Amazon Linux AMI update for kernel

Published: 2024-08-06

Risk	Low
Patch available	YES
Number of vulnerabilities	2
CVE-ID	CVE-2023-46838 CVE-2023-6915
CWE-ID	CWE-20 CWE-476
Exploitation vector	Local
Public exploit	N/A
Vulnerable software	Amazon Linux AMI Operating systems & Components / Operating system kernel Operating systems & Components / Operating system package or component
Vendor	Amazon Web Services

Security Bulletin

This security bulletin contains information about 2 vulnerabilities.

1) Input validation error

EUVDB-ID: #VU85682

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-46838

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows an unprivileged guest to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of network packets at the backend. An unprivileged guest can send zero-length packets to the OS kernel and perform a denial of service (DoS) attack.

Mitigation

Update the affected packages:

aarch64:
    bpftool-debuginfo-6.1.75-99.163.amzn2023.aarch64
    kernel-livepatch-6.1.75-99.163-1.0-0.amzn2023.aarch64
    kernel-libbpf-devel-6.1.75-99.163.amzn2023.aarch64
    python3-perf-debuginfo-6.1.75-99.163.amzn2023.aarch64
    kernel-tools-devel-6.1.75-99.163.amzn2023.aarch64
    perf-debuginfo-6.1.75-99.163.amzn2023.aarch64
    python3-perf-6.1.75-99.163.amzn2023.aarch64
    kernel-libbpf-static-6.1.75-99.163.amzn2023.aarch64
    kernel-tools-6.1.75-99.163.amzn2023.aarch64
    bpftool-6.1.75-99.163.amzn2023.aarch64
    kernel-modules-extra-6.1.75-99.163.amzn2023.aarch64
    kernel-modules-extra-common-6.1.75-99.163.amzn2023.aarch64
    kernel-6.1.75-99.163.amzn2023.aarch64
    kernel-libbpf-6.1.75-99.163.amzn2023.aarch64
    kernel-headers-6.1.75-99.163.amzn2023.aarch64
    kernel-tools-debuginfo-6.1.75-99.163.amzn2023.aarch64
    kernel-debuginfo-6.1.75-99.163.amzn2023.aarch64
    perf-6.1.75-99.163.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.75-99.163.amzn2023.aarch64
    kernel-devel-6.1.75-99.163.amzn2023.aarch64

src:
    kernel-6.1.75-99.163.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.75-99.163.amzn2023.x86_64
    kernel-libbpf-6.1.75-99.163.amzn2023.x86_64
    python3-perf-6.1.75-99.163.amzn2023.x86_64
    kernel-modules-extra-6.1.75-99.163.amzn2023.x86_64
    bpftool-6.1.75-99.163.amzn2023.x86_64
    kernel-modules-extra-common-6.1.75-99.163.amzn2023.x86_64
    kernel-livepatch-6.1.75-99.163-1.0-0.amzn2023.x86_64
    kernel-tools-devel-6.1.75-99.163.amzn2023.x86_64
    kernel-headers-6.1.75-99.163.amzn2023.x86_64
    kernel-libbpf-static-6.1.75-99.163.amzn2023.x86_64
    bpftool-debuginfo-6.1.75-99.163.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.75-99.163.amzn2023.x86_64
    perf-debuginfo-6.1.75-99.163.amzn2023.x86_64
    kernel-libbpf-devel-6.1.75-99.163.amzn2023.x86_64
    kernel-tools-6.1.75-99.163.amzn2023.x86_64
    perf-6.1.75-99.163.amzn2023.x86_64
    kernel-debuginfo-6.1.75-99.163.amzn2023.x86_64
    kernel-6.1.75-99.163.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.75-99.163.amzn2023.x86_64
    kernel-devel-6.1.75-99.163.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.75-99.163

CPE2.3

External links

https://alas.aws.amazon.com/AL2023/ALAS-2024-510.html

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) NULL pointer dereference

EUVDB-ID: #VU85423