Lucene search

K
amazon
AmazonALAS-2021-1480
HistoryFeb 16, 2021 - 12:13 a.m.

Important: kernel

2021-02-1600:13:00
alas.aws.amazon.com
35

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.003 Low

EPSS

Percentile

70.0%

Issue Overview:

A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel (before 5.10-rc1). There was a race problem in trace_open and resize of cpu buffer running parallely on different cpus, may cause a denial of service problem (DOS). This flaw could even allow a local attacker with special user privilege to a kernel information leak threat. (CVE-2020-27825)

A flaw was found in the Linux kernel’s implementation of the Linux SCSI target host, where an authenticated attacker could write to any block on the exported SCSI device backing store. This flaw allows an authenticated attacker to send LIO block requests to the Linux system to overwrite data on the backing store. The highest threat from this vulnerability is to integrity. In addition, this flaw affects the tcmu-runner package, where the affected SCSI command is called. (CVE-2020-28374)

DISPUTED fs/nfsd/nfs3xdr.c in the Linux kernel through 5.10.8, when there is an NFS export of a subdirectory of a filesystem, allows remote attackers to traverse to other parts of the filesystem via READDIRPLUS. NOTE: some parties argue that such a subdirectory export is not intended to prevent this attack; see also the exports(5) no_subtree_check default behavior. (CVE-2021-3178)

A flaw was found in the Linux kernel. A use-after-free memory flaw in the Fast Userspace Mutexes functionality allowing a local user to crash the system or escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2021-3347)

nbd_add_socket in drivers/block/nbd.c in the Linux kernel through 5.10.12 has an ndb_queue_rq use-after-free that could be triggered by local attackers (with access to the nbd device) via an I/O request at a certain point during device setup, aka CID-b98e762e3d71. (CVE-2021-3348)

Affected Packages:

kernel

Issue Correction:
Run yum update kernel to update your system.

New Packages:

i686:  
    kernel-4.14.219-119.340.amzn1.i686  
    kernel-tools-4.14.219-119.340.amzn1.i686  
    kernel-tools-devel-4.14.219-119.340.amzn1.i686  
    perf-4.14.219-119.340.amzn1.i686  
    perf-debuginfo-4.14.219-119.340.amzn1.i686  
    kernel-debuginfo-common-i686-4.14.219-119.340.amzn1.i686  
    kernel-headers-4.14.219-119.340.amzn1.i686  
    kernel-devel-4.14.219-119.340.amzn1.i686  
    kernel-debuginfo-4.14.219-119.340.amzn1.i686  
    kernel-tools-debuginfo-4.14.219-119.340.amzn1.i686  
  
src:  
    kernel-4.14.219-119.340.amzn1.src  
  
x86_64:  
    kernel-headers-4.14.219-119.340.amzn1.x86_64  
    kernel-4.14.219-119.340.amzn1.x86_64  
    kernel-debuginfo-common-x86_64-4.14.219-119.340.amzn1.x86_64  
    kernel-tools-devel-4.14.219-119.340.amzn1.x86_64  
    kernel-tools-4.14.219-119.340.amzn1.x86_64  
    perf-4.14.219-119.340.amzn1.x86_64  
    kernel-devel-4.14.219-119.340.amzn1.x86_64  
    kernel-tools-debuginfo-4.14.219-119.340.amzn1.x86_64  
    perf-debuginfo-4.14.219-119.340.amzn1.x86_64  
    kernel-debuginfo-4.14.219-119.340.amzn1.x86_64  

Additional References

Red Hat: CVE-2020-27825, CVE-2020-28374, CVE-2021-3178, CVE-2021-3347, CVE-2021-3348, CVE-2021-39648

Mitre: CVE-2020-27825, CVE-2020-28374, CVE-2021-3178, CVE-2021-3347, CVE-2021-3348, CVE-2021-39648

How to protect your server from attacks?

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.003 Low

EPSS

Percentile

70.0%

Related for ALAS-2021-1480