Amazon Linux AMI update for kernel



Published: 2024-08-06 | Updated: 2024-08-21
Risk High
Patch available YES
Number of vulnerabilities 114
CVE-ID CVE-2021-26341
CVE-2021-26401
CVE-2022-0001
CVE-2022-0002
CVE-2022-0171
CVE-2022-0185
CVE-2022-0492
CVE-2022-0494
CVE-2022-0500
CVE-2022-0742
CVE-2022-0847
CVE-2022-0854
CVE-2022-1015
CVE-2022-1016
CVE-2022-1055
CVE-2022-1158
CVE-2022-1184
CVE-2022-1199
CVE-2022-1263
CVE-2022-1353
CVE-2022-1462
CVE-2022-1679
CVE-2022-1729
CVE-2022-1789
CVE-2022-1852
CVE-2022-1966
CVE-2022-1972
CVE-2022-1973
CVE-2022-2078
CVE-2022-21123
CVE-2022-21125
CVE-2022-21166
CVE-2022-21505
CVE-2022-23222
CVE-2022-23816
CVE-2022-23825
CVE-2022-23960
CVE-2022-24958
CVE-2022-25636
CVE-2022-2585
CVE-2022-2586
CVE-2022-2588
CVE-2022-2602
CVE-2022-26365
CVE-2022-26373
CVE-2022-2663
CVE-2022-27223
CVE-2022-28693
CVE-2022-28893
CVE-2022-2905
CVE-2022-29156
CVE-2022-29581
CVE-2022-29582
CVE-2022-29900
CVE-2022-29901
CVE-2022-3028
CVE-2022-30594
CVE-2022-3061
CVE-2022-3176
CVE-2022-32250
CVE-2022-32981
CVE-2022-3303
CVE-2022-33740
CVE-2022-33741
CVE-2022-33742
CVE-2022-33743
CVE-2022-3435
CVE-2022-34494
CVE-2022-34495
CVE-2022-34918
CVE-2022-3522
CVE-2022-3523
CVE-2022-3524
CVE-2022-3534
CVE-2022-3543
CVE-2022-3566
CVE-2022-3567
CVE-2022-3606
CVE-2022-36123
CVE-2022-3623
CVE-2022-3643
CVE-2022-36879
CVE-2022-36946
CVE-2022-39188
CVE-2022-39189
CVE-2022-39190
CVE-2022-39842
CVE-2022-40307
CVE-2022-4139
CVE-2022-42328
CVE-2022-42329
CVE-2022-43750
CVE-2022-4378
CVE-2022-4379
CVE-2022-43945
CVE-2022-45869
CVE-2022-4842
CVE-2022-48619
CVE-2023-0179
CVE-2023-0394
CVE-2023-0459
CVE-2023-0461
CVE-2023-0469
CVE-2023-0590
CVE-2023-1637
CVE-2023-2019
CVE-2023-2177
CVE-2023-26544
CVE-2023-3111
CVE-2023-3357
CVE-2023-4387
CVE-2023-4459
CVE-2024-0562
CVE-2021-22543
CWE-ID CWE-668
CWE-200
CWE-459
CWE-190
CWE-264
CWE-787
CWE-401
CWE-908
CWE-416
CWE-476
CWE-125
CWE-362
CWE-119
CWE-254
CWE-843
CWE-1037
CWE-763
CWE-122
CWE-399
CWE-415
CWE-20
CWE-129
CWE-911
CWE-276
CWE-369
CWE-121
CWE-1342
Exploitation vector Network
Public exploit Vulnerability #6 is being exploited in the wild.
Public exploit code for vulnerability #7 is available.
Vulnerability #11 is being exploited in the wild.
Public exploit code for vulnerability #13 is available.
Public exploit code for vulnerability #26 is available.
Public exploit code for vulnerability #27 is available.
Public exploit code for vulnerability #29 is available.
Public exploit code for vulnerability #34 is available.
Public exploit code for vulnerability #39 is available.
Public exploit code for vulnerability #40 is available.
Vulnerability #41 is being exploited in the wild.
Vulnerability #42 is being exploited in the wild.
Public exploit code for vulnerability #43 is available.
Public exploit code for vulnerability #60 is available.
Vulnerability #70 is being exploited in the wild.
Public exploit code for vulnerability #83 is available.
Public exploit code for vulnerability #93 is available.
Public exploit code for vulnerability #99 is available.
Public exploit code for vulnerability #114 is available.
Vulnerable software
Subscribe 		Amazon Linux AMI
Operating systems & Components / Operating system

kernel
Operating systems & Components / Operating system package or component

Vendor Amazon Web Services

Security Bulletin

This security bulletin contains information about 114 vulnerabilities.

1) Exposure of Resource to Wrong Sphere

EUVDB-ID: #VU61565

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-26341

CWE-ID: CWE-668 - Exposure of resource to wrong sphere

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to some AMD CPUs may transiently execute beyond unconditional direct branches. A local user can gain unauthorized access to sensitive information on the system.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Information disclosure

EUVDB-ID: #VU61566

Risk: Low

CVSSv3.1: 4.9 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-26401

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output by the application within LFENCE/JMP. A local user can gain unauthorized access to sensitive information on the system.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Information disclosure

EUVDB-ID: #VU61198

Risk: Low

CVSSv3.1: 4.1 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-0001

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to non-transparent sharing of branch predictor selectors between contexts. A local user can gain unauthorized access to sensitive information on the system.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Information disclosure

EUVDB-ID: #VU61199

Risk: Low

CVSSv3.1: 4.1 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-0002

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to non-transparent sharing of branch predictor within a context. A local user can gain unauthorized access to sensitive information on the system.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Incomplete cleanup

EUVDB-ID: #VU68515

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-0171

CWE-ID: CWE-459 - Incomplete cleanup

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to incomplete cleanup in KVM SEV API. A local non-root (host) user-level application can crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization (SEV).

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Integer overflow

EUVDB-ID: #VU59695

Risk: Low

CVSSv3.1: 8.4 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:H/RL:O/RC:C]

CVE-ID: CVE-2022-0185

CWE-ID: CWE-190 - Integer overflow

Exploit availability: Yes

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to integer overflow in the legacy_parse_param() function in fs/fs_context.c in Linux kernel. A local user can tun a specially crafted program to trigger integer overflow and execute arbitrary code with root privileges.


Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.

7) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU61245

Risk: Low

CVSSv3.1: 7.2 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C]

CVE-ID: CVE-2022-0492

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: Yes

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a logic error within the cgroup_release_agent_write() function in  kernel/cgroup/cgroup-v1.c. A local user can use the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, a fully functional exploit for this vulnerability is available.

8) Information disclosure

EUVDB-ID: #VU64259

Risk: Low

CVSSv3.1: 3.9 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-0494

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output in the scsi_ioctl() function in drivers/scsi/scsi_ioctl.c in the Linux kernel. A local user with a special user privilege (CAP_SYS_ADMIN or CAP_SYS_RAWIO) can gain unauthorized access to sensitive information on the system.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Out-of-bounds write

EUVDB-ID: #VU65298

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-0500

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error in unrestricted eBPF usage by the BPF_BTF_LOAD in Linux kernel. A local user can trigger an out-of-bounds write error in BPF subsystem and execute arbitrary code with elevated privileges.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Memory leak

EUVDB-ID: #VU61392

Risk: High

CVSSv3.1: 7.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-0742

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform DoS attack on the target system.

The vulnerability exists due memory leak within igmp6_event_query() and igmp6_event_report() functions in Linux kernel when handling ICMPv6 packets. A remote attacker can flood the system with ICMPv6 messages of type 130 and 131 to cause out-of-memory condition and perform a denial of service (DoS) attack.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Use of uninitialized resource

EUVDB-ID: #VU61110

Risk: Low

CVSSv3.1: 8.4 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:H/RL:O/RC:C]

CVE-ID: CVE-2022-0847

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: Yes

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to usage of an uninitialized resources. A local user can overwrite arbitrary file in the page cache, even if the file is read-only, and execute arbitrary code on the system with elevated privileges.

The vulnerability was dubbed Dirty Pipe.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.

12) Memory leak

EUVDB-ID: #VU63427

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-0854

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due memory leak in the Linux kernel’s DMA subsystem when processing DMA_FROM_DEVICE calls. A local user can trigger a memory leak error and read random memory from the kernel space.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Out-of-bounds write

EUVDB-ID: #VU62027

Risk: Low

CVSSv3.1: 7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2022-1015

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: Yes

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the nft_validate_register_store and nft_validate_register_load in linux/net/netfilter/nf_tables_api.c of the netfilter subsystem. A local user can escalate privileges on the system.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

14) Use-after-free

EUVDB-ID: #VU62028

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-1016

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to a use-after-free error in net/netfilter/nf_tables_core.c:nft_do_chain in Linux kernel.. A local user can trigger a use-after-free error and gain access to sensitive information.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Use-after-free

EUVDB-ID: #VU61765

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-1055

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the tc_new_tfilter in Linux kernel. A local user can run a specially crafted program to trigger a use-after-free error and execute arbitrary code with elevated privileges.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Out-of-bounds write

EUVDB-ID: #VU63166

Risk: Medium

CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-1158

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a remote user to perform a denial of service (DoS) attack.

The vulnerability exists due the KVM implementation in Linux kernel does not properly perform guest page table updates in some situations. A remote user on the guest operating system can trigger memory corruption and perform a denial of service attack against the host OS.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Use-after-free

EUVDB-ID: #VU64438

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-1184

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service attack.

The vulnerability exists due to a use-after-free error in fs/ext4/namei.c:dx_insert_block() function in the Linux kernel’s filesystem sub-component.. A local user can trigger use-after-free and perform a denial of service attack.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) NULL pointer dereference

EUVDB-ID: #VU63432

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-1199

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a Null pointer dereference and use after free errors in the ax25_release() function. A local user can simulate Amateur Radio and perform a denial of service (DoS) attack.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) NULL pointer dereference

EUVDB-ID: #VU64074

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-1263

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to kvm implementation in the Linux kernel does not handle releasing a virtual cpu properly. A local user can pass specially crafted data and perform a denial of service (DoS) attack.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Information disclosure

EUVDB-ID: #VU63388

Risk: Low

CVSSv3.1: 6.2 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-1353

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output by the application in the pfkey_register function in net/key/af_key.c in the Linux kernel. A local user can gain unauthorized access to kernel memory, leading to a system crash or a leak of internal kernel information.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) Out-of-bounds read

EUVDB-ID: #VU66591

Risk: Low

CVSSv3.1: 5.3 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-1462

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform denial of service (DoS) attack.

The vulnerability exists due to a boundary condition within the the Linux kernel’s TeleTYpe subsystem caused by a race condition when using ioctls TIOCSPTLCK and TIOCGPTPEER and TIOCSTI and TCXONC with leakage of memory file. A local user can trigger an out-of-bounds read error and crash the system or read random kernel memory.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) Use-after-free

EUVDB-ID: #VU64861

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-1679

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the ath9k_htc_wait_for_target() function in the Linux kernel’s Atheros wireless adapter driver. A local user can execute arbitrary code with elevated privileges.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

23) Race condition

EUVDB-ID: #VU64156

Risk: Low

CVSSv3.1: 6.1 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-1729

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition within sys_perf_event_open() in Linux kernel. A local user can exploit the race and gain unauthorized access to sensitive information and escalate privileges on the system.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

24) NULL pointer dereference

EUVDB-ID: #VU64261

Risk: Low

CVSSv3.1: 5.4 [CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-1789

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference in kvm_mmu_invpcid_gva. A local attacker can trigger vulnerability to perform a denial of service (DoS) attack.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

25) NULL pointer dereference

EUVDB-ID: #VU64262

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-1852

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in the Linux kernel’s KVM module. A local user can perform a denial of service (DoS) attack in the x86_emulate_insn in arch/x86/kvm/emulate.c.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

26) Use-after-free

EUVDB-ID: #VU64070

Risk: Low

CVSSv3.1: 7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2022-1966

CWE-ID: CWE-416 - Use After Free

Exploit availability: Yes

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in the Linux kernel's Netfilter subsystem in net/netfilter/nf_tables_api.c. A local user can trigger use-after-free error to escalate privileges on the system.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

27) Out-of-bounds write

EUVDB-ID: #VU64073

Risk: Low

CVSSv3.1: 7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2022-1972

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: Yes

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error when processing untrusted input in the Linux kernel's netfilter subsystem. A local user can trigger out-of-bounds write to escalate privileges on the system.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

28) Use-after-free

EUVDB-ID: #VU65641

Risk: Low

CVSSv3.1: 3.2 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-1973

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service attack.

The vulnerability exists due to a use-after-free error within the NTFS file system implementation in the Linux kernel. A local user can trigger a use-after-free error and crash the system or gain access to sensitive information.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

29) Buffer overflow

EUVDB-ID: #VU65642

Risk: Low

CVSSv3.1: 7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2022-2078

CWE-ID: CWE-119 - Memory corruption

Exploit availability: Yes

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the nft_set_desc_concat_parse() function in Linux kernel. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.


Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

30) Information disclosure

EUVDB-ID: #VU64364

Risk: Low

CVSSv3.1: 5.2 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-21123

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows an attacker to gain access to potentially sensitive information.

The vulnerability exists in Intel processors due to excessive data output when DirectPath I/O (PCI-Passthrough) is utilized. An attacker (both local and remote) with administrative access to a virtual machine that has an attached DirectPath I/O (PCI-Passthrough) device can obtain information stored in physical memory about the hypervisor or other virtual machines that reside on the same host.


Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

31) Information disclosure

EUVDB-ID: #VU64365

Risk: Low

CVSSv3.1: 5.2 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-21125

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows an attacker to gain access to potentially sensitive information.

The vulnerability exists in Intel processors due to excessive data output when DirectPath I/O (PCI-Passthrough) is utilized. An attacker (both local and remote) with administrative access to a virtual machine that has an attached DirectPath I/O (PCI-Passthrough) device can obtain information stored in physical memory about the hypervisor or other virtual machines that reside on the same host.



Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

32) Information disclosure

EUVDB-ID: #VU64366

Risk: Low

CVSSv3.1: 5.2 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-21166

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows an attacker to gain access to potentially sensitive information.

The vulnerability exists in Intel processors due to excessive data output when DirectPath I/O (PCI-Passthrough) is utilized. An attacker (both local and remote) with administrative access to a virtual machine that has an attached DirectPath I/O (PCI-Passthrough) device can obtain information stored in physical memory about the hypervisor or other virtual machines that reside on the same host.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

33) Security features bypass

EUVDB-ID: #VU66592

Risk: Low

CVSSv3.1: 5.9 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-21505

CWE-ID: CWE-254 - Security Features

Exploit availability: No

Description

The vulnerability allows an attacker to bypass implemented security restrictions.

The vulnerability exists due to incorrect implementation of the IMA lockdown feature. If IMA appraisal is used with the "ima_appraise=log" boot param, lockdown can be defeated with kexec on any machine with Secure Boot. An attacker with physical access to device can bypass Secure Boot mechanism.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

34) Security restrictions bypass

EUVDB-ID: #VU59896

Risk: Low

CVSSv3.1: 7 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2022-23222

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: Yes

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to availability of pointer arithmetic via certain *_OR_NULL pointer types in kernel/bpf/verifier.c in the Linux kernel. A local user can run a specially crafted program to execute arbitrary code with root privileges.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

35) Type Confusion

EUVDB-ID: #VU65219

Risk: Low

CVSSv3.1: 2.2 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-23816

CWE-ID: CWE-843 - Type confusion

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to a branch type confusion. A local user can force the branch predictor to predict the wrong branch type and gain access to sensitive information.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

36) Type Confusion

EUVDB-ID: #VU65204

Risk: Low

CVSSv3.1: 2.2 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-23825

CWE-ID: CWE-843 - Type confusion

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to a branch type confusion. A local user can force the branch predictor to predict the wrong branch type and gain access to sensitive information.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

37) Processor optimization removal or modification of security-critical code

EUVDB-ID: #VU65007

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-23960

CWE-ID: CWE-1037 - Processor optimization removal or modification of security-critical code

Exploit availability: No

Description

The vulnerability allows a local user to obtain potentially sensitive information.

The vulnerability exists due to improper restrictions of cache speculation. A local user can leverage the shared branch history in the Branch History Buffer (BHB) to influence mispredicted branches and gain access to sensitive information.

The vulnerability was dubbed Spectre-BHB.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

38) Release of invalid pointer or reference

EUVDB-ID: #VU63315

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-24958

CWE-ID: CWE-763 - Release of invalid pointer or reference

Exploit availability: No

Description

The vulnerability allows remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to release of illegal memory vulnerability in the drivers/usb/gadget/legacy/inode.c. A remote attacker can send specially crafted data and perform a denial of service (DoS) attack.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

39) Heap-based buffer overflow

EUVDB-ID: #VU61271

Risk: Low

CVSSv3.1: 7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2022-25636

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: Yes

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error in net/netfilter/nf_dup_netdev.c in the Linux kernel, related to nf_tables_offload. A local user can trigger a heap-based buffer overflow and execute arbitrary code with elevated privileges.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

40) Resource management error

EUVDB-ID: #VU66394

Risk: Low

CVSSv3.1: 7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2022-2585

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: Yes

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack or escalate privileges on the system.

The vulnerability exists due to improper management of internal resources in POSIX CPU timers when handling death of a process. A local user can crash the kernel or execute arbitrary code.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

41) Use-after-free

EUVDB-ID: #VU66396

Risk: Low

CVSSv3.1: 7.5 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C]

CVE-ID: CVE-2022-2586

CWE-ID: CWE-416 - Use After Free

Exploit availability: Yes

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the the netfilter subsystem implementation in Linux kernel when preventing one nft object from referencing an nft set in another nft table. A local user can trigger a use-after-free error and execute arbitrary code on the system with elevated privileges.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.

42) Double Free

EUVDB-ID: #VU66397

Risk: Low

CVSSv3.1: 7.5 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C]

CVE-ID: CVE-2022-2588

CWE-ID: CWE-415 - Double Free

Exploit availability: Yes

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a double free error within the network packet scheduler implementation in the route4_change() function in Linux kernel when removing all references to a route filter before freeing it. A local user can run a specially crafted program to crash the kernel or execute arbitrary code.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.

43) Use-after-free

EUVDB-ID: #VU68423

Risk: Low

CVSSv3.1: 6.3 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2022-2602

CWE-ID: CWE-416 - Use After Free

Exploit availability: Yes

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error caused by an io_uring request, which is being processed on a registered file. The Unix GC runs and frees the io_uring file descriptor and all the registered file descriptors in a specific order that may allow a local user to win a race and execute arbitrary code with elevated privileges.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

44) Information disclosure

EUVDB-ID: #VU65345

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-26365

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend. A local user can gain unauthorized access to sensitive information on the system.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

45) Security restrictions bypass

EUVDB-ID: #VU66549

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-26373

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to non-transparent sharing of return predictor targets between contexts in Intel CPU processors. A local user can bypass the expected architecture isolation between contexts and gain access to sensitive information on the system.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

46) Input validation error

EUVDB-ID: #VU67510

Risk: Medium

CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-2663

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass firewall rules.

The vulnerability exists due to insufficient validation of user-supplied input in nf_conntrack_irc in Linux kernel. A remote attacker can send unencrypted IRC with nf_conntrack_irc configured and bypass configured firewall rules.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

47) Improper Validation of Array Index

EUVDB-ID: #VU63316

Risk: Medium

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-27223

CWE-ID: CWE-129 - Improper Validation of Array Index

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code with elevated privileges.

The vulnerability exists due to improper validation of array index in drivers/usb/gadget/udc/udc-xilinx.c in the Linux kernel. A remote attacker can send specially crafted data to the system and execute arbitrary code with elevated privileges.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

48) Processor optimization removal or modification of security-critical code

EUVDB-ID: #VU65221

Risk: Low

CVSSv3.1: 4.1 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-28693

CWE-ID: CWE-1037 - Processor optimization removal or modification of security-critical code

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to unprotected alternative channel of return branch target prediction. A local user can gain access to sensitive information.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

49) Use-after-free

EUVDB-ID: #VU62074

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-28893

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the SUNRPC subsystem in the Linux kernel. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

50) Out-of-bounds read

EUVDB-ID: #VU67509

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-2905

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in the Linux kernel BPF subsystem. A local user can call the bpf_tail_call() function with a key larger than the max_entries of the map, trigger an out-of-bounds read and read parts of kernel memory.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

51) Double Free

EUVDB-ID: #VU63319

Risk: Medium

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-29156

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in drivers/infiniband/ulp/rtrs/rtrs-clt.c in the Linux kernel. A remote attacker can pass specially crafted data to the application, trigger double free error and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

52) Improper update of reference count

EUVDB-ID: #VU63496

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-29581

CWE-ID: CWE-911 - Improper Update of Reference Count

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to improper update of reference count in net/sched in Linux kernel. A local user can execute arbitrary code with root privileges.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

53) Use-after-free

EUVDB-ID: #VU63792

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-29582

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in the io_uring timeouts() function in the Linux kernel. A local user can trigger a race condition between timeout flush and removal to cause a denial of service or escalate privileges on the system.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

54) Processor optimization removal or modification of security-critical code

EUVDB-ID: #VU65205

Risk: Low

CVSSv3.1: 6.1 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-29900

CWE-ID: CWE-1037 - Processor optimization removal or modification of security-critical code

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a mistrained branch predictions for return instructions. A local user can execute arbitrary speculative code under certain microarchitecture-dependent conditions. The vulnerability was dubbed  RETbleed.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

55) Processor optimization removal or modification of security-critical code

EUVDB-ID: #VU65220

Risk: Low

CVSSv3.1: 4.1 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-29901

CWE-ID: CWE-1037 - Processor optimization removal or modification of security-critical code

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to the way non-transparent sharing of branch predictor targets between contexts. A local user can exploit the vulnerability to gain access to sensitive information.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

56) Race condition

EUVDB-ID: #VU67477

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-3028

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. A local user can exploit the race and escalate privileges on the system.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

57) Incorrect default permissions

EUVDB-ID: #VU63631

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-30594

CWE-ID: CWE-276 - Incorrect Default Permissions

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to mishandling seccomp permissions. A local user can bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag and escalate privileges on the system.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

58) Division by zero

EUVDB-ID: #VU68516

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-3061

CWE-ID: CWE-369 - Divide By Zero

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to missing checks of the "pixclock" value in the Linux kernel i740 driver. A local user can pass arbitrary values to the driver through ioctl() interface, trigger a divide by zero error and perform a denial of service (DoS) attack.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

59) Use-after-free

EUVDB-ID: #VU68109

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-3176

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in io_uring implementation in the Linux kernel. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

60) Use-after-free

EUVDB-ID: #VU64668

Risk: Low

CVSSv3.1: 7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2022-32250

CWE-ID: CWE-416 - Use After Free

Exploit availability: Yes

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free incorrect NFT_STATEFUL_EXPR in net/netfilter/nf_tables_api.c in Linux kernel. A local user with ability to create user/net namespaces can execute arbitrary code with root privileges.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

61) Buffer overflow

EUVDB-ID: #VU65005

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-32981

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error in ptrace PEEKUSER and POKEUSER when accessing floating point registers on powerpc 32-bit platforms. A local user can trigger buffer overflow and execute arbitrary code with elevated privileges.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

62) NULL pointer dereference

EUVDB-ID: #VU68338

Risk: Low

CVSSv3.1: 3.9 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-3303

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in the Linux kernel sound subsystem due to improper locking when handling the SNDCTL_DSP_SYNC ioctl. A privileged local user can trigger a NULL pointer dereference error and perform a denial of service (DoS) attack.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

63) Information disclosure

EUVDB-ID: #VU65346

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-33740

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend. A local user can gain unauthorized access to sensitive information on the system.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

64) Information disclosure

EUVDB-ID: #VU65351

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-33741

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to granularity of the grant table doesn't allow sharing less than a 4K page, leading to unrelated data residing in the same 4K page as data shared with a backend being accessible by such backend. A local user can gain unauthorized access to sensitive information on the system.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

65) Information disclosure

EUVDB-ID: #VU65348

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-33742

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to granularity of the grant table doesn't allow sharing less than a 4K page, leading to unrelated data residing in the same 4K page as data shared with a backend being accessible by such backend. A local user can gain unauthorized access to sensitive information on the system.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

66) Resource management error

EUVDB-ID: #VU65841

Risk: Low

CVSSv3.1: 2.4 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-33743

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a malicious network backend to perform a denial of service (DoS) attack.

The vulnerability exists due to an error in eXpress Data Path support implementation in Xen, allowing Linux netfront to use freed SKBs. A malicious network backend can cause denial of service on the guest OS.


Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

67) Out-of-bounds read

EUVDB-ID: #VU70499

Risk: Medium

CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-3435

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within the fib_nh_match() function in net/ipv4/fib_semantics.c IPv4 handler. A remote attacker can send specially crafted data to the system, trigger an out-of-bounds read error and read contents of memory on the system.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

68) Double Free

EUVDB-ID: #VU65297

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-34494

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error within the rpmsg_virtio_add_ctrl_dev() function in drivers/rpmsg/virtio_rpmsg_bus.c in the Linux kernel remote processor messaging (rpmsg) framework. A local user can run a specially crafted program to trigger a double free error and perform a denial of service (DoS) attack.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

69) Double Free

EUVDB-ID: #VU65643

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-34495

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error within the rpmsg_probe() function in drivers/rpmsg/virtio_rpmsg_bus.c in Linux kernel. A local user can trigger a double free error in the virtio RPMSG bus driver and crash the system.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

70) Type Confusion

EUVDB-ID: #VU65360

Risk: Low

CVSSv3.1: 7.5 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C]

CVE-ID: CVE-2022-34918

CWE-ID: CWE-843 - Type confusion

Exploit availability: Yes

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists in the Linux kernel’s Netfilter subsystem in the way a user provides incorrect input of the NFT_DATA_VERDICT type. A local user can pass specially crafted data to the application, trigger a type confusion error and escalate privileges on the system.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.

71) Race condition

EUVDB-ID: #VU76579

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-3522

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to a race condition within the hugetlb_no_page() function in the mm/hugetlb.c. A local user can exploit the race and gain access to sensitive information.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

72) Use-after-free

EUVDB-ID: #VU73772

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-3523

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error when in mm/memory.c in Linux kernel. A local user can trigger a use-after-free error and perform a denial of service (DoS) attack.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

73) Memory leak

EUVDB-ID: #VU69756

Risk: Medium

CVSSv3.1: 4.6 [CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-3524

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform DoS attack on the target system.

The vulnerability exists due memory leak within the ipv6_renew_options() function when retrieving a new IPv6 address from a malicious DHCP server. A remote attacker can force the system to leak memory and perform denial of service attack.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

74) Use-after-free

EUVDB-ID: #VU72466

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-3534

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the btf_dump_name_dups() function in tools/lib/bpf/btf_dump.c. A local user can execute arbitrary code with elevated privileges.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

75) Memory leak

EUVDB-ID: #VU69798

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-3543

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a DoS attack.

The vulnerability exists due memory leak within the unix_sock_destructor/unix_release_sock() function in net/unix/af_unix.c. A local user can force the system to leak memory and perform denial of service attack.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

76) Race condition

EUVDB-ID: #VU69810

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-3566

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition within the tcp_getsockopt() and tcp_setsockopt() functions in net/ipv4/tcp.c, do_ipv6_setsockopt() function in net/ipv6/ipv6_sockglue.c, and tcp_v6_connect() function in net/ipv6/tcp_ipv6.c in Linux kernel. A local user can exploit the race and escalate privileges on the system.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

77) Race condition

EUVDB-ID: #VU69811

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-3567

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition within the inet6_stream_ops() and inet6_dgram_ops() functions. A local user can exploit the race and escalate privileges on the system.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

78) NULL pointer dereference

EUVDB-ID: #VU73782

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-3606

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the find_prog_by_sec_insn() function in tools/lib/bpf/libbpf.c of the BPF component. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

79) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU66808

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-36123

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to Linux kernel lacks a certain clear operation for the block starting symbol (.bss). A local user on the Xen PV guest OS can perform a denial of service attack or escalate privileges on the guest OS.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

80) Race condition

EUVDB-ID: #VU69794

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-3623

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition within the follow_page_pte() function in mm/gup.c. A local user can exploit the race and escalate privileges on the system.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

81) Input validation error

EUVDB-ID: #VU70468

Risk: Medium

CVSSv3.1: 5.9 [CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-3643

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows an attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of network packets. An attacker with access to the guest OS can trigger the related physical NIC on the host to reset, abort, or crash by sending certain kinds of packets.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

82) Resource management error

EUVDB-ID: #VU66550

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-36879

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper management of internal resources within the xfrm_expand_policies() function in net/xfrm/xfrm_policy.c. A local user can cause the refcount to be dropped twice and perform a denial of service (DoS) attack.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

83) Input validation error

EUVDB-ID: #VU66476

Risk: Medium

CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2022-36946

CWE-ID: CWE-20 - Improper input validation

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input within the nfqnl_mangle() function in net/netfilter/nfnetlink_queue.c in the Linux kernel when processing IPv6 packets. A remote attacker can send specially crafted packets to the system and perform a denial of service (DoS) attack.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

84) Race condition

EUVDB-ID: #VU67478

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-39188

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition within include/asm-generic/tlb.h in the Linux kernel. A local user can exploit the race and escalate privileges on the system.

Note, this only occurs in situations with VM_PFNMAP VMAs.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

85) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU68110

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-39189

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a guest user to escalate privileges on the system.

The vulnerability exists due to incorrect handling of TLB flush operations in certain KVM_VCPU_PREEMPTED situations in the x86 KVM subsystem in the Linux kernel. An attacker with unprivileged access to the guest OS can escalate privileges on the guest.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

86) Out-of-bounds read

EUVDB-ID: #VU67508

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-39190

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service attack.

The vulnerability exists due to an out-of-bounds read error within the net/netfilter/nf_tables_api.c in the Linux kernel. A local user can bind to an already bound chain and crash the kernel.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

87) Integer overflow

EUVDB-ID: #VU67914

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-39842

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to integer overflow within the pxa3xx_gcu_write() function in drivers/video/fbdev/pxa3xx-gcu.c in Linux kernel. A local user can trigger an integer overflow and execute arbitrary code with escalated privileges.


Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

88) Use-after-free

EUVDB-ID: #VU67915

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-40307

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the drivers/firmware/efi/capsule-loader.c in Linux kernel. A local user can trigger a use-after-free error and perform a denial of service (DoS) attack.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

89) Buffer overflow

EUVDB-ID: #VU70460

Risk: Low

CVSSv3.1: 6.4 [CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-4139

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the i915 kernel driver on Linux kernel. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.


Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

90) Resource management error

EUVDB-ID: #VU70469

Risk: Medium

CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-42328

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows an attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper management of internal resources. An attacker with access to the guest OS can trigger deadlock in Linux netback driver and perform a denial of service (DoS) attack of the host via the paravirtualized network interface.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

91) Resource management error

EUVDB-ID: #VU70470

Risk: Medium

CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-42329

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows an attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper management of internal resources. An attacker with access to the guest OS can trigger deadlock in Linux netback driver and perform a denial of service (DoS) attack of the host via the paravirtualized network interface.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

92) Out-of-bounds write

EUVDB-ID: #VU69296

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-43750

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

93) Stack-based buffer overflow

EUVDB-ID: #VU70442

Risk: Low

CVSSv3.1: 7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2022-4378

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the __do_proc_dointvec() function. A local user can trigger a stack-based buffer overflow and execute arbitrary code with elevated privileges.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

94) Use-after-free

EUVDB-ID: #VU71583

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-4379

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the __nfs42_ssc_open() function in fs/nfs/nfs4file.c. A remote attacker can perform a denial of service (DoS) attack.


Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

95) Buffer overflow

EUVDB-ID: #VU69766

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-43945

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service attacl.

The vulnerability exists due to a boundary error within the Linux kernel NFSD implementation. A remote attacker can send the RPC message over TCP with garbage data added at the end of the message, trigger memory corruption and perform a denial of service (DoS) attack.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

96) Race condition

EUVDB-ID: #VU70502

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-45869

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a remote user to escalate privileges on the system.

The vulnerability exists due to a race condition within the x86 KVM subsystem in the Linux kernel when nested virtualisation and the TDP MMU are enabled. A remote  user on the guest OS can exploit the race and crash the host OS.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

97) NULL pointer dereference

EUVDB-ID: #VU72467

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-4842

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in the attr_punch_hole() () function in Linux kernel NTFS3 driver. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

98) Input validation error

EUVDB-ID: #VU87772

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-48619

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input within the input_set_capability() function in drivers/input/input.c. A local user can crash the OS kernel.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

99) Integer overflow

EUVDB-ID: #VU71173

Risk: Low

CVSSv3.1: 7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2023-0179

CWE-ID: CWE-190 - Integer overflow

Exploit availability: Yes

Description

The vulnerability allows a local  user to escalate privileges on the system.

The vulnerability exists due to an integer overflow within the nft_payload_copy_vlan() function in Linux kernel Netfilter. A local user can trigger an integer overflow and execute arbitrary code with elevated privileges.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

100) NULL pointer dereference

EUVDB-ID: #VU71352

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-0394

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the rawv6_push_pending_frames() function in net/ipv6/raw.c. A local user can run a specially crafted program on the system and perform a denial of service (DoS) attack.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

101) Processor optimization removal or modification of security-critical code

EUVDB-ID: #VU76222

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-0459

CWE-ID: CWE-1037 - Processor optimization removal or modification of security-critical code

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to improper implementation of speculative execution barriers in usercopy functions
in certain situations. A local user can gain access to sensitive information.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

102) Use-after-free

EUVDB-ID: #VU72506

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-0461

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the Upper Level Protocol (ULP) subsystem in Linux kernel caused by improper handling of sockets entering the LISTEN state in certain protocols. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.


Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

103) Use-after-free

EUVDB-ID: #VU72744

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-0469

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error during the cleanup call within the io_install_fixed_file() function in io_uring/filetable.c. A local user can trigger a use-after-free error and perform a denial of service (DoS) attack.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

104) Use-after-free

EUVDB-ID: #VU72098

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-0590

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the qdisc_graft() function in net/sched/sch_api.c. A local user can trigger a use-after-free error and crash the kernel.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

105) Information exposure through microarchitectural state after transient execution

EUVDB-ID: #VU74771

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-1637

CWE-ID: CWE-1342 - Information Exposure through Microarchitectural State after Transient Execution

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due speculative execution behavior in the Linux kernel X86 CPU Power management options functionality. A local user can gain access to sensitive information.


Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

106) Improper update of reference count

EUVDB-ID: #VU75101

Risk: Low

CVSSv3.1: 3.6 [CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-2019

CWE-ID: CWE-911 - Improper Update of Reference Count

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper update of reference count within the scheduling of events in drivers/net/netdevsim/fib.c. A local privileged user can perform a denial of service (DoS) attack.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

107) NULL pointer dereference

EUVDB-ID: #VU81924

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-2177

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in the net/sctp/stream_sched.c in Linux kernel. A local user can pass specially crafted data to the system and perform a denial of service (DoS) attack.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

108) Use-after-free

EUVDB-ID: #VU76228

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-26544

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the run_unpack() function in fs/ntfs3/run.c, related to a difference between NTFS sector size and media sector size. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.


Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

109) Use-after-free

EUVDB-ID: #VU77911

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-3111

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the prepare_to_relocate() function in fs/btrfs/relocation.c in btrfs in the Linux Kernel. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

110) NULL pointer dereference

EUVDB-ID: #VU78065

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-3357

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in the Linux kernel AMD Sensor Fusion Hub driver. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

111) Double Free

EUVDB-ID: #VU80796

Risk: Low

CVSSv3.1: 6.2 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-4387

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to a boundary error within the vmxnet3_rq_alloc_rx_buf() function in drivers/net/vmxnet3/vmxnet3_drv.c in VMware vmxnet3 ethernet NIC driver. A local user can  trigger a double free error and gain access to sensitive information or crash the kernel.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

112) NULL pointer dereference

EUVDB-ID: #VU80797

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-4459

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the vmxnet3_rq_cleanup() function in drivers/net/vmxnet3/vmxnet3_drv.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

113) Use-after-free

EUVDB-ID: #VU91601

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-0562

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the Linux Kernel. When a disk is removed, bdi_unregister is called to stop further write-back and waits for associated delayed work to complete. However, wb_inode_writeback_end() may schedule bandwidth estimation work after this has completed, which can result in the timer attempting to access the recently freed bdi_writeback. A local user can execute arbitrary code with elevated privileges.

Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

114) Buffer overflow

EUVDB-ID: #VU56018

Risk: Low

CVSSv3.1: 7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2021-22543

CWE-ID: CWE-119 - Memory corruption

Exploit availability: Yes

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error in Linux kernel when handling VM_IO|VM_PFNMAP vmas in KVM. A local user can  can bypass RO checks and cause the pages to get freed while still accessible by the VMM and guest. As a result, an attacker with the ability to start and control a VM to read/write random pages of memory, can trigger memory corruption and execute arbitrary code with elevated privileges.


Mitigation

Update the affected packages:

aarch64:
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-6.1.10-15.42.amzn2023.aarch64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.aarch64
    perf-6.1.10-15.42.amzn2023.aarch64
    python3-perf-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-devel-6.1.10-15.42.amzn2023.aarch64
    bpftool-6.1.10-15.42.amzn2023.aarch64
    kernel-headers-6.1.10-15.42.amzn2023.aarch64
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.aarch64
    perf-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-6.1.10-15.42.amzn2023.aarch64
    kernel-tools-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-6.1.10-15.42.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.10-15.42.amzn2023.aarch64
    kernel-devel-6.1.10-15.42.amzn2023.aarch64

src:
    kernel-6.1.10-15.42.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64
    perf-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.10-15.42.amzn2023.x86_64
    bpftool-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-6.1.10-15.42.amzn2023.x86_64
    kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64
    kernel-libbpf-6.1.10-15.42.amzn2023.x86_64
    bpftool-debuginfo-6.1.10-15.42.amzn2023.x86_64
    python3-perf-6.1.10-15.42.amzn2023.x86_64
    kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64
    perf-6.1.10-15.42.amzn2023.x86_64
    kernel-headers-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-6.1.10-15.42.amzn2023.x86_64
    kernel-6.1.10-15.42.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.10-15.42.amzn2023.x86_64
    kernel-devel-6.1.10-15.42.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.10-15.42

External links

http://alas.aws.amazon.com/AL2023/ALAS-2023-070.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.



###SIDEBAR###