Lucene search

K
amazonAmazonALAS-2022-1798
HistoryMay 31, 2022 - 11:50 p.m.

Important: kernel

2022-05-3123:50:00
alas.aws.amazon.com
13

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.6 High

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

43.1%

Issue Overview:

2024-02-01: CVE-2022-48619 was added to this advisory.

2023-08-31: CVE-2022-1516 was removed from this advisory.

2023-08-31: CVE-2023-4387 was added to this advisory.

2023-08-31: CVE-2023-4459 was added to this advisory.

A memory leak flaw was found in the Linux kernel’s DMA subsystem, in the way a user calls DMA_FROM_DEVICE. This flaw allows a local user to read random memory from the kernel space. (CVE-2022-0854)

perf: Fix sys_perf_event_open() race against self (CVE-2022-1729)

An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reserve_sfa_size() function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write access. This flaw allows a local user to crash or potentially escalate their privileges on the system. (CVE-2022-2639)

Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14 and later versions. (CVE-2022-29581)

The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag. (CVE-2022-30594)

An issue was discovered in drivers/input/input.c in the Linux kernel before 5.17.10. An attacker can cause a denial of service (panic) because input_set_capability mishandles the situation in which an event code falls outside of a bitmap. (CVE-2022-48619)

A use-after-free flaw was found in vmxnet3_rq_alloc_rx_buf in drivers/net/vmxnet3/vmxnet3_drv.c in VMware’s vmxnet3 ethernet NIC driver in the Linux Kernel. This issue could allow a local attacker to crash the system due to a double-free while cleaning up vmxnet3_rq_cleanup_all, which could also lead to a kernel information leak problem. (CVE-2023-4387)

A NULL pointer dereference flaw was found in vmxnet3_rq_cleanup in drivers/net/vmxnet3/vmxnet3_drv.c in the networking sub-component in vmxnet3 in the Linux Kernel. This issue may allow a local attacker with normal user privilege to cause a denial of service due to a missing sanity check during cleanup. (CVE-2023-4459)

Affected Packages:

kernel

Note:

This advisory is applicable to Amazon Linux 2 (AL2) Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories.

Issue Correction:
Run yum update kernel to update your system.

New Packages:

aarch64:  
    kernel-4.14.281-212.502.amzn2.aarch64  
    kernel-headers-4.14.281-212.502.amzn2.aarch64  
    kernel-debuginfo-common-aarch64-4.14.281-212.502.amzn2.aarch64  
    perf-4.14.281-212.502.amzn2.aarch64  
    perf-debuginfo-4.14.281-212.502.amzn2.aarch64  
    python-perf-4.14.281-212.502.amzn2.aarch64  
    python-perf-debuginfo-4.14.281-212.502.amzn2.aarch64  
    kernel-tools-4.14.281-212.502.amzn2.aarch64  
    kernel-tools-devel-4.14.281-212.502.amzn2.aarch64  
    kernel-tools-debuginfo-4.14.281-212.502.amzn2.aarch64  
    kernel-devel-4.14.281-212.502.amzn2.aarch64  
    kernel-debuginfo-4.14.281-212.502.amzn2.aarch64  
  
i686:  
    kernel-headers-4.14.281-212.502.amzn2.i686  
  
src:  
    kernel-4.14.281-212.502.amzn2.src  
  
x86_64:  
    kernel-4.14.281-212.502.amzn2.x86_64  
    kernel-headers-4.14.281-212.502.amzn2.x86_64  
    kernel-debuginfo-common-x86_64-4.14.281-212.502.amzn2.x86_64  
    perf-4.14.281-212.502.amzn2.x86_64  
    perf-debuginfo-4.14.281-212.502.amzn2.x86_64  
    python-perf-4.14.281-212.502.amzn2.x86_64  
    python-perf-debuginfo-4.14.281-212.502.amzn2.x86_64  
    kernel-tools-4.14.281-212.502.amzn2.x86_64  
    kernel-tools-devel-4.14.281-212.502.amzn2.x86_64  
    kernel-tools-debuginfo-4.14.281-212.502.amzn2.x86_64  
    kernel-devel-4.14.281-212.502.amzn2.x86_64  
    kernel-debuginfo-4.14.281-212.502.amzn2.x86_64  
    kernel-livepatch-4.14.281-212.502-1.0-0.amzn2.x86_64  

Additional References

Red Hat: CVE-2022-0854, CVE-2022-1729, CVE-2022-2639, CVE-2022-29581, CVE-2022-30594, CVE-2022-48619, CVE-2023-4387, CVE-2023-4459

Mitre: CVE-2022-0854, CVE-2022-1729, CVE-2022-2639, CVE-2022-29581, CVE-2022-30594, CVE-2022-48619, CVE-2023-4387, CVE-2023-4459

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.6 High

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

43.1%