Amazon Linux AMI update for kernel



Published: 2024-08-06
Risk Low
Patch available YES
Number of vulnerabilities 3
CVE-ID CVE-2024-26923
CVE-2024-26925
CVE-2024-26928
CWE-ID CWE-667
CWE-416
Exploitation vector Local
Public exploit N/A
Vulnerable software
Subscribe 		Amazon Linux AMI
Operating systems & Components / Operating system

kernel
Operating systems & Components / Operating system package or component

Vendor Amazon Web Services

Security Bulletin

This security bulletin contains information about 3 vulnerabilities.

1) Improper locking

EUVDB-ID: #VU92035

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26923

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to improper locking within the unix_gc() function in net/unix/garbage.c due to garbage collector does not take into account the risk of embryo getting enqueued during the garbage collection. A local user can execute arbitrary code with elevated privileges.

Mitigation

Update the affected packages:

aarch64:
    kernel-libbpf-devel-6.1.87-99.174.amzn2023.aarch64
    bpftool-debuginfo-6.1.87-99.174.amzn2023.aarch64
    bpftool-6.1.87-99.174.amzn2023.aarch64
    kernel-tools-debuginfo-6.1.87-99.174.amzn2023.aarch64
    python3-perf-debuginfo-6.1.87-99.174.amzn2023.aarch64
    python3-perf-6.1.87-99.174.amzn2023.aarch64
    kernel-livepatch-6.1.87-99.174-1.0-0.amzn2023.aarch64
    kernel-modules-extra-common-6.1.87-99.174.amzn2023.aarch64
    perf-debuginfo-6.1.87-99.174.amzn2023.aarch64
    kernel-modules-extra-6.1.87-99.174.amzn2023.aarch64
    kernel-libbpf-static-6.1.87-99.174.amzn2023.aarch64
    kernel-tools-devel-6.1.87-99.174.amzn2023.aarch64
    kernel-libbpf-6.1.87-99.174.amzn2023.aarch64
    kernel-tools-6.1.87-99.174.amzn2023.aarch64
    perf-6.1.87-99.174.amzn2023.aarch64
    kernel-headers-6.1.87-99.174.amzn2023.aarch64
    kernel-6.1.87-99.174.amzn2023.aarch64
    kernel-debuginfo-6.1.87-99.174.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.87-99.174.amzn2023.aarch64
    kernel-devel-6.1.87-99.174.amzn2023.aarch64

src:
    kernel-6.1.87-99.174.amzn2023.src

x86_64:
    bpftool-6.1.87-99.174.amzn2023.x86_64
    kernel-libbpf-6.1.87-99.174.amzn2023.x86_64
    kernel-libbpf-static-6.1.87-99.174.amzn2023.x86_64
    kernel-modules-extra-common-6.1.87-99.174.amzn2023.x86_64
    kernel-modules-extra-6.1.87-99.174.amzn2023.x86_64
    python3-perf-6.1.87-99.174.amzn2023.x86_64
    kernel-livepatch-6.1.87-99.174-1.0-0.amzn2023.x86_64
    bpftool-debuginfo-6.1.87-99.174.amzn2023.x86_64
    python3-perf-debuginfo-6.1.87-99.174.amzn2023.x86_64
    kernel-libbpf-devel-6.1.87-99.174.amzn2023.x86_64
    perf-debuginfo-6.1.87-99.174.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.87-99.174.amzn2023.x86_64
    kernel-tools-devel-6.1.87-99.174.amzn2023.x86_64
    kernel-tools-6.1.87-99.174.amzn2023.x86_64
    kernel-headers-6.1.87-99.174.amzn2023.x86_64
    perf-6.1.87-99.174.amzn2023.x86_64
    kernel-6.1.87-99.174.amzn2023.x86_64
    kernel-debuginfo-6.1.87-99.174.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.87-99.174.amzn2023.x86_64
    kernel-devel-6.1.87-99.174.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.87-99.174

External links

http://alas.aws.amazon.com/AL2023/ALAS-2024-613.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Improper locking

EUVDB-ID: #VU92034

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26925

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the __nf_tables_abort() and nf_tables_abort() functions in net/netfilter/nf_tables_api.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected packages:

aarch64:
    kernel-libbpf-devel-6.1.87-99.174.amzn2023.aarch64
    bpftool-debuginfo-6.1.87-99.174.amzn2023.aarch64
    bpftool-6.1.87-99.174.amzn2023.aarch64
    kernel-tools-debuginfo-6.1.87-99.174.amzn2023.aarch64
    python3-perf-debuginfo-6.1.87-99.174.amzn2023.aarch64
    python3-perf-6.1.87-99.174.amzn2023.aarch64
    kernel-livepatch-6.1.87-99.174-1.0-0.amzn2023.aarch64
    kernel-modules-extra-common-6.1.87-99.174.amzn2023.aarch64
    perf-debuginfo-6.1.87-99.174.amzn2023.aarch64
    kernel-modules-extra-6.1.87-99.174.amzn2023.aarch64
    kernel-libbpf-static-6.1.87-99.174.amzn2023.aarch64
    kernel-tools-devel-6.1.87-99.174.amzn2023.aarch64
    kernel-libbpf-6.1.87-99.174.amzn2023.aarch64
    kernel-tools-6.1.87-99.174.amzn2023.aarch64
    perf-6.1.87-99.174.amzn2023.aarch64
    kernel-headers-6.1.87-99.174.amzn2023.aarch64
    kernel-6.1.87-99.174.amzn2023.aarch64
    kernel-debuginfo-6.1.87-99.174.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.87-99.174.amzn2023.aarch64
    kernel-devel-6.1.87-99.174.amzn2023.aarch64

src:
    kernel-6.1.87-99.174.amzn2023.src

x86_64:
    bpftool-6.1.87-99.174.amzn2023.x86_64
    kernel-libbpf-6.1.87-99.174.amzn2023.x86_64
    kernel-libbpf-static-6.1.87-99.174.amzn2023.x86_64
    kernel-modules-extra-common-6.1.87-99.174.amzn2023.x86_64
    kernel-modules-extra-6.1.87-99.174.amzn2023.x86_64
    python3-perf-6.1.87-99.174.amzn2023.x86_64
    kernel-livepatch-6.1.87-99.174-1.0-0.amzn2023.x86_64
    bpftool-debuginfo-6.1.87-99.174.amzn2023.x86_64
    python3-perf-debuginfo-6.1.87-99.174.amzn2023.x86_64
    kernel-libbpf-devel-6.1.87-99.174.amzn2023.x86_64
    perf-debuginfo-6.1.87-99.174.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.87-99.174.amzn2023.x86_64
    kernel-tools-devel-6.1.87-99.174.amzn2023.x86_64
    kernel-tools-6.1.87-99.174.amzn2023.x86_64
    kernel-headers-6.1.87-99.174.amzn2023.x86_64
    perf-6.1.87-99.174.amzn2023.x86_64
    kernel-6.1.87-99.174.amzn2023.x86_64
    kernel-debuginfo-6.1.87-99.174.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.87-99.174.amzn2023.x86_64
    kernel-devel-6.1.87-99.174.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.87-99.174

External links

http://alas.aws.amazon.com/AL2023/ALAS-2024-613.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Use-after-free

EUVDB-ID: #VU90192

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26928

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the cifs_debug_files_proc_show() function in fs/smb/client/cifs_debug.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.

Mitigation

Update the affected packages:

aarch64:
    kernel-libbpf-devel-6.1.87-99.174.amzn2023.aarch64
    bpftool-debuginfo-6.1.87-99.174.amzn2023.aarch64
    bpftool-6.1.87-99.174.amzn2023.aarch64
    kernel-tools-debuginfo-6.1.87-99.174.amzn2023.aarch64
    python3-perf-debuginfo-6.1.87-99.174.amzn2023.aarch64
    python3-perf-6.1.87-99.174.amzn2023.aarch64
    kernel-livepatch-6.1.87-99.174-1.0-0.amzn2023.aarch64
    kernel-modules-extra-common-6.1.87-99.174.amzn2023.aarch64
    perf-debuginfo-6.1.87-99.174.amzn2023.aarch64
    kernel-modules-extra-6.1.87-99.174.amzn2023.aarch64
    kernel-libbpf-static-6.1.87-99.174.amzn2023.aarch64
    kernel-tools-devel-6.1.87-99.174.amzn2023.aarch64
    kernel-libbpf-6.1.87-99.174.amzn2023.aarch64
    kernel-tools-6.1.87-99.174.amzn2023.aarch64
    perf-6.1.87-99.174.amzn2023.aarch64
    kernel-headers-6.1.87-99.174.amzn2023.aarch64
    kernel-6.1.87-99.174.amzn2023.aarch64
    kernel-debuginfo-6.1.87-99.174.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.87-99.174.amzn2023.aarch64
    kernel-devel-6.1.87-99.174.amzn2023.aarch64

src:
    kernel-6.1.87-99.174.amzn2023.src

x86_64:
    bpftool-6.1.87-99.174.amzn2023.x86_64
    kernel-libbpf-6.1.87-99.174.amzn2023.x86_64
    kernel-libbpf-static-6.1.87-99.174.amzn2023.x86_64
    kernel-modules-extra-common-6.1.87-99.174.amzn2023.x86_64
    kernel-modules-extra-6.1.87-99.174.amzn2023.x86_64
    python3-perf-6.1.87-99.174.amzn2023.x86_64
    kernel-livepatch-6.1.87-99.174-1.0-0.amzn2023.x86_64
    bpftool-debuginfo-6.1.87-99.174.amzn2023.x86_64
    python3-perf-debuginfo-6.1.87-99.174.amzn2023.x86_64
    kernel-libbpf-devel-6.1.87-99.174.amzn2023.x86_64
    perf-debuginfo-6.1.87-99.174.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.87-99.174.amzn2023.x86_64
    kernel-tools-devel-6.1.87-99.174.amzn2023.x86_64
    kernel-tools-6.1.87-99.174.amzn2023.x86_64
    kernel-headers-6.1.87-99.174.amzn2023.x86_64
    perf-6.1.87-99.174.amzn2023.x86_64
    kernel-6.1.87-99.174.amzn2023.x86_64
    kernel-debuginfo-6.1.87-99.174.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.87-99.174.amzn2023.x86_64
    kernel-devel-6.1.87-99.174.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.87-99.174

External links

http://alas.aws.amazon.com/AL2023/ALAS-2024-613.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###