AmazonALAS2-2018-1086Important: kernel
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.2 High
AI Score
Confidence
High
8.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:P/I:P/A:C
0.01 Low
EPSS
Percentile
83.7%
Issue Overview:
A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes of the stack. The attack requires the iSCSI target to be enabled on the victim host. Depending on how the target’s code was built (i.e. depending on a compiler, compile flags and hardware architecture) an attack may lead to a system crash and thus to a denial-of-service or possibly to a non-authorized access to data exported by an iSCSI target. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is highly unlikely.(CVE-2018-14633 )
An information leak was discovered in the Linux kernel in cdrom_ioctl_drive_status() function in drivers/cdrom/cdrom.c that could be used by local attackers to read kernel memory at certain location.(CVE-2018-16658 )
A security flaw was discovered in the Linux kernel. The vmacache_flush_all() function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations.(CVE-2018-17182 )
Affected Packages:
kernel
Note:
This advisory is applicable to Amazon Linux 2 (AL2) Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories.
Issue Correction:
Run yum update kernel and reboot your instance to update your system.
New Packages:
i686:
kernel-headers-4.14.72-73.55.amzn2.i686
src:
kernel-4.14.72-73.55.amzn2.src
x86_64:
kernel-4.14.72-73.55.amzn2.x86_64
kernel-headers-4.14.72-73.55.amzn2.x86_64
kernel-debuginfo-common-x86_64-4.14.72-73.55.amzn2.x86_64
perf-4.14.72-73.55.amzn2.x86_64
perf-debuginfo-4.14.72-73.55.amzn2.x86_64
python-perf-4.14.72-73.55.amzn2.x86_64
python-perf-debuginfo-4.14.72-73.55.amzn2.x86_64
kernel-tools-4.14.72-73.55.amzn2.x86_64
kernel-tools-devel-4.14.72-73.55.amzn2.x86_64
kernel-tools-debuginfo-4.14.72-73.55.amzn2.x86_64
kernel-devel-4.14.72-73.55.amzn2.x86_64
kernel-debuginfo-4.14.72-73.55.amzn2.x86_64
Additional References
Red Hat: CVE-2018-14633, CVE-2018-16658, CVE-2018-17182
Mitre: CVE-2018-14633, CVE-2018-16658, CVE-2018-17182
Related
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.2 High
AI Score
Confidence
High
8.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:P/I:P/A:C
0.01 Low
EPSS
Percentile
83.7%