Amazon Linux AMI update for kernel
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 4 |
| CVE-ID | CVE-2023-52620 CVE-2024-26621 CVE-2024-26782 CVE-2024-27417 |
| CWE-ID | CWE-284 CWE-400 CWE-415 CWE-200 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Amazon Linux AMI Operating systems & Components / Operating system kernel Operating systems & Components / Operating system package or component |
| Vendor | Amazon Web Services |
Security Bulletin
This security bulletin contains information about 4 vulnerabilities.
1) Improper access control
EUVDB-ID: #VU89268
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52620
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper access restrictions within the nf_tables_newset() function in net/netfilter/nf_tables_api.c when setting timeouts from userspace. A local user can bypass implemented security restrictions and perform a denial of service attack.
Update the affected packages:
aarch64:Vulnerable software versions
bpftool-6.1.82-99.168.amzn2023.aarch64
python3-perf-debuginfo-6.1.82-99.168.amzn2023.aarch64
kernel-libbpf-devel-6.1.82-99.168.amzn2023.aarch64
kernel-tools-debuginfo-6.1.82-99.168.amzn2023.aarch64
kernel-livepatch-6.1.82-99.168-1.0-0.amzn2023.aarch64
python3-perf-6.1.82-99.168.amzn2023.aarch64
kernel-modules-extra-common-6.1.82-99.168.amzn2023.aarch64
kernel-libbpf-static-6.1.82-99.168.amzn2023.aarch64
kernel-tools-devel-6.1.82-99.168.amzn2023.aarch64
kernel-headers-6.1.82-99.168.amzn2023.aarch64
kernel-libbpf-6.1.82-99.168.amzn2023.aarch64
kernel-modules-extra-6.1.82-99.168.amzn2023.aarch64
bpftool-debuginfo-6.1.82-99.168.amzn2023.aarch64
kernel-6.1.82-99.168.amzn2023.aarch64
perf-6.1.82-99.168.amzn2023.aarch64
perf-debuginfo-6.1.82-99.168.amzn2023.aarch64
kernel-debuginfo-6.1.82-99.168.amzn2023.aarch64
kernel-tools-6.1.82-99.168.amzn2023.aarch64
kernel-debuginfo-common-aarch64-6.1.82-99.168.amzn2023.aarch64
kernel-devel-6.1.82-99.168.amzn2023.aarch64
src:
kernel-6.1.82-99.168.amzn2023.src
x86_64:
kernel-tools-devel-6.1.82-99.168.amzn2023.x86_64
perf-6.1.82-99.168.amzn2023.x86_64
kernel-tools-6.1.82-99.168.amzn2023.x86_64
python3-perf-6.1.82-99.168.amzn2023.x86_64
bpftool-debuginfo-6.1.82-99.168.amzn2023.x86_64
kernel-libbpf-static-6.1.82-99.168.amzn2023.x86_64
bpftool-6.1.82-99.168.amzn2023.x86_64
python3-perf-debuginfo-6.1.82-99.168.amzn2023.x86_64
perf-debuginfo-6.1.82-99.168.amzn2023.x86_64
kernel-tools-debuginfo-6.1.82-99.168.amzn2023.x86_64
kernel-libbpf-6.1.82-99.168.amzn2023.x86_64
kernel-libbpf-devel-6.1.82-99.168.amzn2023.x86_64
kernel-modules-extra-6.1.82-99.168.amzn2023.x86_64
kernel-livepatch-6.1.82-99.168-1.0-0.amzn2023.x86_64
kernel-modules-extra-common-6.1.82-99.168.amzn2023.x86_64
kernel-headers-6.1.82-99.168.amzn2023.x86_64
kernel-debuginfo-6.1.82-99.168.amzn2023.x86_64
kernel-6.1.82-99.168.amzn2023.x86_64
kernel-debuginfo-common-x86_64-6.1.82-99.168.amzn2023.x86_64
kernel-devel-6.1.82-99.168.amzn2023.x86_64
Amazon Linux AMI: All versions
kernel: before 6.1.82-99.168
CPE2.3 External linkshttp://alas.aws.amazon.com/AL2023/ALAS-2024-603.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Resource exhaustion
EUVDB-ID: #VU94108
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26621
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to system forces huge page alignment on 32-bit systems in mm/huge_memory.c. A local user can perform a denial of service (DoS) attack.
Update the affected packages:
aarch64:Vulnerable software versions
bpftool-6.1.82-99.168.amzn2023.aarch64
python3-perf-debuginfo-6.1.82-99.168.amzn2023.aarch64
kernel-libbpf-devel-6.1.82-99.168.amzn2023.aarch64
kernel-tools-debuginfo-6.1.82-99.168.amzn2023.aarch64
kernel-livepatch-6.1.82-99.168-1.0-0.amzn2023.aarch64
python3-perf-6.1.82-99.168.amzn2023.aarch64
kernel-modules-extra-common-6.1.82-99.168.amzn2023.aarch64
kernel-libbpf-static-6.1.82-99.168.amzn2023.aarch64
kernel-tools-devel-6.1.82-99.168.amzn2023.aarch64
kernel-headers-6.1.82-99.168.amzn2023.aarch64
kernel-libbpf-6.1.82-99.168.amzn2023.aarch64
kernel-modules-extra-6.1.82-99.168.amzn2023.aarch64
bpftool-debuginfo-6.1.82-99.168.amzn2023.aarch64
kernel-6.1.82-99.168.amzn2023.aarch64
perf-6.1.82-99.168.amzn2023.aarch64
perf-debuginfo-6.1.82-99.168.amzn2023.aarch64
kernel-debuginfo-6.1.82-99.168.amzn2023.aarch64
kernel-tools-6.1.82-99.168.amzn2023.aarch64
kernel-debuginfo-common-aarch64-6.1.82-99.168.amzn2023.aarch64
kernel-devel-6.1.82-99.168.amzn2023.aarch64
src:
kernel-6.1.82-99.168.amzn2023.src
x86_64:
kernel-tools-devel-6.1.82-99.168.amzn2023.x86_64
perf-6.1.82-99.168.amzn2023.x86_64
kernel-tools-6.1.82-99.168.amzn2023.x86_64
python3-perf-6.1.82-99.168.amzn2023.x86_64
bpftool-debuginfo-6.1.82-99.168.amzn2023.x86_64
kernel-libbpf-static-6.1.82-99.168.amzn2023.x86_64
bpftool-6.1.82-99.168.amzn2023.x86_64
python3-perf-debuginfo-6.1.82-99.168.amzn2023.x86_64
perf-debuginfo-6.1.82-99.168.amzn2023.x86_64
kernel-tools-debuginfo-6.1.82-99.168.amzn2023.x86_64
kernel-libbpf-6.1.82-99.168.amzn2023.x86_64
kernel-libbpf-devel-6.1.82-99.168.amzn2023.x86_64
kernel-modules-extra-6.1.82-99.168.amzn2023.x86_64
kernel-livepatch-6.1.82-99.168-1.0-0.amzn2023.x86_64
kernel-modules-extra-common-6.1.82-99.168.amzn2023.x86_64
kernel-headers-6.1.82-99.168.amzn2023.x86_64
kernel-debuginfo-6.1.82-99.168.amzn2023.x86_64
kernel-6.1.82-99.168.amzn2023.x86_64
kernel-debuginfo-common-x86_64-6.1.82-99.168.amzn2023.x86_64
kernel-devel-6.1.82-99.168.amzn2023.x86_64
Amazon Linux AMI: All versions
kernel: before 6.1.82-99.168
CPE2.3 External linkshttp://alas.aws.amazon.com/AL2023/ALAS-2024-603.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Double free
EUVDB-ID: #VU90927
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26782
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the mptcp_inet6_sk() and mptcp_sk_clone() functions in net/mptcp/protocol.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected packages:
aarch64:Vulnerable software versions
bpftool-6.1.82-99.168.amzn2023.aarch64
python3-perf-debuginfo-6.1.82-99.168.amzn2023.aarch64
kernel-libbpf-devel-6.1.82-99.168.amzn2023.aarch64
kernel-tools-debuginfo-6.1.82-99.168.amzn2023.aarch64
kernel-livepatch-6.1.82-99.168-1.0-0.amzn2023.aarch64
python3-perf-6.1.82-99.168.amzn2023.aarch64
kernel-modules-extra-common-6.1.82-99.168.amzn2023.aarch64
kernel-libbpf-static-6.1.82-99.168.amzn2023.aarch64
kernel-tools-devel-6.1.82-99.168.amzn2023.aarch64
kernel-headers-6.1.82-99.168.amzn2023.aarch64
kernel-libbpf-6.1.82-99.168.amzn2023.aarch64
kernel-modules-extra-6.1.82-99.168.amzn2023.aarch64
bpftool-debuginfo-6.1.82-99.168.amzn2023.aarch64
kernel-6.1.82-99.168.amzn2023.aarch64
perf-6.1.82-99.168.amzn2023.aarch64
perf-debuginfo-6.1.82-99.168.amzn2023.aarch64
kernel-debuginfo-6.1.82-99.168.amzn2023.aarch64
kernel-tools-6.1.82-99.168.amzn2023.aarch64
kernel-debuginfo-common-aarch64-6.1.82-99.168.amzn2023.aarch64
kernel-devel-6.1.82-99.168.amzn2023.aarch64
src:
kernel-6.1.82-99.168.amzn2023.src
x86_64:
kernel-tools-devel-6.1.82-99.168.amzn2023.x86_64
perf-6.1.82-99.168.amzn2023.x86_64
kernel-tools-6.1.82-99.168.amzn2023.x86_64
python3-perf-6.1.82-99.168.amzn2023.x86_64
bpftool-debuginfo-6.1.82-99.168.amzn2023.x86_64
kernel-libbpf-static-6.1.82-99.168.amzn2023.x86_64
bpftool-6.1.82-99.168.amzn2023.x86_64
python3-perf-debuginfo-6.1.82-99.168.amzn2023.x86_64
perf-debuginfo-6.1.82-99.168.amzn2023.x86_64
kernel-tools-debuginfo-6.1.82-99.168.amzn2023.x86_64
kernel-libbpf-6.1.82-99.168.amzn2023.x86_64
kernel-libbpf-devel-6.1.82-99.168.amzn2023.x86_64
kernel-modules-extra-6.1.82-99.168.amzn2023.x86_64
kernel-livepatch-6.1.82-99.168-1.0-0.amzn2023.x86_64
kernel-modules-extra-common-6.1.82-99.168.amzn2023.x86_64
kernel-headers-6.1.82-99.168.amzn2023.x86_64
kernel-debuginfo-6.1.82-99.168.amzn2023.x86_64
kernel-6.1.82-99.168.amzn2023.x86_64
kernel-debuginfo-common-x86_64-6.1.82-99.168.amzn2023.x86_64
kernel-devel-6.1.82-99.168.amzn2023.x86_64
Amazon Linux AMI: All versions
kernel: before 6.1.82-99.168
CPE2.3 External linkshttp://alas.aws.amazon.com/AL2023/ALAS-2024-603.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Information disclosure
EUVDB-ID: #VU91349
Risk: Low
CVSSv3.1: 2.9 [AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-27417
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the inet6_rtm_getaddr() function in net/ipv6/addrconf.c. A local user can gain access to sensitive information.
MitigationUpdate the affected packages:
aarch64:Vulnerable software versions
bpftool-6.1.82-99.168.amzn2023.aarch64
python3-perf-debuginfo-6.1.82-99.168.amzn2023.aarch64
kernel-libbpf-devel-6.1.82-99.168.amzn2023.aarch64
kernel-tools-debuginfo-6.1.82-99.168.amzn2023.aarch64
kernel-livepatch-6.1.82-99.168-1.0-0.amzn2023.aarch64
python3-perf-6.1.82-99.168.amzn2023.aarch64
kernel-modules-extra-common-6.1.82-99.168.amzn2023.aarch64
kernel-libbpf-static-6.1.82-99.168.amzn2023.aarch64
kernel-tools-devel-6.1.82-99.168.amzn2023.aarch64
kernel-headers-6.1.82-99.168.amzn2023.aarch64
kernel-libbpf-6.1.82-99.168.amzn2023.aarch64
kernel-modules-extra-6.1.82-99.168.amzn2023.aarch64
bpftool-debuginfo-6.1.82-99.168.amzn2023.aarch64
kernel-6.1.82-99.168.amzn2023.aarch64
perf-6.1.82-99.168.amzn2023.aarch64
perf-debuginfo-6.1.82-99.168.amzn2023.aarch64
kernel-debuginfo-6.1.82-99.168.amzn2023.aarch64
kernel-tools-6.1.82-99.168.amzn2023.aarch64
kernel-debuginfo-common-aarch64-6.1.82-99.168.amzn2023.aarch64
kernel-devel-6.1.82-99.168.amzn2023.aarch64
src:
kernel-6.1.82-99.168.amzn2023.src
x86_64:
kernel-tools-devel-6.1.82-99.168.amzn2023.x86_64
perf-6.1.82-99.168.amzn2023.x86_64
kernel-tools-6.1.82-99.168.amzn2023.x86_64
python3-perf-6.1.82-99.168.amzn2023.x86_64
bpftool-debuginfo-6.1.82-99.168.amzn2023.x86_64
kernel-libbpf-static-6.1.82-99.168.amzn2023.x86_64
bpftool-6.1.82-99.168.amzn2023.x86_64
python3-perf-debuginfo-6.1.82-99.168.amzn2023.x86_64
perf-debuginfo-6.1.82-99.168.amzn2023.x86_64
kernel-tools-debuginfo-6.1.82-99.168.amzn2023.x86_64
kernel-libbpf-6.1.82-99.168.amzn2023.x86_64
kernel-libbpf-devel-6.1.82-99.168.amzn2023.x86_64
kernel-modules-extra-6.1.82-99.168.amzn2023.x86_64
kernel-livepatch-6.1.82-99.168-1.0-0.amzn2023.x86_64
kernel-modules-extra-common-6.1.82-99.168.amzn2023.x86_64
kernel-headers-6.1.82-99.168.amzn2023.x86_64
kernel-debuginfo-6.1.82-99.168.amzn2023.x86_64
kernel-6.1.82-99.168.amzn2023.x86_64
kernel-debuginfo-common-x86_64-6.1.82-99.168.amzn2023.x86_64
kernel-devel-6.1.82-99.168.amzn2023.x86_64
Amazon Linux AMI: All versions
kernel: before 6.1.82-99.168
CPE2.3 External linkshttp://alas.aws.amazon.com/AL2023/ALAS-2024-603.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
