability was found in the Linux Kernel where the function sunkbd_reinit having been scheduled by sunkbd_interrupt before sunkbd being freed. Though the dangling pointer is set to NULL in sunkbd_disconnect, there is still an alias in sunkbd_reinit causing Use After Free.

Mitigation

Update the affected packages:

i686:
    kernel-debuginfo-common-i686-4.14.209-117.337.amzn1.i686
    kernel-tools-devel-4.14.209-117.337.amzn1.i686
    kernel-headers-4.14.209-117.337.amzn1.i686
    kernel-tools-4.14.209-117.337.amzn1.i686
    perf-4.14.209-117.337.amzn1.i686
    kernel-devel-4.14.209-117.337.amzn1.i686
    kernel-tools-debuginfo-4.14.209-117.337.amzn1.i686
    kernel-debuginfo-4.14.209-117.337.amzn1.i686
    perf-debuginfo-4.14.209-117.337.amzn1.i686
    kernel-4.14.209-117.337.amzn1.i686

src:
    kernel-4.14.209-117.337.amzn1.src

x86_64:
    kernel-4.14.209-117.337.amzn1.x86_64
    kernel-tools-devel-4.14.209-117.337.amzn1.x86_64
    kernel-debuginfo-common-x86_64-4.14.209-117.337.amzn1.x86_64
    kernel-debuginfo-4.14.209-117.337.amzn1.x86_64
    kernel-tools-4.14.209-117.337.amzn1.x86_64
    kernel-headers-4.14.209-117.337.amzn1.x86_64
    perf-debuginfo-4.14.209-117.337.amzn1.x86_64
    kernel-devel-4.14.209-117.337.amzn1.x86_64
    kernel-tools-debuginfo-4.14.209-117.337.amzn1.x86_64
    perf-4.14.209-117.337.amzn1.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 4.14.209-117.337

CPE2.3 External links

https://alas.aws.amazon.com/ALAS-2021-1461.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Memory leak

EUVDB-ID: #VU55258

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2020-25704

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the Linux kernel performance monitoring subsystem when using PERF_EVENT_IOC_SET_FILTER. A local user could use this flaw to starve the resources causing denial of service.

Mitigation

Update the affected packages:

i686:
    kernel-debuginfo-common-i686-4.14.209-117.337.amzn1.i686
    kernel-tools-devel-4.14.209-117.337.amzn1.i686
    kernel-headers-4.14.209-117.337.amzn1.i686
    kernel-tools-4.14.209-117.337.amzn1.i686
    perf-4.14.209-117.337.amzn1.i686
    kernel-devel-4.14.209-117.337.amzn1.i686
    kernel-tools-debuginfo-4.14.209-117.337.amzn1.i686
    kernel-debuginfo-4.14.209-117.337.amzn1.i686
    perf-debuginfo-4.14.209-117.337.amzn1.i686
    kernel-4.14.209-117.337.amzn1.i686

src:
    kernel-4.14.209-117.337.amzn1.src

x86_64:
    kernel-4.14.209-117.337.amzn1.x86_64
    kernel-tools-devel-4.14.209-117.337.amzn1.x86_64
    kernel-debuginfo-common-x86_64-4.14.209-117.337.amzn1.x86_64
    kernel-debuginfo-4.14.209-117.337.amzn1.x86_64
    kernel-tools-4.14.209-117.337.amzn1.x86_64
    kernel-headers-4.14.209-117.337.amzn1.x86_64
    perf-debuginfo-4.14.209-117.337.amzn1.x86_64
    kernel-devel-4.14.209-117.337.amzn1.x86_64
    kernel-tools-debuginfo-4.14.209-117.337.amzn1.x86_64
    perf-4.14.209-117.337.amzn1.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 4.14.209-117.337

CPE2.3 External links

https://alas.aws.amazon.com/ALAS-2021-1461.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Input validation error

EUVDB-ID: #VU94154

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2020-27673

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the clear_linked(), consume_one_event(), __evtchn_fifo_handle_events() and evtchn_fifo_percpu_init() functions in drivers/xen/events/events_fifo.c, within the module_param(), DEFINE_RWLOCK(), enable_dynirq(), notify_remote_via_irq(), EXPORT_SYMBOL_GPL(), xen_irq_init(), xen_free_irq(), xen_send_IPI_one(), __xen_evtchn_do_upcall(), xen_setup_callback_vector(), xen_evtchn_cpu_prepare() and xen_init_IRQ() functions in drivers/xen/events/events_base.c, within the active_evtchns() and evtchn_2l_handle_events() functions in drivers/xen/events/events_2l.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected packages:

i686:
    kernel-debuginfo-common-i686-4.14.209-117.337.amzn1.i686
    kernel-tools-devel-4.14.209-117.337.amzn1.i686
    kernel-headers-4.14.209-117.337.amzn1.i686
    kernel-tools-4.14.209-117.337.amzn1.i686
    perf-4.14.209-117.337.amzn1.i686
    kernel-devel-4.14.209-117.337.amzn1.i686
    kernel-tools-debuginfo-4.14.209-117.337.amzn1.i686
    kernel-debuginfo-4.14.209-117.337.amzn1.i686
    perf-debuginfo-4.14.209-117.337.amzn1.i686
    kernel-4.14.209-117.337.amzn1.i686

src:
    kernel-4.14.209-117.337.amzn1.src

x86_64:
    kernel-4.14.209-117.337.amzn1.x86_64
    kernel-tools-devel-4.14.209-117.337.amzn1.x86_64
    kernel-debuginfo-common-x86_64-4.14.209-117.337.amzn1.x86_64
    kernel-debuginfo-4.14.209-117.337.amzn1.x86_64
    kernel-tools-4.14.209-117.337.amzn1.x86_64
    kernel-headers-4.14.209-117.337.amzn1.x86_64
    perf-debuginfo-4.14.209-117.337.amzn1.x86_64
    kernel-devel-4.14.209-117.337.amzn1.x86_64
    kernel-tools-debuginfo-4.14.209-117.337.amzn1.x86_64
    perf-4.14.209-117.337.amzn1.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 4.14.209-117.337

CPE2.3 External links

https://alas.aws.amazon.com/ALAS-2021-1461.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) NULL pointer dereference

EUVDB-ID: #VU83584

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2020-27675

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in drivers/xen/events/events_base.c. A malicious guest can trigger a dom0 crash by sending events for a paravirtualized device while simultaneously performing its reconfiguration.

Mitigation

Update the affected packages:

i686:
    kernel-debuginfo-common-i686-4.14.209-117.337.amzn1.i686
    kernel-tools-devel-4.14.209-117.337.amzn1.i686
    kernel-headers-4.14.209-117.337.amzn1.i686
    kernel-tools-4.14.209-117.337.amzn1.i686
    perf-4.14.209-117.337.amzn1.i686
    kernel-devel-4.14.209-117.337.amzn1.i686
    kernel-tools-debuginfo-4.14.209-117.337.amzn1.i686
    kernel-debuginfo-4.14.209-117.337.amzn1.i686
    perf-debuginfo-4.14.209-117.337.amzn1.i686
    kernel-4.14.209-117.337.amzn1.i686

src:
    kernel-4.14.209-117.337.amzn1.src

x86_64:
    kernel-4.14.209-117.337.amzn1.x86_64
    kernel-tools-devel-4.14.209-117.337.amzn1.x86_64
    kernel-debuginfo-common-x86_64-4.14.209-117.337.amzn1.x86_64
    kernel-debuginfo-4.14.209-117.337.amzn1.x86_64
    kernel-tools-4.14.209-117.337.amzn1.x86_64
    kernel-headers-4.14.209-117.337.amzn1.x86_64
    perf-debuginfo-4.14.209-117.337.amzn1.x86_64
    kernel-devel-4.14.209-117.337.amzn1.x86_64
    kernel-tools-debuginfo-4.14.209-117.337.amzn1.x86_64
    perf-4.14.209-117.337.amzn1.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 4.14.209-117.337

CPE2.3 External links

https://alas.aws.amazon.com/ALAS-2021-1461.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Missing Authorization

EUVDB-ID: #VU56242

Risk: Low

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2020-27777

CWE-ID: CWE-862 - Missing Authorization

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to the way RTAS handles memory accesses in userspace to kernel communication. On a locked down (usually due to Secure Boot) guest system running on top of PowerVM or KVM hypervisors (pseries platform) a root like user could use this flaw to further increase their privileges to that of a running kernel.

Mitigation

Update the affected packages:

i686:
    kernel-debuginfo-common-i686-4.14.209-117.337.amzn1.i686
    kernel-tools-devel-4.14.209-117.337.amzn1.i686
    kernel-headers-4.14.209-117.337.amzn1.i686
    kernel-tools-4.14.209-117.337.amzn1.i686
    perf-4.14.209-117.337.amzn1.i686
    kernel-devel-4.14.209-117.337.amzn1.i686
    kernel-tools-debuginfo-4.14.209-117.337.amzn1.i686
    kernel-debuginfo-4.14.209-117.337.amzn1.i686
    perf-debuginfo-4.14.209-117.337.amzn1.i686
    kernel-4.14.209-117.337.amzn1.i686

src:
    kernel-4.14.209-117.337.amzn1.src

x86_64:
    kernel-4.14.209-117.337.amzn1.x86_64
    kernel-tools-devel-4.14.209-117.337.amzn1.x86_64
    kernel-debuginfo-common-x86_64-4.14.209-117.337.amzn1.x86_64
    kernel-debuginfo-4.14.209-117.337.amzn1.x86_64
    kernel-tools-4.14.209-117.337.amzn1.x86_64
    kernel-headers-4.14.209-117.337.amzn1.x86_64
    perf-debuginfo-4.14.209-117.337.amzn1.x86_64
    kernel-devel-4.14.209-117.337.amzn1.x86_64
    kernel-tools-debuginfo-4.14.209-117.337.amzn1.x86_64
    perf-4.14.209-117.337.amzn1.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 4.14.209-117.337

CPE2.3 External links

https://alas.aws.amazon.com/ALAS-2021-1461.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Release of invalid pointer or reference

EUVDB-ID: #VU92422

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2020-28941

CWE-ID: CWE-763 - Release of invalid pointer or reference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to release of invalid pointer or reference error within the makefile. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected packages:

i686:
    kernel-debuginfo-common-i686-4.14.209-117.337.amzn1.i686
    kernel-tools-devel-4.14.209-117.337.amzn1.i686
    kernel-headers-4.14.209-117.337.amzn1.i686
    kernel-tools-4.14.209-117.337.amzn1.i686
    perf-4.14.209-117.337.amzn1.i686
    kernel-devel-4.14.209-117.337.amzn1.i686
    kernel-tools-debuginfo-4.14.209-117.337.amzn1.i686
    kernel-debuginfo-4.14.209-117.337.amzn1.i686
    perf-debuginfo-4.14.209-117.337.amzn1.i686
    kernel-4.14.209-117.337.amzn1.i686

src:
    kernel-4.14.209-117.337.amzn1.src

x86_64:
    kernel-4.14.209-117.337.amzn1.x86_64
    kernel-tools-devel-4.14.209-117.337.amzn1.x86_64
    kernel-debuginfo-common-x86_64-4.14.209-117.337.amzn1.x86_64
    kernel-debuginfo-4.14.209-117.337.amzn1.x86_64
    kernel-tools-4.14.209-117.337.amzn1.x86_64
    kernel-headers-4.14.209-117.337.amzn1.x86_64
    perf-debuginfo-4.14.209-117.337.amzn1.x86_64
    kernel-devel-4.14.209-117.337.amzn1.x86_64
    kernel-tools-debuginfo-4.14.209-117.337.amzn1.x86_64
    perf-4.14.209-117.337.amzn1.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 4.14.209-117.337

CPE2.3 External links

https://alas.aws.amazon.com/ALAS-2021-1461.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Out-of-bounds read

EUVDB-ID: #VU90369

Risk: Medium

CVSSv4.0: 1.8 [CVSS:4.0/AV:P/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2020-28974

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local privileged user to read and manipulate data.

The vulnerability exists due to an out-of-bounds read error within the con_font_default() and con_font_op() functions in drivers/tty/vt/vt.c. A local privileged user can read and manipulate data.

Mitigation

Update the affected packages:

i686:
    kernel-debuginfo-common-i686-4.14.209-117.337.amzn1.i686
    kernel-tools-devel-4.14.209-117.337.amzn1.i686
    kernel-headers-4.14.209-117.337.amzn1.i686
    kernel-tools-4.14.209-117.337.amzn1.i686
    perf-4.14.209-117.337.amzn1.i686
    kernel-devel-4.14.209-117.337.amzn1.i686
    kernel-tools-debuginfo-4.14.209-117.337.amzn1.i686
    kernel-debuginfo-4.14.209-117.337.amzn1.i686
    perf-debuginfo-4.14.209-117.337.amzn1.i686
    kernel-4.14.209-117.337.amzn1.i686

src:
    kernel-4.14.209-117.337.amzn1.src

x86_64:
    kernel-4.14.209-117.337.amzn1.x86_64
    kernel-tools-devel-4.14.209-117.337.amzn1.x86_64
    kernel-debuginfo-common-x86_64-4.14.209-117.337.amzn1.x86_64
    kernel-debuginfo-4.14.209-117.337.amzn1.x86_64
    kernel-tools-4.14.209-117.337.amzn1.x86_64
    kernel-headers-4.14.209-117.337.amzn1.x86_64
    perf-debuginfo-4.14.209-117.337.amzn1.x86_64
    kernel-devel-4.14.209-117.337.amzn1.x86_64
    kernel-tools-debuginfo-4.14.209-117.337.amzn1.x86_64
    perf-4.14.209-117.337.amzn1.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 4.14.209-117.337

CPE2.3 External links

https://alas.aws.amazon.com/ALAS-2021-1461.html


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Improper access control

EUVDB-ID: #VU48371

Risk: Low

CVSSv4.0: 1.9 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2020-8694

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a local user to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to improper access restrictions in the Linux kernel driver. A local user can bypass implemented security restrictions and gain unauthorized access to sensitive information on the system.

Affected products:

Product Collection

Vertical Segment

CPUID

8th Generation Intel® Core™ Processor Family

Mobile

806E9

10th Generation Intel® Core™ Processor Family

Mobile

806EC

8th Generation Intel® Core™ Processor Family

Mobile

906EA

9th Generation Intel® Core™ Processor Family

Mobile

906EC

8th Generation Intel® Core™ Processor Family

Desktop

906EA

9th Generation Intel® Core™ Processor Family

Desktop

906EC

Intel® Xeon® Processor E Family

Server Workstation AMT Server

906EA

8th Generation Intel® Core™ Processor Family

Mobile

806EA

8th Generation Intel® Core™ Processor Family Intel® Pentium® Gold Processor Series Intel® Celeron® Processor G Series

Desktop

906EB

Intel® Xeon® Processor E Family

Server Workstation AMT Server

906EA

8th Generation Intel® Core™ Processor Family

Desktop

906EA

9th Generation Intel® Core™ Processor Family

Desktop

906ED

9th Generation Intel® Core™ Processor Family

Desktop

906ED

10th Generation Intel® Core™ Processor Family

Mobile

A0660

10th Generation Intel® Core™ Processor Family

Mobile

A0661

10th Generation Intel® Core™ Processor Family

Mobile

806EC

10th Generation Intel® Core™ Processor Family

Desktop

A0653

10th Generation Intel® Core™ Processor Family

Mobile

A0655

10th Generation Intel® Core™ Processor Family

Mobile

A0652

Intel® Pentium® Processor Silver Series Intel® Celeron® Processor J Series Intel® Celeron® Processor N Series

Desktop Mobile Embedded

706A1

Intel® Pentium® Processor Silver Series Intel® Celeron® Processor J Series Intel® Celeron® Processor N Series

Desktop Mobile Embedded

706A8

10th Generation Intel® Core™ Processor Family

Mobile

706E5

8th Generation Intel® Core™ Processor Family

Mobile

906E9

7th Generation Intel® Core™ Processor Family

Mobile Embedded

906E9

8th Generation Intel® Core™  Processor Family

Mobile

806EA

7th Generation Intel® Core™ Processor Family

Desktop Embedded

906E9

7th Generation Intel® Core™ Processor Family

Mobile

806E9

7th Generation Intel® Core™

Processor Family

Mobile

806E9

Intel® Core™ X-series Processors

Desktop

906E9

Intel® Xeon® Processor E3 v6 Family

Server Workstation AMT Server

906E9

7th Generation Intel® Core™ Processor Family

Mobile

806E9

6th Generation Intel® Core™ Processor Family

Mobile

506E3

6th Generation Intel® Core™ Processor Family

Desktop Embedded

506E3

6th Generation Intel® Core™ Processors

Mobile

406E3

6th Generation Intel® Core™ Processor Family

Mobile

406E3

Intel® Xeon® Processor E3 v5 Family

Server Workstation AMT Server

506E3

6th Generation Intel® Core™ Processor Family

Mobile

406E3

8th Generation Intel® Core™ Processors

Mobile

806EB

8th Generation Intel® Core™ Processors

Mobile

806EC

Mitigation

Update the affected packages:

i686:
    kernel-debuginfo-common-i686-4.14.209-117.337.amzn1.i686
    kernel-tools-devel-4.14.209-117.337.amzn1.i686
    kernel-headers-4.14.209-117.337.amzn1.i686
    kernel-tools-4.14.209-117.337.amzn1.i686
    perf-4.14.209-117.337.amzn1.i686
    kernel-devel-4.14.209-117.337.amzn1.i686
    kernel-tools-debuginfo-4.14.209-117.337.amzn1.i686
    kernel-debuginfo-4.14.209-117.337.amzn1.i686
    perf-debuginfo-4.14.209-117.337.amzn1.i686
    kernel-4.14.209-117.337.amzn1.i686

src:
    kernel-4.14.209-117.337.amzn1.src

x86_64:
    kernel-4.14.209-117.337.amzn1.x86_64
    kernel-tools-devel-4.14.209-117.337.amzn1.x86_64
    kernel-debuginfo-common-x86_64-4.14.209-117.337.amzn1.x86_64
    kernel-debuginfo-4.14.209-117.337.amzn1.x86_64
    kernel-tools-4.14.209-117.337.amzn1.x86_64
    kernel-headers-4.14.209-117.337.amzn1.x86_64
    perf-debuginfo-4.14.209-117.337.amzn1.x86_64
    kernel-devel-4.14.209-117.337.amzn1.x86_64
    kernel-tools-debuginfo-4.14.209-117.337.amzn1.x86_64
    perf-4.14.209-117.337.amzn1.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 4.14.209-117.337

CPE2.3 External links

https://alas.aws.amazon.com/ALAS-2021-1461.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###