Lucene search
This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.AL2023_ALAS2023-2023-461.NASLHistoryDec 15, 2023 - 12:00 a.m.
Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2023-461)
2023-12-1500:00:00
This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
11
amazon linux 2023
kernel
netfilter
privilege escalation
use-after-free
ipv4
igmp
rcu
race condition
denial of service
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.3 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
19.6%
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-461 advisory.
2024-06-19: CVE-2023-52860 was added to this advisory.
2024-06-19: CVE-2023-52796 was added to this advisory.
2024-06-19: CVE-2023-52803 was added to this advisory.
2024-06-19: CVE-2023-52784 was added to this advisory.
2024-06-19: CVE-2023-52778 was added to this advisory.
2024-02-01: CVE-2024-0584 was added to this advisory.
2024-02-01: CVE-2024-0607 was added to this advisory.
2024-01-03: CVE-2023-6932 was added to this advisory.
In the Linux kernel, the following vulnerability has been resolved:
mptcp: deal with large GSO size (CVE-2023-52778)
In the Linux kernel, the following vulnerability has been resolved:
bonding: stop the device in bond_setup_by_slave() (CVE-2023-52784)
In the Linux kernel, the following vulnerability has been resolved:
ipvlan: add ipvlan_route_v6_outbound() helper (CVE-2023-52796)
In the Linux kernel, the following vulnerability has been resolved:
SUNRPC: Fix RPC client cleaned up the freed pipefs dentries (CVE-2023-52803)
In the Linux kernel, the following vulnerability has been resolved:
drivers/perf: hisi: use cpuhp_state_remove_instance_nocalls() for hisi_hns3_pmu uninit process (CVE-2023-52860)
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.
The function nft_trans_gc_catchall did not remove the catchall set element from the catchall_list when the argument sync is true, making it possible to free a catchall set element many times.
We recommend upgrading past commit 93995bf4af2c5a99e2a87f0cd5ce547d31eb7630. (CVE-2023-6111)
A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to achieve local privilege escalation.
A race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object which is freed by another thread.
We recommend upgrading past commit e2b706c691905fe78468c361aaabc719d0a496f1. (CVE-2023-6932)
A use-after-free issue was found in igmp_start_timer in net/ipv4/igmp.c in the network sub-component in the Linux Kernel. This flaw allows a local user to observe a refcnt use-after-free issue when receiving an igmp query packet, leading to a kernel information leak. (CVE-2024-0584)
netfilter: nf_tables: fix pointer math issue in nft_byteorder_eval() (CVE-2024-0607)
Tenable has extracted the preceding description block directly from the tested product security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Amazon Linux 2023 Security Advisory ALAS2023-2023-461.
##
include('compat.inc');
if (description)
{
script_id(186974);
script_version("1.4");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/06/24");
script_cve_id(
"CVE-2023-52778",
"CVE-2023-52784",
"CVE-2023-52796",
"CVE-2023-52803",
"CVE-2023-52860",
"CVE-2023-6111",
"CVE-2023-6932",
"CVE-2024-0584",
"CVE-2024-0607"
);
script_name(english:"Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2023-461)");
script_set_attribute(attribute:"synopsis", value:
"The remote Amazon Linux 2023 host is missing a security update.");
script_set_attribute(attribute:"description", value:
"It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-461 advisory.
2024-06-19: CVE-2023-52860 was added to this advisory.
2024-06-19: CVE-2023-52796 was added to this advisory.
2024-06-19: CVE-2023-52803 was added to this advisory.
2024-06-19: CVE-2023-52784 was added to this advisory.
2024-06-19: CVE-2023-52778 was added to this advisory.
2024-02-01: CVE-2024-0584 was added to this advisory.
2024-02-01: CVE-2024-0607 was added to this advisory.
2024-01-03: CVE-2023-6932 was added to this advisory.
In the Linux kernel, the following vulnerability has been resolved:
mptcp: deal with large GSO size (CVE-2023-52778)
In the Linux kernel, the following vulnerability has been resolved:
bonding: stop the device in bond_setup_by_slave() (CVE-2023-52784)
In the Linux kernel, the following vulnerability has been resolved:
ipvlan: add ipvlan_route_v6_outbound() helper (CVE-2023-52796)
In the Linux kernel, the following vulnerability has been resolved:
SUNRPC: Fix RPC client cleaned up the freed pipefs dentries (CVE-2023-52803)
In the Linux kernel, the following vulnerability has been resolved:
drivers/perf: hisi: use cpuhp_state_remove_instance_nocalls() for hisi_hns3_pmu uninit process
(CVE-2023-52860)
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to
achieve local privilege escalation.
The function nft_trans_gc_catchall did not remove the catchall set element from the catchall_list when the
argument sync is true, making it possible to free a catchall set element many times.
We recommend upgrading past commit 93995bf4af2c5a99e2a87f0cd5ce547d31eb7630. (CVE-2023-6111)
A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to achieve
local privilege escalation.
A race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object
which is freed by another thread.
We recommend upgrading past commit e2b706c691905fe78468c361aaabc719d0a496f1. (CVE-2023-6932)
A use-after-free issue was found in igmp_start_timer in net/ipv4/igmp.c in the network sub-component in
the Linux Kernel. This flaw allows a local user to observe a refcnt use-after-free issue when receiving an
igmp query packet, leading to a kernel information leak. (CVE-2024-0584)
netfilter: nf_tables: fix pointer math issue in nft_byteorder_eval() (CVE-2024-0607)
Tenable has extracted the preceding description block directly from the tested product security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/AL2023/ALAS-2023-461.html");
script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/faqs.html");
script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/cve/html/CVE-2023-52778.html");
script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/cve/html/CVE-2023-52784.html");
script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/cve/html/CVE-2023-52796.html");
script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/cve/html/CVE-2023-52803.html");
script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/cve/html/CVE-2023-52860.html");
script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/cve/html/CVE-2023-6111.html");
script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/cve/html/CVE-2023-6932.html");
script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/cve/html/CVE-2024-0584.html");
script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/cve/html/CVE-2024-0607.html");
script_set_attribute(attribute:"solution", value:
"Run 'dnf update kernel --releasever 2023.3.20231211' to update your system.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-6111");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2023/11/14");
script_set_attribute(attribute:"patch_publication_date", value:"2023/12/13");
script_set_attribute(attribute:"plugin_publication_date", value:"2023/12/15");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:bpftool");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:bpftool-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-debuginfo-common-aarch64");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-headers");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-libbpf");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-libbpf-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-libbpf-static");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-livepatch-6.1.66-91.160");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-modules-extra");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-tools");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-tools-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-tools-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perf");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perf-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:python3-perf");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:python3-perf-debuginfo");
script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux:2023");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Amazon Linux Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl", "kpatch.nasl");
script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list");
exit(0);
}
include("rpm.inc");
include("hotfixes.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var alas_release = get_kb_item("Host/AmazonLinux/release");
if (isnull(alas_release) || !strlen(alas_release)) audit(AUDIT_OS_NOT, "Amazon Linux");
var os_ver = pregmatch(pattern: "^AL(A|\d+|-\d+)", string:alas_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux");
os_ver = os_ver[1];
if (os_ver != "-2023")
{
if (os_ver == 'A') os_ver = 'AMI';
audit(AUDIT_OS_NOT, "Amazon Linux 2023", "Amazon Linux " + os_ver);
}
if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
if (get_one_kb_item("Host/kpatch/kernel-cves"))
{
set_hotfix_type("kpatch");
var cve_list = make_list("CVE-2023-6111", "CVE-2023-6932", "CVE-2023-52778", "CVE-2023-52784", "CVE-2023-52796", "CVE-2023-52803", "CVE-2023-52860", "CVE-2024-0584", "CVE-2024-0607");
if (hotfix_cves_check(cve_list))
{
audit(AUDIT_PATCH_INSTALLED, "kpatch hotfix for ALAS2023-2023-461");
}
else
{
__rpm_report = hotfix_reporting_text();
}
}
var pkgs = [
{'reference':'bpftool-6.1.66-91.160.amzn2023', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'bpftool-6.1.66-91.160.amzn2023', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'bpftool-debuginfo-6.1.66-91.160.amzn2023', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'bpftool-debuginfo-6.1.66-91.160.amzn2023', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-6.1.66-91.160.amzn2023', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-6.1.66-91.160.amzn2023', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debuginfo-6.1.66-91.160.amzn2023', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debuginfo-6.1.66-91.160.amzn2023', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debuginfo-common-aarch64-6.1.66-91.160.amzn2023', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debuginfo-common-x86_64-6.1.66-91.160.amzn2023', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-devel-6.1.66-91.160.amzn2023', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-devel-6.1.66-91.160.amzn2023', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-headers-6.1.66-91.160.amzn2023', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-headers-6.1.66-91.160.amzn2023', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-libbpf-6.1.66-91.160.amzn2023', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-libbpf-6.1.66-91.160.amzn2023', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-libbpf-devel-6.1.66-91.160.amzn2023', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-libbpf-devel-6.1.66-91.160.amzn2023', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-libbpf-static-6.1.66-91.160.amzn2023', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-libbpf-static-6.1.66-91.160.amzn2023', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-livepatch-6.1.66-91.160-1.0-0.amzn2023', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-livepatch-6.1.66-91.160-1.0-0.amzn2023', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-modules-extra-6.1.66-91.160.amzn2023', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-modules-extra-6.1.66-91.160.amzn2023', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-tools-6.1.66-91.160.amzn2023', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-tools-6.1.66-91.160.amzn2023', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-tools-debuginfo-6.1.66-91.160.amzn2023', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-tools-debuginfo-6.1.66-91.160.amzn2023', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-tools-devel-6.1.66-91.160.amzn2023', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-tools-devel-6.1.66-91.160.amzn2023', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'perf-6.1.66-91.160.amzn2023', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'perf-6.1.66-91.160.amzn2023', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'perf-debuginfo-6.1.66-91.160.amzn2023', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'perf-debuginfo-6.1.66-91.160.amzn2023', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python3-perf-6.1.66-91.160.amzn2023', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python3-perf-6.1.66-91.160.amzn2023', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python3-perf-debuginfo-6.1.66-91.160.amzn2023', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python3-perf-debuginfo-6.1.66-91.160.amzn2023', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE}
];
var flag = 0;
foreach var package_array ( pkgs ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var el_string = NULL;
var rpm_spec_vers_cmp = NULL;
var epoch = NULL;
var allowmaj = NULL;
var exists_check = NULL;
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) _release = package_array['release'];
if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {
if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "bpftool / bpftool-debuginfo / kernel / etc");
}| Vendor | Product | Version | CPE |
|---|---|---|---|
| amazon | linux | kernel | p-cpe:/a:amazon:linux:kernel |
| amazon | linux | kernel-debuginfo | p-cpe:/a:amazon:linux:kernel-debuginfo |
| amazon | linux | kernel-debuginfo-common-x86_64 | p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64 |
| amazon | linux | kernel-devel | p-cpe:/a:amazon:linux:kernel-devel |
| amazon | linux | kernel-headers | p-cpe:/a:amazon:linux:kernel-headers |
| amazon | linux | kernel-tools | p-cpe:/a:amazon:linux:kernel-tools |
| amazon | linux | kernel-tools-debuginfo | p-cpe:/a:amazon:linux:kernel-tools-debuginfo |
| amazon | linux | kernel-tools-devel | p-cpe:/a:amazon:linux:kernel-tools-devel |
| amazon | linux | perf | p-cpe:/a:amazon:linux:perf |
| amazon | linux | perf-debuginfo | p-cpe:/a:amazon:linux:perf-debuginfo |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52778
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52784
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52796
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52803
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52860
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6111
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6932
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0584
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0607
alas.aws.amazon.com/AL2023/ALAS-2023-461.html
alas.aws.amazon.com/cve/html/CVE-2023-52778.html
alas.aws.amazon.com/cve/html/CVE-2023-52784.html
alas.aws.amazon.com/cve/html/CVE-2023-52796.html
alas.aws.amazon.com/cve/html/CVE-2023-52803.html
alas.aws.amazon.com/cve/html/CVE-2023-52860.html
alas.aws.amazon.com/cve/html/CVE-2023-6111.html
alas.aws.amazon.com/cve/html/CVE-2023-6932.html
alas.aws.amazon.com/cve/html/CVE-2024-0584.html
alas.aws.amazon.com/cve/html/CVE-2024-0607.html
alas.aws.amazon.com/faqs.html
Related
cve
cve
nessus
nessus
Amazon Linux 2 : kernel (ALASKERNEL-5.15-2024-033)
2024-01-09 00:00:00
Amazon Linux 2 : kernel (ALASKERNEL-5.10-2024-045)
2024-01-09 00:00:00
Amazon Linux 2 : kernel (ALASKERNEL-5.4-2024-057)
2024-01-09 00:00:00
ubuntucve
ubuntucve
nvd
nvd
prion
prion
Design/Logic Flaw
2024-01-16 14:15:00
Design/Logic Flaw
2024-01-18 16:15:00
Design/Logic Flaw
2023-11-14 14:15:00
debiancve
debiancve
cvelist
cvelist
CVE-2023-52803 SUNRPC: Fix RPC client cleaned up the freed pipefs dentries
2024-05-21 15:31:15
CVE-2023-52796 ipvlan: add ipvlan_route_v6_outbound() helper
2024-05-21 15:31:10
CVE-2023-52778 mptcp: deal with large GSO size
2024-05-21 15:30:58
redhatcve
redhatcve
vulnrichment
vulnrichment
CVE-2023-52803 SUNRPC: Fix RPC client cleaned up the freed pipefs dentries
2024-05-21 15:31:15
CVE-2023-52860 drivers/perf: hisi: use cpuhp_state_remove_instance_nocalls() for hisi_hns3_pmu uninit process
2024-05-21 15:31:53
CVE-2023-52796 ipvlan: add ipvlan_route_v6_outbound() helper
2024-05-21 15:31:10
cbl_mariner
cbl_mariner
CVE-2024-0584 affecting package kernel for versions less than 5.15.153.1-1
2024-04-09 20:48:36
CVE-2024-0607 affecting package kernel for versions less than 5.15.148.1-1
2024-02-25 03:00:06
CVE-2024-0607 affecting package kernel for versions less than 6.6.29.1-4
2024-06-21 09:32:44
fedora
fedora
[SECURITY] Fedora 38 Update: kernel-headers-6.6.3-100.fc38
2023-12-04 01:51:28
[SECURITY] Fedora 39 Update: kernel-headers-6.6.3-200.fc39
2023-12-04 01:37:59
[SECURITY] Fedora 38 Update: kernel-tools-6.6.3-100.fc38
2023-12-04 01:51:28
openvas
openvas
Ubuntu: Security Advisory (USN-6601-1)
2024-01-26 00:00:00
Fedora: Security Advisory for kernel-tools (FEDORA-2023-a7b89262c6)
2023-12-05 00:00:00
Fedora: Security Advisory for kernel-tools (FEDORA-2023-15deb2e32a)
2023-12-05 00:00:00
ubuntu
ubuntu
Linux kernel vulnerability
2024-01-25 00:00:00
Linux kernel (OEM) vulnerability
2024-01-10 00:00:00
Linux kernel (AWS) vulnerabilities
2024-01-25 00:00:00
osv
osv
linux-oem-6.1 vulnerability
2024-01-10 18:19:33
linux vulnerability
2024-01-25 19:32:56
linux-aws vulnerabilities
2024-01-25 20:24:48
amazon
amazon
Important: kernel
2024-01-03 21:04:00
Important: kernel
2024-01-03 22:37:00
photon
photon
Important Photon OS Security Update - PHSA-2024-3.0-0725
2024-02-13 00:00:00
Critical Photon OS Security Update - PHSA-2024-4.0-0556
2024-01-25 00:00:00
Critical Photon OS Security Update - PHSA-2024-5.0-0187
2024-01-09 00:00:00
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2024-04-08 00:00:00
Unbreakable Enterprise kernel-container security update
2024-04-08 00:00:00
Unbreakable Enterprise kernel-container security update
2024-04-08 00:00:00
ibm
ibm
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.3 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
19.6%
Related for AL2023_ALAS2023-2023-461.NASL