Medium: libnl3

2017-08-3023:38:00

alas.aws.amazon.com

0.002 Low

EPSS

Percentile

58.4%

JSON

Issue Overview:

Integer overflow in nlmsg_reserve():
An integer overflow leading to a heap-buffer overflow was found in the libnl library. An attacker could use this flaw to cause an application compiled with libnl to crash or possibly execute arbitrary code in the context of the user running such an application. (CVE-2017-0553)

Affected Packages:

libnl3

Issue Correction:
Run yum update libnl3 to update your system.

New Packages:

i686:  
    libnl3-doc-3.2.28-4.6.amzn1.i686  
    libnl3-cli-3.2.28-4.6.amzn1.i686  
    libnl3-debuginfo-3.2.28-4.6.amzn1.i686  
    libnl3-devel-3.2.28-4.6.amzn1.i686  
    libnl3-3.2.28-4.6.amzn1.i686  
  
src:  
    libnl3-3.2.28-4.6.amzn1.src  
  
x86_64:  
    libnl3-debuginfo-3.2.28-4.6.amzn1.x86_64  
    libnl3-3.2.28-4.6.amzn1.x86_64  
    libnl3-cli-3.2.28-4.6.amzn1.x86_64  
    libnl3-doc-3.2.28-4.6.amzn1.x86_64  
    libnl3-devel-3.2.28-4.6.amzn1.x86_64

Additional References

Red Hat: CVE-2017-0553

Mitre: CVE-2017-0553

OSVersionArchitecturePackageVersionFilename
Amazon Linux1i686libnl3-doc< 3.2.28-4.6.amzn1libnl3-doc-3.2.28-4.6.amzn1.i686.rpm
Amazon Linux1i686libnl3-cli< 3.2.28-4.6.amzn1libnl3-cli-3.2.28-4.6.amzn1.i686.rpm
Amazon Linux1i686libnl3-debuginfo< 3.2.28-4.6.amzn1libnl3-debuginfo-3.2.28-4.6.amzn1.i686.rpm
Amazon Linux1i686libnl3-devel< 3.2.28-4.6.amzn1libnl3-devel-3.2.28-4.6.amzn1.i686.rpm
Amazon Linux1i686libnl3< 3.2.28-4.6.amzn1libnl3-3.2.28-4.6.amzn1.i686.rpm
Amazon Linux1x86_64libnl3-debuginfo< 3.2.28-4.6.amzn1libnl3-debuginfo-3.2.28-4.6.amzn1.x86_64.rpm
Amazon Linux1x86_64libnl3< 3.2.28-4.6.amzn1libnl3-3.2.28-4.6.amzn1.x86_64.rpm
Amazon Linux1x86_64libnl3-cli< 3.2.28-4.6.amzn1libnl3-cli-3.2.28-4.6.amzn1.x86_64.rpm
Amazon Linux1x86_64libnl3-doc< 3.2.28-4.6.amzn1libnl3-doc-3.2.28-4.6.amzn1.x86_64.rpm
Amazon Linux1x86_64libnl3-devel< 3.2.28-4.6.amzn1libnl3-devel-3.2.28-4.6.amzn1.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
Amazon Linux	1	i686	libnl3-doc	< 3.2.28-4.6.amzn1	libnl3-doc-3.2.28-4.6.amzn1.i686.rpm
Amazon Linux	1	i686	libnl3-cli	< 3.2.28-4.6.amzn1	libnl3-cli-3.2.28-4.6.amzn1.i686.rpm
Amazon Linux	1	i686	libnl3-debuginfo	< 3.2.28-4.6.amzn1	libnl3-debuginfo-3.2.28-4.6.amzn1.i686.rpm
Amazon Linux	1	i686	libnl3-devel	< 3.2.28-4.6.amzn1	libnl3-devel-3.2.28-4.6.amzn1.i686.rpm
Amazon Linux	1	i686	libnl3	< 3.2.28-4.6.amzn1	libnl3-3.2.28-4.6.amzn1.i686.rpm
Amazon Linux	1	x86_64	libnl3-debuginfo	< 3.2.28-4.6.amzn1	libnl3-debuginfo-3.2.28-4.6.amzn1.x86_64.rpm
Amazon Linux	1	x86_64	libnl3	< 3.2.28-4.6.amzn1	libnl3-3.2.28-4.6.amzn1.x86_64.rpm
Amazon Linux	1	x86_64	libnl3-cli	< 3.2.28-4.6.amzn1	libnl3-cli-3.2.28-4.6.amzn1.x86_64.rpm
Amazon Linux	1	x86_64	libnl3-doc	< 3.2.28-4.6.amzn1	libnl3-doc-3.2.28-4.6.amzn1.x86_64.rpm
Amazon Linux	1	x86_64	libnl3-devel	< 3.2.28-4.6.amzn1	libnl3-devel-3.2.28-4.6.amzn1.x86_64.rpm