Important: kernel

Issue Overview:

A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel (before 5.10-rc1). There was a race problem in trace_open and resize of cpu buffer running parallely on different cpus, may cause a denial of service problem (DOS). This flaw could even allow a local attacker with special user privilege to a kernel information leak threat. (CVE-2020-27825)

A flaw was found in the Linux kernel’s implementation of the Linux SCSI target host, where an authenticated attacker could write to any block on the exported SCSI device backing store. This flaw allows an authenticated attacker to send LIO block requests to the Linux system to overwrite data on the backing store. The highest threat from this vulnerability is to integrity. In addition, this flaw affects the tcmu-runner package, where the affected SCSI command is called. (CVE-2020-28374)

DISPUTED fs/nfsd/nfs3xdr.c in the Linux kernel through 5.10.8, when there is an NFS export of a subdirectory of a filesystem, allows remote attackers to traverse to other parts of the filesystem via READDIRPLUS. NOTE: some parties argue that such a subdirectory export is not intended to prevent this attack; see also the exports(5) no_subtree_check default behavior. (CVE-2021-3178)

A flaw was found in the Linux kernel. A use-after-free memory flaw in the Fast Userspace Mutexes functionality allowing a local user to crash the system or escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2021-3347)

nbd_add_socket in drivers/block/nbd.c in the Linux kernel through 5.10.12 has an ndb_queue_rq use-after-free that could be triggered by local attackers (with access to the nbd device) via an I/O request at a certain point during device setup, aka CID-b98e762e3d71. (CVE-2021-3348)

Affected Packages:

kernel

Note:

This advisory is applicable to Amazon Linux 2 (AL2) Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories.

Issue Correction:
Run yum update kernel to update your system.

New Packages:

aarch64:  
    kernel-4.14.219-161.340.amzn2.aarch64  
    kernel-headers-4.14.219-161.340.amzn2.aarch64  
    kernel-debuginfo-common-aarch64-4.14.219-161.340.amzn2.aarch64  
    perf-4.14.219-161.340.amzn2.aarch64  
    perf-debuginfo-4.14.219-161.340.amzn2.aarch64  
    python-perf-4.14.219-161.340.amzn2.aarch64  
    python-perf-debuginfo-4.14.219-161.340.amzn2.aarch64  
    kernel-tools-4.14.219-161.340.amzn2.aarch64  
    kernel-tools-devel-4.14.219-161.340.amzn2.aarch64  
    kernel-tools-debuginfo-4.14.219-161.340.amzn2.aarch64  
    kernel-devel-4.14.219-161.340.amzn2.aarch64  
    kernel-debuginfo-4.14.219-161.340.amzn2.aarch64  
  
i686:  
    kernel-headers-4.14.219-161.340.amzn2.i686  
  
src:  
    kernel-4.14.219-161.340.amzn2.src  
  
x86_64:  
    kernel-4.14.219-161.340.amzn2.x86_64  
    kernel-headers-4.14.219-161.340.amzn2.x86_64  
    kernel-debuginfo-common-x86_64-4.14.219-161.340.amzn2.x86_64  
    perf-4.14.219-161.340.amzn2.x86_64  
    perf-debuginfo-4.14.219-161.340.amzn2.x86_64  
    python-perf-4.14.219-161.340.amzn2.x86_64  
    python-perf-debuginfo-4.14.219-161.340.amzn2.x86_64  
    kernel-tools-4.14.219-161.340.amzn2.x86_64  
    kernel-tools-devel-4.14.219-161.340.amzn2.x86_64  
    kernel-tools-debuginfo-4.14.219-161.340.amzn2.x86_64  
    kernel-devel-4.14.219-161.340.amzn2.x86_64  
    kernel-debuginfo-4.14.219-161.340.amzn2.x86_64  
    kernel-livepatch-4.14.219-161.340-1.0-0.amzn2.x86_64  

Additional References

Red Hat: CVE-2020-27825, CVE-2020-28374, CVE-2021-3178, CVE-2021-3347, CVE-2021-3348, CVE-2021-39648

Mitre: CVE-2020-27825, CVE-2020-28374, CVE-2021-3178, CVE-2021-3347, CVE-2021-3348, CVE-2021-39648