Lucene search

K
amazonAmazonALAS2-2021-1636
HistoryMay 20, 2021 - 3:51 p.m.

Medium: kernel

2021-05-2015:51:00
alas.aws.amazon.com
20

7 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

6.2 Medium

AI Score

Confidence

Low

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

31.6%

Issue Overview:

An issue was discovered in the Linux kernel related to mm/gup.c and mm/huge_memory.c. The get_user_pages (aka gup) implementation, when used for a copy-on-write page, does not properly consider the semantics of read operations and therefore can grant unintended write access. (CVE-2020-29374)

A use-after-free flaw was found in the Linux kernel’s SCTP socket functionality that triggers a race condition. This flaw allows a local user to escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. (CVE-2021-23133)

A vulnerability was discovered in retrieve_ptr_limit in kernel/bpf/verifier.c in the Linux kernel mechanism to mitigate speculatively out-of-bounds loads (Spectre mitigation). In this flaw a local,
special user privileged (CAP_SYS_ADMIN) BPF program running on affected systems may bypass the protection, and execute speculatively out-of-bounds loads from the kernel memory. This can be abused to extract contents of kernel memory via side-channel. (CVE-2021-29155)

A flaw was found in the Linux kernel’s eBPF verification code. By default, accessing the eBPF verifier is only accessible to privileged users with CAP_SYS_ADMIN. This flaw allows a local user who can insert eBPF instructions, to use the eBPF verifier to abuse a spectre-like flaw and infer all system memory. The highest threat from this vulnerability is to confidentiality. (CVE-2021-31829)

Affected Packages:

kernel

Note:

This advisory is applicable to Amazon Linux 2 (AL2) Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories.

Issue Correction:
Run yum update kernel to update your system.

New Packages:

aarch64:  
    kernel-4.14.232-176.381.amzn2.aarch64  
    kernel-headers-4.14.232-176.381.amzn2.aarch64  
    kernel-debuginfo-common-aarch64-4.14.232-176.381.amzn2.aarch64  
    perf-4.14.232-176.381.amzn2.aarch64  
    perf-debuginfo-4.14.232-176.381.amzn2.aarch64  
    python-perf-4.14.232-176.381.amzn2.aarch64  
    python-perf-debuginfo-4.14.232-176.381.amzn2.aarch64  
    kernel-tools-4.14.232-176.381.amzn2.aarch64  
    kernel-tools-devel-4.14.232-176.381.amzn2.aarch64  
    kernel-tools-debuginfo-4.14.232-176.381.amzn2.aarch64  
    kernel-devel-4.14.232-176.381.amzn2.aarch64  
    kernel-debuginfo-4.14.232-176.381.amzn2.aarch64  
  
i686:  
    kernel-headers-4.14.232-176.381.amzn2.i686  
  
src:  
    kernel-4.14.232-176.381.amzn2.src  
  
x86_64:  
    kernel-4.14.232-176.381.amzn2.x86_64  
    kernel-headers-4.14.232-176.381.amzn2.x86_64  
    kernel-debuginfo-common-x86_64-4.14.232-176.381.amzn2.x86_64  
    perf-4.14.232-176.381.amzn2.x86_64  
    perf-debuginfo-4.14.232-176.381.amzn2.x86_64  
    python-perf-4.14.232-176.381.amzn2.x86_64  
    python-perf-debuginfo-4.14.232-176.381.amzn2.x86_64  
    kernel-tools-4.14.232-176.381.amzn2.x86_64  
    kernel-tools-devel-4.14.232-176.381.amzn2.x86_64  
    kernel-tools-debuginfo-4.14.232-176.381.amzn2.x86_64  
    kernel-devel-4.14.232-176.381.amzn2.x86_64  
    kernel-debuginfo-4.14.232-176.381.amzn2.x86_64  
    kernel-livepatch-4.14.232-176.381-1.0-0.amzn2.x86_64  

Additional References

Red Hat: CVE-2020-29374, CVE-2021-23133, CVE-2021-29155, CVE-2021-31829

Mitre: CVE-2020-29374, CVE-2021-23133, CVE-2021-29155, CVE-2021-31829

7 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

6.2 Medium

AI Score

Confidence

Low

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

31.6%