Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
amazonAmazonALAS-2015-523
HistoryMay 14, 2015 - 2:27 p.m.

Medium: kernel

2015-05-1414:27:00
alas.aws.amazon.com
17

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.003 Low

EPSS

Percentile

70.3%

JSON

Issue Overview:

A buffer overflow flaw was found in the way the Linux kernel’s Intel AES-NI instructions optimized version of the RFC4106 GCM mode decryption functionality handled fragmented packets. A remote attacker could use this flaw to crash, or potentially escalate their privileges on, a system over a connection with an active AEC-GCM mode IPSec security association. (CVE-2015-3331)

It was found that the Linux kernel’s ping socket implementation did not properly handle socket unhashing during spurious disconnects, which could lead to a use-after-free flaw. On x86-64 architecture systems, a local user able to create ping sockets could use this flaw to crash the system. On non-x86-64 architecture systems, a local user able to create ping sockets could use this flaw to escalate their privileges on the system. (CVE-2015-3636)

Affected Packages:

kernel

Issue Correction:
Run yum clean all followed by yum update kernel to update your system. You will need to reboot your system in order for the new kernel to be running.

New Packages:

i686:  
    kernel-3.14.42-31.38.amzn1.i686  
    perf-debuginfo-3.14.42-31.38.amzn1.i686  
    kernel-tools-devel-3.14.42-31.38.amzn1.i686  
    kernel-tools-debuginfo-3.14.42-31.38.amzn1.i686  
    kernel-tools-3.14.42-31.38.amzn1.i686  
    perf-3.14.42-31.38.amzn1.i686  
    kernel-debuginfo-3.14.42-31.38.amzn1.i686  
    kernel-debuginfo-common-i686-3.14.42-31.38.amzn1.i686  
    kernel-headers-3.14.42-31.38.amzn1.i686  
    kernel-devel-3.14.42-31.38.amzn1.i686  
  
noarch:  
    kernel-doc-3.14.42-31.38.amzn1.noarch  
  
src:  
    kernel-3.14.42-31.38.amzn1.src  
  
x86_64:  
    kernel-3.14.42-31.38.amzn1.x86_64  
    kernel-debuginfo-common-x86_64-3.14.42-31.38.amzn1.x86_64  
    kernel-debuginfo-3.14.42-31.38.amzn1.x86_64  
    perf-debuginfo-3.14.42-31.38.amzn1.x86_64  
    kernel-tools-debuginfo-3.14.42-31.38.amzn1.x86_64  
    kernel-devel-3.14.42-31.38.amzn1.x86_64  
    kernel-headers-3.14.42-31.38.amzn1.x86_64  
    kernel-tools-devel-3.14.42-31.38.amzn1.x86_64  
    kernel-tools-3.14.42-31.38.amzn1.x86_64  
    perf-3.14.42-31.38.amzn1.x86_64

Additional References

Red Hat: CVE-2015-3331, CVE-2015-3636

Mitre: CVE-2015-3331, CVE-2015-3636

OSVersionArchitecturePackageVersionFilename
Amazon Linux1i686kernel< 3.14.42-31.38.amzn1kernel-3.14.42-31.38.amzn1.i686.rpm
Amazon Linux1i686perf-debuginfo< 3.14.42-31.38.amzn1perf-debuginfo-3.14.42-31.38.amzn1.i686.rpm
Amazon Linux1i686kernel-tools-devel< 3.14.42-31.38.amzn1kernel-tools-devel-3.14.42-31.38.amzn1.i686.rpm
Amazon Linux1i686kernel-tools-debuginfo< 3.14.42-31.38.amzn1kernel-tools-debuginfo-3.14.42-31.38.amzn1.i686.rpm
Amazon Linux1i686kernel-tools< 3.14.42-31.38.amzn1kernel-tools-3.14.42-31.38.amzn1.i686.rpm
Amazon Linux1i686perf< 3.14.42-31.38.amzn1perf-3.14.42-31.38.amzn1.i686.rpm
Amazon Linux1i686kernel-debuginfo< 3.14.42-31.38.amzn1kernel-debuginfo-3.14.42-31.38.amzn1.i686.rpm
Amazon Linux1i686kernel-debuginfo-common-i686< 3.14.42-31.38.amzn1kernel-debuginfo-common-i686-3.14.42-31.38.amzn1.i686.rpm
Amazon Linux1i686kernel-headers< 3.14.42-31.38.amzn1kernel-headers-3.14.42-31.38.amzn1.i686.rpm
Amazon Linux1i686kernel-devel< 3.14.42-31.38.amzn1kernel-devel-3.14.42-31.38.amzn1.i686.rpm
Rows per page:
1-10 of 211

Related

nessus 57
openvas 47
redhat 11
ubuntu 12
f5 4
debiancve 3
veracode 2
securityvulns 6
prion 3
ubuntucve 3
cve 3
centos 4
thn 4
android 2
cloudfoundry 1
fedora 1
oraclelinux 10
talosblog 1
suse 8
ibm 4
debian 4
mageia 5
osv 2
securelist 1
androidsecurity 1
nessus
nessus
Amazon Linux AMI : kernel (ALAS-2015-523)
2015-05-18 00:00:00
RHEL 6 : MRG (RHSA-2015:0989)
2015-05-13 00:00:00
CentOS 7 : kernel (CESA-2015:0987)
2015-05-13 00:00:00
openvas
openvas
Amazon Linux: Security Advisory (ALAS-2015-523)
2015-09-08 00:00:00
Ubuntu: Security Advisory (USN-2632-1)
2015-06-11 00:00:00
Oracle: Security Advisory (ELSA-2015-0987)
2015-10-06 00:00:00
redhat
redhat
(RHSA-2015:0989) Important: kernel-rt security, bug fix, and enhancement update
2015-05-12 00:00:00
(RHSA-2015:0987) Important: kernel security and bug fix update
2015-05-12 00:00:00
(RHSA-2015:0981) Important: kernel-rt security, bug fix, and enhancement update
2015-05-12 20:50:51
ubuntu
ubuntu
Linux kernel (OMAP4) vulnerabilities
2015-06-10 00:00:00
Linux kernel vulnerabilities
2015-06-10 00:00:00
Linux kernel (Utopic HWE) vulnerabilities
2015-06-10 00:00:00
f5
f5
K16819 : Linux kernel vulnerability CVE-2015-3331
2015-06-30 00:00:00
SOL16819 - Linux kernel vulnerability CVE-2015-3331
2015-06-29 00:00:00
SOL17246 - Linux kernel vulnerability CVE-2015-3636
2015-09-08 00:00:00
debiancve
debiancve
CVE-2015-3331
2015-05-27 10:59:00
CVE-2015-3636
2015-08-06 01:59:00
CVE-2016-0821
2016-03-12 21:59:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:05:52
Privilege Escalation
2019-05-02 05:41:45
securityvulns
securityvulns
[USN-2631-1] Linux kernel vulnerabilities
2015-06-13 00:00:00
[USN-2634-1] Linux kernel vulnerabilities
2015-06-13 00:00:00
[SECURITY] [DSA 3290-1] linux security update
2015-06-21 00:00:00
prion
prion
Buffer overflow
2015-05-27 10:59:00
Code injection
2015-08-06 01:59:00
Design/Logic Flaw
2016-03-12 21:59:00
ubuntucve
ubuntucve
CVE-2015-3331
2015-04-21 00:00:00
CVE-2015-3636
2015-05-02 00:00:00
CVE-2016-0821
2016-03-12 00:00:00
cve
cve
CVE-2015-3331
2015-05-27 10:59:00
CVE-2015-3636
2015-08-06 01:59:00
CVE-2016-0821
2016-03-12 21:59:00
centos
centos
kernel, perf, python security update
2015-05-13 16:57:56
kernel, perf, python security update
2015-08-06 04:42:16
kernel, perf, python security update
2015-06-10 09:06:44
thn
thn
New Android Malware Secretly Records Phone Calls and Steals Private Data
2018-04-03 14:21:00
CopyCat Android Rooting Malware Infected 14 Million Devices
2017-07-06 05:17:00
This New Android Malware Can Gain Root Access to Your Smartphones
2021-10-29 13:48:00
android
android
PingPongRoot
2015-05-08 00:00:00
CVE-2015-3636
2015-09-01 00:00:00
cloudfoundry
cloudfoundry
CVE-2015-3636 - ipv4 use-after-free | Cloud Foundry
2015-06-12 00:00:00
fedora
fedora
[SECURITY] Fedora 22 Update: kernel-4.0.2-300.fc22
2015-05-11 19:03:23
oraclelinux
oraclelinux
kernel security and bug fix update
2015-05-12 00:00:00
Unbreakable Enterprise kernel security update
2015-07-16 00:00:00
Unbreakable Enterprise kernel security update
2015-07-15 00:00:00
talosblog
talosblog
Fake AV Investigation Unearths KevDroid, New Android Malware
2018-04-02 08:48:00
suse
suse
Live patch for the Linux Kernel (important)
2015-09-04 12:16:25
Live patch for the Linux Kernel (important)
2015-09-04 12:09:23
Live patch for the Linux Kernel (important)
2015-09-04 12:11:01
ibm
ibm
Security Bulletin: IBM Security Directory Suite is affected by multiple vulnerabilities (CVE-2016-10142, CVE-2015-3331, CVE-2014-2523)
2019-03-28 17:55:02
Security Bulletin: IBM Security Access Manager Appliance is affected by multiple kernel vulnerabilities
2018-08-24 04:07:21
Security Bulletin: IBM Security Identity Manager Virtual Appliance is affected by multiple vulnerabilities (CVE-2017-6464, CVE-2017-6463, CVE-2017-6462, CVE-2015-3331, CVE-2014-2523)
2019-03-26 21:35:01
debian
debian
[SECURITY] [DSA 3290-1] linux security update
2015-06-18 06:58:51
[SECURITY] [DSA 3290-1] linux security update
2015-06-18 06:58:51
[SECURITY] [DSA 3237-1] linux security update
2015-04-26 12:37:13
mageia
mageia
Updated kernel-linus packages fix security vulnerabilities
2015-05-13 20:18:54
Updated kernel packages fix security vulnerabilities
2015-05-11 23:10:38
Updated kernel-tmb packages fix security vulnerabilities
2015-05-13 18:54:07
osv
osv
linux - security update
2015-06-18 00:00:00
linux - security update
2015-04-26 00:00:00
securelist
securelist
Skygofree: Following in the footsteps of HackingTeam
2018-01-16 10:00:58
androidsecurity
androidsecurity
Nexus Security Bulletin - September 2015
2015-09-09 00:00:00

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.003 Low

EPSS

Percentile

70.3%

JSON
Related for ALAS-2015-523
nessus57openvas47redhat11ubuntu12f54debiancve3veracode2securityvulns6prion3ubuntucve3cve3centos4thn4android2cloudfoundry1fedora1oraclelinux10talosblog1suse8ibm4debian4mageia5osv2securelist1androidsecurity1