Amazon Linux AMI update for kernel



Risk Medium
Patch available YES
Number of vulnerabilities 19
CVE-ID CVE-2022-48628
CVE-2023-4244
CVE-2023-42754
CVE-2023-42756
CVE-2023-5197
CVE-2023-52433
CVE-2023-52482
CVE-2023-52501
CVE-2023-52562
CVE-2023-52567
CVE-2023-52569
CVE-2023-52572
CVE-2023-52573
CVE-2023-52574
CVE-2023-52576
CVE-2023-52578
CVE-2023-52580
CVE-2023-52582
CVE-2023-5345
CWE-ID CWE-362
CWE-416
CWE-476
CWE-20
CWE-121
CWE-200
CWE-617
CWE-388
CWE-399
Exploitation vector Local network
Public exploit N/A
Vulnerable software
 Amazon Linux AMI
Operating systems & Components / Operating system

kernel
Operating systems & Components / Operating system package or component

Vendor Amazon Web Services

Security Bulletin

This security bulletin contains information about 19 vulnerabilities.

1) Race condition

EUVDB-ID: #VU93383

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48628

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a race condition within the __inc_stopping_blocker() function in fs/ceph/super.c, within the ceph_handle_snap() and up_write() functions in fs/ceph/snap.c, within the ceph_handle_quota() function in fs/ceph/quota.c, within the handle_lease(), mutex_unlock() and ceph_mdsc_init() functions in fs/ceph/mds_client.c, within the ceph_handle_caps() and iput() functions in fs/ceph/caps.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected packages:

aarch64:
    kernel-libbpf-static-6.1.56-82.125.amzn2023.aarch64
    kernel-tools-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-tools-6.1.56-82.125.amzn2023.aarch64
    bpftool-6.1.56-82.125.amzn2023.aarch64
    bpftool-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-modules-extra-6.1.56-82.125.amzn2023.aarch64
    kernel-livepatch-6.1.56-82.125-1.0-0.amzn2023.aarch64
    kernel-libbpf-devel-6.1.56-82.125.amzn2023.aarch64
    kernel-tools-devel-6.1.56-82.125.amzn2023.aarch64
    perf-6.1.56-82.125.amzn2023.aarch64
    perf-debuginfo-6.1.56-82.125.amzn2023.aarch64
    python3-perf-6.1.56-82.125.amzn2023.aarch64
    kernel-libbpf-6.1.56-82.125.amzn2023.aarch64
    python3-perf-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-headers-6.1.56-82.125.amzn2023.aarch64
    kernel-6.1.56-82.125.amzn2023.aarch64
    kernel-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.56-82.125.amzn2023.aarch64
    kernel-devel-6.1.56-82.125.amzn2023.aarch64

src:
    kernel-6.1.56-82.125.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.56-82.125.amzn2023.x86_64
    python3-perf-6.1.56-82.125.amzn2023.x86_64
    kernel-libbpf-6.1.56-82.125.amzn2023.x86_64
    kernel-headers-6.1.56-82.125.amzn2023.x86_64
    kernel-livepatch-6.1.56-82.125-1.0-0.amzn2023.x86_64
    kernel-libbpf-devel-6.1.56-82.125.amzn2023.x86_64
    kernel-tools-devel-6.1.56-82.125.amzn2023.x86_64
    perf-debuginfo-6.1.56-82.125.amzn2023.x86_64
    kernel-libbpf-static-6.1.56-82.125.amzn2023.x86_64
    perf-6.1.56-82.125.amzn2023.x86_64
    bpftool-6.1.56-82.125.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.56-82.125.amzn2023.x86_64
    bpftool-debuginfo-6.1.56-82.125.amzn2023.x86_64
    kernel-modules-extra-6.1.56-82.125.amzn2023.x86_64
    kernel-tools-6.1.56-82.125.amzn2023.x86_64
    kernel-debuginfo-6.1.56-82.125.amzn2023.x86_64
    kernel-6.1.56-82.125.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.56-82.125.amzn2023.x86_64
    kernel-devel-6.1.56-82.125.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.56-82.125

CPE2.3 External links

https://alas.aws.amazon.com/AL2023/ALAS-2023-385.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Use-after-free

EUVDB-ID: #VU82306

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-4244

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the Linux kernel netfilter: nf_tables component. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Mitigation

Update the affected packages:

aarch64:
    kernel-libbpf-static-6.1.56-82.125.amzn2023.aarch64
    kernel-tools-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-tools-6.1.56-82.125.amzn2023.aarch64
    bpftool-6.1.56-82.125.amzn2023.aarch64
    bpftool-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-modules-extra-6.1.56-82.125.amzn2023.aarch64
    kernel-livepatch-6.1.56-82.125-1.0-0.amzn2023.aarch64
    kernel-libbpf-devel-6.1.56-82.125.amzn2023.aarch64
    kernel-tools-devel-6.1.56-82.125.amzn2023.aarch64
    perf-6.1.56-82.125.amzn2023.aarch64
    perf-debuginfo-6.1.56-82.125.amzn2023.aarch64
    python3-perf-6.1.56-82.125.amzn2023.aarch64
    kernel-libbpf-6.1.56-82.125.amzn2023.aarch64
    python3-perf-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-headers-6.1.56-82.125.amzn2023.aarch64
    kernel-6.1.56-82.125.amzn2023.aarch64
    kernel-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.56-82.125.amzn2023.aarch64
    kernel-devel-6.1.56-82.125.amzn2023.aarch64

src:
    kernel-6.1.56-82.125.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.56-82.125.amzn2023.x86_64
    python3-perf-6.1.56-82.125.amzn2023.x86_64
    kernel-libbpf-6.1.56-82.125.amzn2023.x86_64
    kernel-headers-6.1.56-82.125.amzn2023.x86_64
    kernel-livepatch-6.1.56-82.125-1.0-0.amzn2023.x86_64
    kernel-libbpf-devel-6.1.56-82.125.amzn2023.x86_64
    kernel-tools-devel-6.1.56-82.125.amzn2023.x86_64
    perf-debuginfo-6.1.56-82.125.amzn2023.x86_64
    kernel-libbpf-static-6.1.56-82.125.amzn2023.x86_64
    perf-6.1.56-82.125.amzn2023.x86_64
    bpftool-6.1.56-82.125.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.56-82.125.amzn2023.x86_64
    bpftool-debuginfo-6.1.56-82.125.amzn2023.x86_64
    kernel-modules-extra-6.1.56-82.125.amzn2023.x86_64
    kernel-tools-6.1.56-82.125.amzn2023.x86_64
    kernel-debuginfo-6.1.56-82.125.amzn2023.x86_64
    kernel-6.1.56-82.125.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.56-82.125.amzn2023.x86_64
    kernel-devel-6.1.56-82.125.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.56-82.125

CPE2.3 External links

https://alas.aws.amazon.com/AL2023/ALAS-2023-385.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) NULL pointer dereference

EUVDB-ID: #VU81452

Risk: Low

CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-42754

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the ipv4_send_dest_unreach() function in net/ipv4/route.c. A local user with CAP_NET_ADMIN permissions can perform a denial of service (DoS) attack.

Mitigation

Update the affected packages:

aarch64:
    kernel-libbpf-static-6.1.56-82.125.amzn2023.aarch64
    kernel-tools-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-tools-6.1.56-82.125.amzn2023.aarch64
    bpftool-6.1.56-82.125.amzn2023.aarch64
    bpftool-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-modules-extra-6.1.56-82.125.amzn2023.aarch64
    kernel-livepatch-6.1.56-82.125-1.0-0.amzn2023.aarch64
    kernel-libbpf-devel-6.1.56-82.125.amzn2023.aarch64
    kernel-tools-devel-6.1.56-82.125.amzn2023.aarch64
    perf-6.1.56-82.125.amzn2023.aarch64
    perf-debuginfo-6.1.56-82.125.amzn2023.aarch64
    python3-perf-6.1.56-82.125.amzn2023.aarch64
    kernel-libbpf-6.1.56-82.125.amzn2023.aarch64
    python3-perf-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-headers-6.1.56-82.125.amzn2023.aarch64
    kernel-6.1.56-82.125.amzn2023.aarch64
    kernel-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.56-82.125.amzn2023.aarch64
    kernel-devel-6.1.56-82.125.amzn2023.aarch64

src:
    kernel-6.1.56-82.125.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.56-82.125.amzn2023.x86_64
    python3-perf-6.1.56-82.125.amzn2023.x86_64
    kernel-libbpf-6.1.56-82.125.amzn2023.x86_64
    kernel-headers-6.1.56-82.125.amzn2023.x86_64
    kernel-livepatch-6.1.56-82.125-1.0-0.amzn2023.x86_64
    kernel-libbpf-devel-6.1.56-82.125.amzn2023.x86_64
    kernel-tools-devel-6.1.56-82.125.amzn2023.x86_64
    perf-debuginfo-6.1.56-82.125.amzn2023.x86_64
    kernel-libbpf-static-6.1.56-82.125.amzn2023.x86_64
    perf-6.1.56-82.125.amzn2023.x86_64
    bpftool-6.1.56-82.125.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.56-82.125.amzn2023.x86_64
    bpftool-debuginfo-6.1.56-82.125.amzn2023.x86_64
    kernel-modules-extra-6.1.56-82.125.amzn2023.x86_64
    kernel-tools-6.1.56-82.125.amzn2023.x86_64
    kernel-debuginfo-6.1.56-82.125.amzn2023.x86_64
    kernel-6.1.56-82.125.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.56-82.125.amzn2023.x86_64
    kernel-devel-6.1.56-82.125.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.56-82.125

CPE2.3 External links

https://alas.aws.amazon.com/AL2023/ALAS-2023-385.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Race condition

EUVDB-ID: #VU81690

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-42756

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a race condition in the Netfilter subsystem. A local user can exploit the race  between IPSET_CMD_ADD and IPSET_CMD_SWAP and gain crash the kernel.

Mitigation

Update the affected packages:

aarch64:
    kernel-libbpf-static-6.1.56-82.125.amzn2023.aarch64
    kernel-tools-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-tools-6.1.56-82.125.amzn2023.aarch64
    bpftool-6.1.56-82.125.amzn2023.aarch64
    bpftool-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-modules-extra-6.1.56-82.125.amzn2023.aarch64
    kernel-livepatch-6.1.56-82.125-1.0-0.amzn2023.aarch64
    kernel-libbpf-devel-6.1.56-82.125.amzn2023.aarch64
    kernel-tools-devel-6.1.56-82.125.amzn2023.aarch64
    perf-6.1.56-82.125.amzn2023.aarch64
    perf-debuginfo-6.1.56-82.125.amzn2023.aarch64
    python3-perf-6.1.56-82.125.amzn2023.aarch64
    kernel-libbpf-6.1.56-82.125.amzn2023.aarch64
    python3-perf-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-headers-6.1.56-82.125.amzn2023.aarch64
    kernel-6.1.56-82.125.amzn2023.aarch64
    kernel-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.56-82.125.amzn2023.aarch64
    kernel-devel-6.1.56-82.125.amzn2023.aarch64

src:
    kernel-6.1.56-82.125.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.56-82.125.amzn2023.x86_64
    python3-perf-6.1.56-82.125.amzn2023.x86_64
    kernel-libbpf-6.1.56-82.125.amzn2023.x86_64
    kernel-headers-6.1.56-82.125.amzn2023.x86_64
    kernel-livepatch-6.1.56-82.125-1.0-0.amzn2023.x86_64
    kernel-libbpf-devel-6.1.56-82.125.amzn2023.x86_64
    kernel-tools-devel-6.1.56-82.125.amzn2023.x86_64
    perf-debuginfo-6.1.56-82.125.amzn2023.x86_64
    kernel-libbpf-static-6.1.56-82.125.amzn2023.x86_64
    perf-6.1.56-82.125.amzn2023.x86_64
    bpftool-6.1.56-82.125.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.56-82.125.amzn2023.x86_64
    bpftool-debuginfo-6.1.56-82.125.amzn2023.x86_64
    kernel-modules-extra-6.1.56-82.125.amzn2023.x86_64
    kernel-tools-6.1.56-82.125.amzn2023.x86_64
    kernel-debuginfo-6.1.56-82.125.amzn2023.x86_64
    kernel-6.1.56-82.125.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.56-82.125.amzn2023.x86_64
    kernel-devel-6.1.56-82.125.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.56-82.125

CPE2.3 External links

https://alas.aws.amazon.com/AL2023/ALAS-2023-385.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Use-after-free

EUVDB-ID: #VU82304

Risk: Low

CVSSv4.0: 4.5 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-5197

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within Linux kernel netfilter: nf_tables component. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Mitigation

Update the affected packages:

aarch64:
    kernel-libbpf-static-6.1.56-82.125.amzn2023.aarch64
    kernel-tools-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-tools-6.1.56-82.125.amzn2023.aarch64
    bpftool-6.1.56-82.125.amzn2023.aarch64
    bpftool-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-modules-extra-6.1.56-82.125.amzn2023.aarch64
    kernel-livepatch-6.1.56-82.125-1.0-0.amzn2023.aarch64
    kernel-libbpf-devel-6.1.56-82.125.amzn2023.aarch64
    kernel-tools-devel-6.1.56-82.125.amzn2023.aarch64
    perf-6.1.56-82.125.amzn2023.aarch64
    perf-debuginfo-6.1.56-82.125.amzn2023.aarch64
    python3-perf-6.1.56-82.125.amzn2023.aarch64
    kernel-libbpf-6.1.56-82.125.amzn2023.aarch64
    python3-perf-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-headers-6.1.56-82.125.amzn2023.aarch64
    kernel-6.1.56-82.125.amzn2023.aarch64
    kernel-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.56-82.125.amzn2023.aarch64
    kernel-devel-6.1.56-82.125.amzn2023.aarch64

src:
    kernel-6.1.56-82.125.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.56-82.125.amzn2023.x86_64
    python3-perf-6.1.56-82.125.amzn2023.x86_64
    kernel-libbpf-6.1.56-82.125.amzn2023.x86_64
    kernel-headers-6.1.56-82.125.amzn2023.x86_64
    kernel-livepatch-6.1.56-82.125-1.0-0.amzn2023.x86_64
    kernel-libbpf-devel-6.1.56-82.125.amzn2023.x86_64
    kernel-tools-devel-6.1.56-82.125.amzn2023.x86_64
    perf-debuginfo-6.1.56-82.125.amzn2023.x86_64
    kernel-libbpf-static-6.1.56-82.125.amzn2023.x86_64
    perf-6.1.56-82.125.amzn2023.x86_64
    bpftool-6.1.56-82.125.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.56-82.125.amzn2023.x86_64
    bpftool-debuginfo-6.1.56-82.125.amzn2023.x86_64
    kernel-modules-extra-6.1.56-82.125.amzn2023.x86_64
    kernel-tools-6.1.56-82.125.amzn2023.x86_64
    kernel-debuginfo-6.1.56-82.125.amzn2023.x86_64
    kernel-6.1.56-82.125.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.56-82.125.amzn2023.x86_64
    kernel-devel-6.1.56-82.125.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.56-82.125

CPE2.3 External links

https://alas.aws.amazon.com/AL2023/ALAS-2023-385.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Input validation error

EUVDB-ID: #VU94149

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52433

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the __nft_rbtree_insert() function in net/netfilter/nft_set_rbtree.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected packages:

aarch64:
    kernel-libbpf-static-6.1.56-82.125.amzn2023.aarch64
    kernel-tools-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-tools-6.1.56-82.125.amzn2023.aarch64
    bpftool-6.1.56-82.125.amzn2023.aarch64
    bpftool-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-modules-extra-6.1.56-82.125.amzn2023.aarch64
    kernel-livepatch-6.1.56-82.125-1.0-0.amzn2023.aarch64
    kernel-libbpf-devel-6.1.56-82.125.amzn2023.aarch64
    kernel-tools-devel-6.1.56-82.125.amzn2023.aarch64
    perf-6.1.56-82.125.amzn2023.aarch64
    perf-debuginfo-6.1.56-82.125.amzn2023.aarch64
    python3-perf-6.1.56-82.125.amzn2023.aarch64
    kernel-libbpf-6.1.56-82.125.amzn2023.aarch64
    python3-perf-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-headers-6.1.56-82.125.amzn2023.aarch64
    kernel-6.1.56-82.125.amzn2023.aarch64
    kernel-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.56-82.125.amzn2023.aarch64
    kernel-devel-6.1.56-82.125.amzn2023.aarch64

src:
    kernel-6.1.56-82.125.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.56-82.125.amzn2023.x86_64
    python3-perf-6.1.56-82.125.amzn2023.x86_64
    kernel-libbpf-6.1.56-82.125.amzn2023.x86_64
    kernel-headers-6.1.56-82.125.amzn2023.x86_64
    kernel-livepatch-6.1.56-82.125-1.0-0.amzn2023.x86_64
    kernel-libbpf-devel-6.1.56-82.125.amzn2023.x86_64
    kernel-tools-devel-6.1.56-82.125.amzn2023.x86_64
    perf-debuginfo-6.1.56-82.125.amzn2023.x86_64
    kernel-libbpf-static-6.1.56-82.125.amzn2023.x86_64
    perf-6.1.56-82.125.amzn2023.x86_64
    bpftool-6.1.56-82.125.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.56-82.125.amzn2023.x86_64
    bpftool-debuginfo-6.1.56-82.125.amzn2023.x86_64
    kernel-modules-extra-6.1.56-82.125.amzn2023.x86_64
    kernel-tools-6.1.56-82.125.amzn2023.x86_64
    kernel-debuginfo-6.1.56-82.125.amzn2023.x86_64
    kernel-6.1.56-82.125.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.56-82.125.amzn2023.x86_64
    kernel-devel-6.1.56-82.125.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.56-82.125

CPE2.3 External links

https://alas.aws.amazon.com/AL2023/ALAS-2023-385.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Stack-based buffer overflow

EUVDB-ID: #VU91302

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52482

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to stack overflow within the VULNBL_AMD() function in arch/x86/kernel/cpu/common.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected packages:

aarch64:
    kernel-libbpf-static-6.1.56-82.125.amzn2023.aarch64
    kernel-tools-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-tools-6.1.56-82.125.amzn2023.aarch64
    bpftool-6.1.56-82.125.amzn2023.aarch64
    bpftool-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-modules-extra-6.1.56-82.125.amzn2023.aarch64
    kernel-livepatch-6.1.56-82.125-1.0-0.amzn2023.aarch64
    kernel-libbpf-devel-6.1.56-82.125.amzn2023.aarch64
    kernel-tools-devel-6.1.56-82.125.amzn2023.aarch64
    perf-6.1.56-82.125.amzn2023.aarch64
    perf-debuginfo-6.1.56-82.125.amzn2023.aarch64
    python3-perf-6.1.56-82.125.amzn2023.aarch64
    kernel-libbpf-6.1.56-82.125.amzn2023.aarch64
    python3-perf-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-headers-6.1.56-82.125.amzn2023.aarch64
    kernel-6.1.56-82.125.amzn2023.aarch64
    kernel-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.56-82.125.amzn2023.aarch64
    kernel-devel-6.1.56-82.125.amzn2023.aarch64

src:
    kernel-6.1.56-82.125.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.56-82.125.amzn2023.x86_64
    python3-perf-6.1.56-82.125.amzn2023.x86_64
    kernel-libbpf-6.1.56-82.125.amzn2023.x86_64
    kernel-headers-6.1.56-82.125.amzn2023.x86_64
    kernel-livepatch-6.1.56-82.125-1.0-0.amzn2023.x86_64
    kernel-libbpf-devel-6.1.56-82.125.amzn2023.x86_64
    kernel-tools-devel-6.1.56-82.125.amzn2023.x86_64
    perf-debuginfo-6.1.56-82.125.amzn2023.x86_64
    kernel-libbpf-static-6.1.56-82.125.amzn2023.x86_64
    perf-6.1.56-82.125.amzn2023.x86_64
    bpftool-6.1.56-82.125.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.56-82.125.amzn2023.x86_64
    bpftool-debuginfo-6.1.56-82.125.amzn2023.x86_64
    kernel-modules-extra-6.1.56-82.125.amzn2023.x86_64
    kernel-tools-6.1.56-82.125.amzn2023.x86_64
    kernel-debuginfo-6.1.56-82.125.amzn2023.x86_64
    kernel-6.1.56-82.125.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.56-82.125.amzn2023.x86_64
    kernel-devel-6.1.56-82.125.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.56-82.125

CPE2.3 External links

https://alas.aws.amazon.com/AL2023/ALAS-2023-385.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Information disclosure

EUVDB-ID: #VU93098

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52501

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output by the application. A local user can gain unauthorized access to sensitive information on the system.

Mitigation

Update the affected packages:

aarch64:
    kernel-libbpf-static-6.1.56-82.125.amzn2023.aarch64
    kernel-tools-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-tools-6.1.56-82.125.amzn2023.aarch64
    bpftool-6.1.56-82.125.amzn2023.aarch64
    bpftool-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-modules-extra-6.1.56-82.125.amzn2023.aarch64
    kernel-livepatch-6.1.56-82.125-1.0-0.amzn2023.aarch64
    kernel-libbpf-devel-6.1.56-82.125.amzn2023.aarch64
    kernel-tools-devel-6.1.56-82.125.amzn2023.aarch64
    perf-6.1.56-82.125.amzn2023.aarch64
    perf-debuginfo-6.1.56-82.125.amzn2023.aarch64
    python3-perf-6.1.56-82.125.amzn2023.aarch64
    kernel-libbpf-6.1.56-82.125.amzn2023.aarch64
    python3-perf-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-headers-6.1.56-82.125.amzn2023.aarch64
    kernel-6.1.56-82.125.amzn2023.aarch64
    kernel-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.56-82.125.amzn2023.aarch64
    kernel-devel-6.1.56-82.125.amzn2023.aarch64

src:
    kernel-6.1.56-82.125.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.56-82.125.amzn2023.x86_64
    python3-perf-6.1.56-82.125.amzn2023.x86_64
    kernel-libbpf-6.1.56-82.125.amzn2023.x86_64
    kernel-headers-6.1.56-82.125.amzn2023.x86_64
    kernel-livepatch-6.1.56-82.125-1.0-0.amzn2023.x86_64
    kernel-libbpf-devel-6.1.56-82.125.amzn2023.x86_64
    kernel-tools-devel-6.1.56-82.125.amzn2023.x86_64
    perf-debuginfo-6.1.56-82.125.amzn2023.x86_64
    kernel-libbpf-static-6.1.56-82.125.amzn2023.x86_64
    perf-6.1.56-82.125.amzn2023.x86_64
    bpftool-6.1.56-82.125.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.56-82.125.amzn2023.x86_64
    bpftool-debuginfo-6.1.56-82.125.amzn2023.x86_64
    kernel-modules-extra-6.1.56-82.125.amzn2023.x86_64
    kernel-tools-6.1.56-82.125.amzn2023.x86_64
    kernel-debuginfo-6.1.56-82.125.amzn2023.x86_64
    kernel-6.1.56-82.125.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.56-82.125.amzn2023.x86_64
    kernel-devel-6.1.56-82.125.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.56-82.125

CPE2.3 External links

https://alas.aws.amazon.com/AL2023/ALAS-2023-385.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Reachable assertion

EUVDB-ID: #VU90914

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52562

CWE-ID: CWE-617 - Reachable Assertion

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to reachable assertion within the slab_kmem_cache_release() and kmem_cache_destroy() functions in mm/slab_common.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected packages:

aarch64:
    kernel-libbpf-static-6.1.56-82.125.amzn2023.aarch64
    kernel-tools-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-tools-6.1.56-82.125.amzn2023.aarch64
    bpftool-6.1.56-82.125.amzn2023.aarch64
    bpftool-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-modules-extra-6.1.56-82.125.amzn2023.aarch64
    kernel-livepatch-6.1.56-82.125-1.0-0.amzn2023.aarch64
    kernel-libbpf-devel-6.1.56-82.125.amzn2023.aarch64
    kernel-tools-devel-6.1.56-82.125.amzn2023.aarch64
    perf-6.1.56-82.125.amzn2023.aarch64
    perf-debuginfo-6.1.56-82.125.amzn2023.aarch64
    python3-perf-6.1.56-82.125.amzn2023.aarch64
    kernel-libbpf-6.1.56-82.125.amzn2023.aarch64
    python3-perf-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-headers-6.1.56-82.125.amzn2023.aarch64
    kernel-6.1.56-82.125.amzn2023.aarch64
    kernel-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.56-82.125.amzn2023.aarch64
    kernel-devel-6.1.56-82.125.amzn2023.aarch64

src:
    kernel-6.1.56-82.125.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.56-82.125.amzn2023.x86_64
    python3-perf-6.1.56-82.125.amzn2023.x86_64
    kernel-libbpf-6.1.56-82.125.amzn2023.x86_64
    kernel-headers-6.1.56-82.125.amzn2023.x86_64
    kernel-livepatch-6.1.56-82.125-1.0-0.amzn2023.x86_64
    kernel-libbpf-devel-6.1.56-82.125.amzn2023.x86_64
    kernel-tools-devel-6.1.56-82.125.amzn2023.x86_64
    perf-debuginfo-6.1.56-82.125.amzn2023.x86_64
    kernel-libbpf-static-6.1.56-82.125.amzn2023.x86_64
    perf-6.1.56-82.125.amzn2023.x86_64
    bpftool-6.1.56-82.125.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.56-82.125.amzn2023.x86_64
    bpftool-debuginfo-6.1.56-82.125.amzn2023.x86_64
    kernel-modules-extra-6.1.56-82.125.amzn2023.x86_64
    kernel-tools-6.1.56-82.125.amzn2023.x86_64
    kernel-debuginfo-6.1.56-82.125.amzn2023.x86_64
    kernel-6.1.56-82.125.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.56-82.125.amzn2023.x86_64
    kernel-devel-6.1.56-82.125.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.56-82.125

CPE2.3 External links

https://alas.aws.amazon.com/AL2023/ALAS-2023-385.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) NULL pointer dereference

EUVDB-ID: #VU90636

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52567

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the serial8250_handle_irq() function in drivers/tty/serial/8250/8250_port.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected packages:

aarch64:
    kernel-libbpf-static-6.1.56-82.125.amzn2023.aarch64
    kernel-tools-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-tools-6.1.56-82.125.amzn2023.aarch64
    bpftool-6.1.56-82.125.amzn2023.aarch64
    bpftool-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-modules-extra-6.1.56-82.125.amzn2023.aarch64
    kernel-livepatch-6.1.56-82.125-1.0-0.amzn2023.aarch64
    kernel-libbpf-devel-6.1.56-82.125.amzn2023.aarch64
    kernel-tools-devel-6.1.56-82.125.amzn2023.aarch64
    perf-6.1.56-82.125.amzn2023.aarch64
    perf-debuginfo-6.1.56-82.125.amzn2023.aarch64
    python3-perf-6.1.56-82.125.amzn2023.aarch64
    kernel-libbpf-6.1.56-82.125.amzn2023.aarch64
    python3-perf-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-headers-6.1.56-82.125.amzn2023.aarch64
    kernel-6.1.56-82.125.amzn2023.aarch64
    kernel-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.56-82.125.amzn2023.aarch64
    kernel-devel-6.1.56-82.125.amzn2023.aarch64

src:
    kernel-6.1.56-82.125.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.56-82.125.amzn2023.x86_64
    python3-perf-6.1.56-82.125.amzn2023.x86_64
    kernel-libbpf-6.1.56-82.125.amzn2023.x86_64
    kernel-headers-6.1.56-82.125.amzn2023.x86_64
    kernel-livepatch-6.1.56-82.125-1.0-0.amzn2023.x86_64
    kernel-libbpf-devel-6.1.56-82.125.amzn2023.x86_64
    kernel-tools-devel-6.1.56-82.125.amzn2023.x86_64
    perf-debuginfo-6.1.56-82.125.amzn2023.x86_64
    kernel-libbpf-static-6.1.56-82.125.amzn2023.x86_64
    perf-6.1.56-82.125.amzn2023.x86_64
    bpftool-6.1.56-82.125.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.56-82.125.amzn2023.x86_64
    bpftool-debuginfo-6.1.56-82.125.amzn2023.x86_64
    kernel-modules-extra-6.1.56-82.125.amzn2023.x86_64
    kernel-tools-6.1.56-82.125.amzn2023.x86_64
    kernel-debuginfo-6.1.56-82.125.amzn2023.x86_64
    kernel-6.1.56-82.125.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.56-82.125.amzn2023.x86_64
    kernel-devel-6.1.56-82.125.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.56-82.125

CPE2.3 External links

https://alas.aws.amazon.com/AL2023/ALAS-2023-385.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Improper error handling

EUVDB-ID: #VU90958

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52569

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the btrfs_balance_delayed_items() and btrfs_insert_delayed_dir_index() functions in fs/btrfs/delayed-inode.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected packages:

aarch64:
    kernel-libbpf-static-6.1.56-82.125.amzn2023.aarch64
    kernel-tools-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-tools-6.1.56-82.125.amzn2023.aarch64
    bpftool-6.1.56-82.125.amzn2023.aarch64
    bpftool-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-modules-extra-6.1.56-82.125.amzn2023.aarch64
    kernel-livepatch-6.1.56-82.125-1.0-0.amzn2023.aarch64
    kernel-libbpf-devel-6.1.56-82.125.amzn2023.aarch64
    kernel-tools-devel-6.1.56-82.125.amzn2023.aarch64
    perf-6.1.56-82.125.amzn2023.aarch64
    perf-debuginfo-6.1.56-82.125.amzn2023.aarch64
    python3-perf-6.1.56-82.125.amzn2023.aarch64
    kernel-libbpf-6.1.56-82.125.amzn2023.aarch64
    python3-perf-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-headers-6.1.56-82.125.amzn2023.aarch64
    kernel-6.1.56-82.125.amzn2023.aarch64
    kernel-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.56-82.125.amzn2023.aarch64
    kernel-devel-6.1.56-82.125.amzn2023.aarch64

src:
    kernel-6.1.56-82.125.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.56-82.125.amzn2023.x86_64
    python3-perf-6.1.56-82.125.amzn2023.x86_64
    kernel-libbpf-6.1.56-82.125.amzn2023.x86_64
    kernel-headers-6.1.56-82.125.amzn2023.x86_64
    kernel-livepatch-6.1.56-82.125-1.0-0.amzn2023.x86_64
    kernel-libbpf-devel-6.1.56-82.125.amzn2023.x86_64
    kernel-tools-devel-6.1.56-82.125.amzn2023.x86_64
    perf-debuginfo-6.1.56-82.125.amzn2023.x86_64
    kernel-libbpf-static-6.1.56-82.125.amzn2023.x86_64
    perf-6.1.56-82.125.amzn2023.x86_64
    bpftool-6.1.56-82.125.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.56-82.125.amzn2023.x86_64
    bpftool-debuginfo-6.1.56-82.125.amzn2023.x86_64
    kernel-modules-extra-6.1.56-82.125.amzn2023.x86_64
    kernel-tools-6.1.56-82.125.amzn2023.x86_64
    kernel-debuginfo-6.1.56-82.125.amzn2023.x86_64
    kernel-6.1.56-82.125.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.56-82.125.amzn2023.x86_64
    kernel-devel-6.1.56-82.125.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.56-82.125

CPE2.3 External links

https://alas.aws.amazon.com/AL2023/ALAS-2023-385.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Use-after-free

EUVDB-ID: #VU90239

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52572

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the cifs_wake_up_task(), __release_mid(), wait_for_response(), cifs_sync_mid_result(), cifs_compound_callback(), compound_send_recv(), SendReceive() and SendReceiveBlockingLock() functions in fs/smb/client/transport.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.

Mitigation

Update the affected packages:

aarch64:
    kernel-libbpf-static-6.1.56-82.125.amzn2023.aarch64
    kernel-tools-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-tools-6.1.56-82.125.amzn2023.aarch64
    bpftool-6.1.56-82.125.amzn2023.aarch64
    bpftool-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-modules-extra-6.1.56-82.125.amzn2023.aarch64
    kernel-livepatch-6.1.56-82.125-1.0-0.amzn2023.aarch64
    kernel-libbpf-devel-6.1.56-82.125.amzn2023.aarch64
    kernel-tools-devel-6.1.56-82.125.amzn2023.aarch64
    perf-6.1.56-82.125.amzn2023.aarch64
    perf-debuginfo-6.1.56-82.125.amzn2023.aarch64
    python3-perf-6.1.56-82.125.amzn2023.aarch64
    kernel-libbpf-6.1.56-82.125.amzn2023.aarch64
    python3-perf-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-headers-6.1.56-82.125.amzn2023.aarch64
    kernel-6.1.56-82.125.amzn2023.aarch64
    kernel-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.56-82.125.amzn2023.aarch64
    kernel-devel-6.1.56-82.125.amzn2023.aarch64

src:
    kernel-6.1.56-82.125.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.56-82.125.amzn2023.x86_64
    python3-perf-6.1.56-82.125.amzn2023.x86_64
    kernel-libbpf-6.1.56-82.125.amzn2023.x86_64
    kernel-headers-6.1.56-82.125.amzn2023.x86_64
    kernel-livepatch-6.1.56-82.125-1.0-0.amzn2023.x86_64
    kernel-libbpf-devel-6.1.56-82.125.amzn2023.x86_64
    kernel-tools-devel-6.1.56-82.125.amzn2023.x86_64
    perf-debuginfo-6.1.56-82.125.amzn2023.x86_64
    kernel-libbpf-static-6.1.56-82.125.amzn2023.x86_64
    perf-6.1.56-82.125.amzn2023.x86_64
    bpftool-6.1.56-82.125.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.56-82.125.amzn2023.x86_64
    bpftool-debuginfo-6.1.56-82.125.amzn2023.x86_64
    kernel-modules-extra-6.1.56-82.125.amzn2023.x86_64
    kernel-tools-6.1.56-82.125.amzn2023.x86_64
    kernel-debuginfo-6.1.56-82.125.amzn2023.x86_64
    kernel-6.1.56-82.125.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.56-82.125.amzn2023.x86_64
    kernel-devel-6.1.56-82.125.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.56-82.125

CPE2.3 External links

https://alas.aws.amazon.com/AL2023/ALAS-2023-385.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) NULL pointer dereference

EUVDB-ID: #VU90842

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52573

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the rds_rdma_cm_event_handler_cmn() function in net/rds/rdma_transport.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected packages:

aarch64:
    kernel-libbpf-static-6.1.56-82.125.amzn2023.aarch64
    kernel-tools-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-tools-6.1.56-82.125.amzn2023.aarch64
    bpftool-6.1.56-82.125.amzn2023.aarch64
    bpftool-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-modules-extra-6.1.56-82.125.amzn2023.aarch64
    kernel-livepatch-6.1.56-82.125-1.0-0.amzn2023.aarch64
    kernel-libbpf-devel-6.1.56-82.125.amzn2023.aarch64
    kernel-tools-devel-6.1.56-82.125.amzn2023.aarch64
    perf-6.1.56-82.125.amzn2023.aarch64
    perf-debuginfo-6.1.56-82.125.amzn2023.aarch64
    python3-perf-6.1.56-82.125.amzn2023.aarch64
    kernel-libbpf-6.1.56-82.125.amzn2023.aarch64
    python3-perf-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-headers-6.1.56-82.125.amzn2023.aarch64
    kernel-6.1.56-82.125.amzn2023.aarch64
    kernel-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.56-82.125.amzn2023.aarch64
    kernel-devel-6.1.56-82.125.amzn2023.aarch64

src:
    kernel-6.1.56-82.125.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.56-82.125.amzn2023.x86_64
    python3-perf-6.1.56-82.125.amzn2023.x86_64
    kernel-libbpf-6.1.56-82.125.amzn2023.x86_64
    kernel-headers-6.1.56-82.125.amzn2023.x86_64
    kernel-livepatch-6.1.56-82.125-1.0-0.amzn2023.x86_64
    kernel-libbpf-devel-6.1.56-82.125.amzn2023.x86_64
    kernel-tools-devel-6.1.56-82.125.amzn2023.x86_64
    perf-debuginfo-6.1.56-82.125.amzn2023.x86_64
    kernel-libbpf-static-6.1.56-82.125.amzn2023.x86_64
    perf-6.1.56-82.125.amzn2023.x86_64
    bpftool-6.1.56-82.125.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.56-82.125.amzn2023.x86_64
    bpftool-debuginfo-6.1.56-82.125.amzn2023.x86_64
    kernel-modules-extra-6.1.56-82.125.amzn2023.x86_64
    kernel-tools-6.1.56-82.125.amzn2023.x86_64
    kernel-debuginfo-6.1.56-82.125.amzn2023.x86_64
    kernel-6.1.56-82.125.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.56-82.125.amzn2023.x86_64
    kernel-devel-6.1.56-82.125.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.56-82.125

CPE2.3 External links

https://alas.aws.amazon.com/AL2023/ALAS-2023-385.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) NULL pointer dereference

EUVDB-ID: #VU89390

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52574

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in drivers/net/team/team.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected packages:

aarch64:
    kernel-libbpf-static-6.1.56-82.125.amzn2023.aarch64
    kernel-tools-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-tools-6.1.56-82.125.amzn2023.aarch64
    bpftool-6.1.56-82.125.amzn2023.aarch64
    bpftool-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-modules-extra-6.1.56-82.125.amzn2023.aarch64
    kernel-livepatch-6.1.56-82.125-1.0-0.amzn2023.aarch64
    kernel-libbpf-devel-6.1.56-82.125.amzn2023.aarch64
    kernel-tools-devel-6.1.56-82.125.amzn2023.aarch64
    perf-6.1.56-82.125.amzn2023.aarch64
    perf-debuginfo-6.1.56-82.125.amzn2023.aarch64
    python3-perf-6.1.56-82.125.amzn2023.aarch64
    kernel-libbpf-6.1.56-82.125.amzn2023.aarch64
    python3-perf-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-headers-6.1.56-82.125.amzn2023.aarch64
    kernel-6.1.56-82.125.amzn2023.aarch64
    kernel-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.56-82.125.amzn2023.aarch64
    kernel-devel-6.1.56-82.125.amzn2023.aarch64

src:
    kernel-6.1.56-82.125.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.56-82.125.amzn2023.x86_64
    python3-perf-6.1.56-82.125.amzn2023.x86_64
    kernel-libbpf-6.1.56-82.125.amzn2023.x86_64
    kernel-headers-6.1.56-82.125.amzn2023.x86_64
    kernel-livepatch-6.1.56-82.125-1.0-0.amzn2023.x86_64
    kernel-libbpf-devel-6.1.56-82.125.amzn2023.x86_64
    kernel-tools-devel-6.1.56-82.125.amzn2023.x86_64
    perf-debuginfo-6.1.56-82.125.amzn2023.x86_64
    kernel-libbpf-static-6.1.56-82.125.amzn2023.x86_64
    perf-6.1.56-82.125.amzn2023.x86_64
    bpftool-6.1.56-82.125.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.56-82.125.amzn2023.x86_64
    bpftool-debuginfo-6.1.56-82.125.amzn2023.x86_64
    kernel-modules-extra-6.1.56-82.125.amzn2023.x86_64
    kernel-tools-6.1.56-82.125.amzn2023.x86_64
    kernel-debuginfo-6.1.56-82.125.amzn2023.x86_64
    kernel-6.1.56-82.125.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.56-82.125.amzn2023.x86_64
    kernel-devel-6.1.56-82.125.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.56-82.125

CPE2.3 External links

https://alas.aws.amazon.com/AL2023/ALAS-2023-385.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Use-after-free

EUVDB-ID: #VU91065

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52576

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the add_early_ima_buffer() function in arch/x86/kernel/setup.c. A local user can escalate privileges on the system.

Mitigation

Update the affected packages:

aarch64:
    kernel-libbpf-static-6.1.56-82.125.amzn2023.aarch64
    kernel-tools-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-tools-6.1.56-82.125.amzn2023.aarch64
    bpftool-6.1.56-82.125.amzn2023.aarch64
    bpftool-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-modules-extra-6.1.56-82.125.amzn2023.aarch64
    kernel-livepatch-6.1.56-82.125-1.0-0.amzn2023.aarch64
    kernel-libbpf-devel-6.1.56-82.125.amzn2023.aarch64
    kernel-tools-devel-6.1.56-82.125.amzn2023.aarch64
    perf-6.1.56-82.125.amzn2023.aarch64
    perf-debuginfo-6.1.56-82.125.amzn2023.aarch64
    python3-perf-6.1.56-82.125.amzn2023.aarch64
    kernel-libbpf-6.1.56-82.125.amzn2023.aarch64
    python3-perf-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-headers-6.1.56-82.125.amzn2023.aarch64
    kernel-6.1.56-82.125.amzn2023.aarch64
    kernel-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.56-82.125.amzn2023.aarch64
    kernel-devel-6.1.56-82.125.amzn2023.aarch64

src:
    kernel-6.1.56-82.125.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.56-82.125.amzn2023.x86_64
    python3-perf-6.1.56-82.125.amzn2023.x86_64
    kernel-libbpf-6.1.56-82.125.amzn2023.x86_64
    kernel-headers-6.1.56-82.125.amzn2023.x86_64
    kernel-livepatch-6.1.56-82.125-1.0-0.amzn2023.x86_64
    kernel-libbpf-devel-6.1.56-82.125.amzn2023.x86_64
    kernel-tools-devel-6.1.56-82.125.amzn2023.x86_64
    perf-debuginfo-6.1.56-82.125.amzn2023.x86_64
    kernel-libbpf-static-6.1.56-82.125.amzn2023.x86_64
    perf-6.1.56-82.125.amzn2023.x86_64
    bpftool-6.1.56-82.125.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.56-82.125.amzn2023.x86_64
    bpftool-debuginfo-6.1.56-82.125.amzn2023.x86_64
    kernel-modules-extra-6.1.56-82.125.amzn2023.x86_64
    kernel-tools-6.1.56-82.125.amzn2023.x86_64
    kernel-debuginfo-6.1.56-82.125.amzn2023.x86_64
    kernel-6.1.56-82.125.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.56-82.125.amzn2023.x86_64
    kernel-devel-6.1.56-82.125.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.56-82.125

CPE2.3 External links

https://alas.aws.amazon.com/AL2023/ALAS-2023-385.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Race condition

EUVDB-ID: #VU89384

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52578

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a data race within the br_handle_frame_finish() function in net/bridge/br_input.c. A local user can exploit the race and perform a denial of service (DoS) attack.

Mitigation

Update the affected packages:

aarch64:
    kernel-libbpf-static-6.1.56-82.125.amzn2023.aarch64
    kernel-tools-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-tools-6.1.56-82.125.amzn2023.aarch64
    bpftool-6.1.56-82.125.amzn2023.aarch64
    bpftool-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-modules-extra-6.1.56-82.125.amzn2023.aarch64
    kernel-livepatch-6.1.56-82.125-1.0-0.amzn2023.aarch64
    kernel-libbpf-devel-6.1.56-82.125.amzn2023.aarch64
    kernel-tools-devel-6.1.56-82.125.amzn2023.aarch64
    perf-6.1.56-82.125.amzn2023.aarch64
    perf-debuginfo-6.1.56-82.125.amzn2023.aarch64
    python3-perf-6.1.56-82.125.amzn2023.aarch64
    kernel-libbpf-6.1.56-82.125.amzn2023.aarch64
    python3-perf-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-headers-6.1.56-82.125.amzn2023.aarch64
    kernel-6.1.56-82.125.amzn2023.aarch64
    kernel-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.56-82.125.amzn2023.aarch64
    kernel-devel-6.1.56-82.125.amzn2023.aarch64

src:
    kernel-6.1.56-82.125.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.56-82.125.amzn2023.x86_64
    python3-perf-6.1.56-82.125.amzn2023.x86_64
    kernel-libbpf-6.1.56-82.125.amzn2023.x86_64
    kernel-headers-6.1.56-82.125.amzn2023.x86_64
    kernel-livepatch-6.1.56-82.125-1.0-0.amzn2023.x86_64
    kernel-libbpf-devel-6.1.56-82.125.amzn2023.x86_64
    kernel-tools-devel-6.1.56-82.125.amzn2023.x86_64
    perf-debuginfo-6.1.56-82.125.amzn2023.x86_64
    kernel-libbpf-static-6.1.56-82.125.amzn2023.x86_64
    perf-6.1.56-82.125.amzn2023.x86_64
    bpftool-6.1.56-82.125.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.56-82.125.amzn2023.x86_64
    bpftool-debuginfo-6.1.56-82.125.amzn2023.x86_64
    kernel-modules-extra-6.1.56-82.125.amzn2023.x86_64
    kernel-tools-6.1.56-82.125.amzn2023.x86_64
    kernel-debuginfo-6.1.56-82.125.amzn2023.x86_64
    kernel-6.1.56-82.125.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.56-82.125.amzn2023.x86_64
    kernel-devel-6.1.56-82.125.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.56-82.125

CPE2.3 External links

https://alas.aws.amazon.com/AL2023/ALAS-2023-385.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Reachable Assertion

EUVDB-ID: #VU89383

Risk: Medium

CVSSv4.0: 4.9 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-52580

CWE-ID: CWE-617 - Reachable Assertion

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a reachable assertion in net/core/flow_dissector.c. A remote attacker on the local network can send specially crafted PTP ethernet frames to the system and perform a denial of service (DoS) attack.

Mitigation

Update the affected packages:

aarch64:
    kernel-libbpf-static-6.1.56-82.125.amzn2023.aarch64
    kernel-tools-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-tools-6.1.56-82.125.amzn2023.aarch64
    bpftool-6.1.56-82.125.amzn2023.aarch64
    bpftool-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-modules-extra-6.1.56-82.125.amzn2023.aarch64
    kernel-livepatch-6.1.56-82.125-1.0-0.amzn2023.aarch64
    kernel-libbpf-devel-6.1.56-82.125.amzn2023.aarch64
    kernel-tools-devel-6.1.56-82.125.amzn2023.aarch64
    perf-6.1.56-82.125.amzn2023.aarch64
    perf-debuginfo-6.1.56-82.125.amzn2023.aarch64
    python3-perf-6.1.56-82.125.amzn2023.aarch64
    kernel-libbpf-6.1.56-82.125.amzn2023.aarch64
    python3-perf-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-headers-6.1.56-82.125.amzn2023.aarch64
    kernel-6.1.56-82.125.amzn2023.aarch64
    kernel-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.56-82.125.amzn2023.aarch64
    kernel-devel-6.1.56-82.125.amzn2023.aarch64

src:
    kernel-6.1.56-82.125.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.56-82.125.amzn2023.x86_64
    python3-perf-6.1.56-82.125.amzn2023.x86_64
    kernel-libbpf-6.1.56-82.125.amzn2023.x86_64
    kernel-headers-6.1.56-82.125.amzn2023.x86_64
    kernel-livepatch-6.1.56-82.125-1.0-0.amzn2023.x86_64
    kernel-libbpf-devel-6.1.56-82.125.amzn2023.x86_64
    kernel-tools-devel-6.1.56-82.125.amzn2023.x86_64
    perf-debuginfo-6.1.56-82.125.amzn2023.x86_64
    kernel-libbpf-static-6.1.56-82.125.amzn2023.x86_64
    perf-6.1.56-82.125.amzn2023.x86_64
    bpftool-6.1.56-82.125.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.56-82.125.amzn2023.x86_64
    bpftool-debuginfo-6.1.56-82.125.amzn2023.x86_64
    kernel-modules-extra-6.1.56-82.125.amzn2023.x86_64
    kernel-tools-6.1.56-82.125.amzn2023.x86_64
    kernel-debuginfo-6.1.56-82.125.amzn2023.x86_64
    kernel-6.1.56-82.125.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.56-82.125.amzn2023.x86_64
    kernel-devel-6.1.56-82.125.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.56-82.125

CPE2.3 External links

https://alas.aws.amazon.com/AL2023/ALAS-2023-385.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Resource management error

EUVDB-ID: #VU92992

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52582

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the netfs_rreq_unlock_folios() function in fs/netfs/buffered_read.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected packages:

aarch64:
    kernel-libbpf-static-6.1.56-82.125.amzn2023.aarch64
    kernel-tools-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-tools-6.1.56-82.125.amzn2023.aarch64
    bpftool-6.1.56-82.125.amzn2023.aarch64
    bpftool-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-modules-extra-6.1.56-82.125.amzn2023.aarch64
    kernel-livepatch-6.1.56-82.125-1.0-0.amzn2023.aarch64
    kernel-libbpf-devel-6.1.56-82.125.amzn2023.aarch64
    kernel-tools-devel-6.1.56-82.125.amzn2023.aarch64
    perf-6.1.56-82.125.amzn2023.aarch64
    perf-debuginfo-6.1.56-82.125.amzn2023.aarch64
    python3-perf-6.1.56-82.125.amzn2023.aarch64
    kernel-libbpf-6.1.56-82.125.amzn2023.aarch64
    python3-perf-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-headers-6.1.56-82.125.amzn2023.aarch64
    kernel-6.1.56-82.125.amzn2023.aarch64
    kernel-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.56-82.125.amzn2023.aarch64
    kernel-devel-6.1.56-82.125.amzn2023.aarch64

src:
    kernel-6.1.56-82.125.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.56-82.125.amzn2023.x86_64
    python3-perf-6.1.56-82.125.amzn2023.x86_64
    kernel-libbpf-6.1.56-82.125.amzn2023.x86_64
    kernel-headers-6.1.56-82.125.amzn2023.x86_64
    kernel-livepatch-6.1.56-82.125-1.0-0.amzn2023.x86_64
    kernel-libbpf-devel-6.1.56-82.125.amzn2023.x86_64
    kernel-tools-devel-6.1.56-82.125.amzn2023.x86_64
    perf-debuginfo-6.1.56-82.125.amzn2023.x86_64
    kernel-libbpf-static-6.1.56-82.125.amzn2023.x86_64
    perf-6.1.56-82.125.amzn2023.x86_64
    bpftool-6.1.56-82.125.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.56-82.125.amzn2023.x86_64
    bpftool-debuginfo-6.1.56-82.125.amzn2023.x86_64
    kernel-modules-extra-6.1.56-82.125.amzn2023.x86_64
    kernel-tools-6.1.56-82.125.amzn2023.x86_64
    kernel-debuginfo-6.1.56-82.125.amzn2023.x86_64
    kernel-6.1.56-82.125.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.56-82.125.amzn2023.x86_64
    kernel-devel-6.1.56-82.125.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.56-82.125

CPE2.3 External links

https://alas.aws.amazon.com/AL2023/ALAS-2023-385.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Use-after-free

EUVDB-ID: #VU81691

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-5345

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the smb3_fs_context_parse_param() function in fs/smb/client component. A remote attacker can execute arbitrary code with elevated privileges.

Mitigation

Update the affected packages:

aarch64:
    kernel-libbpf-static-6.1.56-82.125.amzn2023.aarch64
    kernel-tools-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-tools-6.1.56-82.125.amzn2023.aarch64
    bpftool-6.1.56-82.125.amzn2023.aarch64
    bpftool-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-modules-extra-6.1.56-82.125.amzn2023.aarch64
    kernel-livepatch-6.1.56-82.125-1.0-0.amzn2023.aarch64
    kernel-libbpf-devel-6.1.56-82.125.amzn2023.aarch64
    kernel-tools-devel-6.1.56-82.125.amzn2023.aarch64
    perf-6.1.56-82.125.amzn2023.aarch64
    perf-debuginfo-6.1.56-82.125.amzn2023.aarch64
    python3-perf-6.1.56-82.125.amzn2023.aarch64
    kernel-libbpf-6.1.56-82.125.amzn2023.aarch64
    python3-perf-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-headers-6.1.56-82.125.amzn2023.aarch64
    kernel-6.1.56-82.125.amzn2023.aarch64
    kernel-debuginfo-6.1.56-82.125.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.56-82.125.amzn2023.aarch64
    kernel-devel-6.1.56-82.125.amzn2023.aarch64

src:
    kernel-6.1.56-82.125.amzn2023.src

x86_64:
    python3-perf-debuginfo-6.1.56-82.125.amzn2023.x86_64
    python3-perf-6.1.56-82.125.amzn2023.x86_64
    kernel-libbpf-6.1.56-82.125.amzn2023.x86_64
    kernel-headers-6.1.56-82.125.amzn2023.x86_64
    kernel-livepatch-6.1.56-82.125-1.0-0.amzn2023.x86_64
    kernel-libbpf-devel-6.1.56-82.125.amzn2023.x86_64
    kernel-tools-devel-6.1.56-82.125.amzn2023.x86_64
    perf-debuginfo-6.1.56-82.125.amzn2023.x86_64
    kernel-libbpf-static-6.1.56-82.125.amzn2023.x86_64
    perf-6.1.56-82.125.amzn2023.x86_64
    bpftool-6.1.56-82.125.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.56-82.125.amzn2023.x86_64
    bpftool-debuginfo-6.1.56-82.125.amzn2023.x86_64
    kernel-modules-extra-6.1.56-82.125.amzn2023.x86_64
    kernel-tools-6.1.56-82.125.amzn2023.x86_64
    kernel-debuginfo-6.1.56-82.125.amzn2023.x86_64
    kernel-6.1.56-82.125.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.56-82.125.amzn2023.x86_64
    kernel-devel-6.1.56-82.125.amzn2023.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

kernel: before 6.1.56-82.125

CPE2.3 External links

https://alas.aws.amazon.com/AL2023/ALAS-2023-385.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###