Amazon Linux 2 : jasper (ALAS-2019-1150)

The JPCNOMINALGAIN function in jpc/jpct1cod.c in JasPer through 2.0.12 allows remote attackers to cause a denial of service JPCCOXRFT assertion failure via unspecified vectors.CVE-2016-9396 JasPer 2.0.12 is vulnerable to a NULL pointer exception in the function jp2encode which failed to check to...

Amazon Linux 2 : libmspack (ALAS-2019-1152)

An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the TOLOWER macro for CHM decompression.CVE-2018-14682 An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. It does not reject blank CHM filenames.CVE-2018-14680 An issue was...

Amazon Linux 2 : httpd (ALAS-2019-1155)

In Apache HTTP Server 2.4.17 to 2.4.34, by sending continuous, large SETTINGS frames a client can occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2 connections. A possible mitigation is to not enable the h2...

Medium: httpd

Issue Overview: In Apache HTTP Server 2.4.17 to 2.4.34, by sending continuous, large SETTINGS frames a client can occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2 connections. A possible mitigation is to not enable the h2...

Amazon Linux AMI : php56 / php70,php71,php72 (ALAS-2019-1147)

ext/imap/phpimap.c in PHP 5.x and 7.x before 7.3.0 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via an empty string in the message argument to the imapmail function.CVE-2018-19935 University of Washington IMAP Toolkit 2007f on UNIX, as used i...

Amazon Linux AMI : kernel (ALAS-2019-1145)

The USB subsystem mishandles size checks during the reading of an extra descriptor, related to usbgetextradescriptor in drivers/usb/core/usb.c.CVE-2018-20169 A flaw was found where an attacker may be able to have an uncontrolled read to kernel-memory from within a vm guest. A race condition betwe...

Amazon Linux AMI : clamav (ALAS-2019-1146)

An issue was discovered in kwajdreadheaders in mspack/kwajd.c in libmspack before 0.7alpha. Bad KWAJ file header extensions could cause a one or two byte overwrite.CVE-2018-14681 An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the TOLOWER mac...

Amazon Linux 2 : nss-pem (ALAS-2019-1139)

The nss-pem package provides the PEM file reader for Network Security Services NSS implemented as a PKCS11 module. This update contains fixes related to CURL security updates, specifically updating an object ID when reusing a certificate C Tenable Network Security, Inc. The descriptive text and...

Amazon Linux 2 : binutils (ALAS-2019-1138)

An integer wraparound has been discovered in the Binary File Descriptor BFD library distributed in GNU Binutils up to version 2.30. An attacker could cause a crash by providing an ELF file with corrupted DWARF debug information.CVE-2018-7568 The ignoresectionsym function in elf.c in the Binary Fi...

Amazon Linux 2 : glibc (ALAS-2019-1140)

In the GNU C Library aka glibc or libc6 through 2.28, attempting to resolve a crafted hostname via getaddrinfo leads to the allocation of a socket descriptor that is not closed. This is related to the ifnametoindex function.CVE-2018-19591 C Tenable Network Security, Inc. The descriptive text and...

Amazon Linux 2 : NetworkManager (ALAS-2019-1144)

It was discovered that systemd-network does not correctly keep track of a buffer size when constructing DHCPv6 packets. This flaw may lead to an integer underflow that can be used to produce an heap-based buffer overflow. A malicious host on the same network segment as the victim's one may...

Amazon Linux 2 : zziplib (ALAS-2019-1142)

An improper input validation was found in function zzipfetchdisktrailer of ZZIPlib, up to 0.13.68, that could lead to a crash in zzipparserootdirectory function of zzip/ip.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file.CVE-2018-7726 A...

Amazon Linux 2 : ruby (ALAS-2019-1143)

An issue was discovered in the OpenSSL library in Ruby. When two OpenSSL::X509::Name objects are compared using ==, depending on the ordering, non-equal objects may return true. When the first argument is one character longer than the second, or the second argument contains a character that is on...

Amazon Linux 2 : kernel (ALAS-2019-1145)

The USB subsystem mishandles size checks during the reading of an extra descriptor, related to usbgetextradescriptor in drivers/usb/core/usb.c.CVE-2018-20169 A flaw was found where an attacker may be able to have an uncontrolled read to kernel-memory from within a vm guest. A race condition betwe...

Amazon Linux 2 : systemd (ALAS-2019-1141)

Large syslogd messages sent to journald can cause stack corruption, causing journald to crash. The version of systemd on Amazon Linux 2 is not vulnerable to privilege escalation in this case. CVE-2018-16864 Large native messages to journald can cause stack corruption, leading to possible local...

Important: NetworkManager

Issue Overview: It was discovered that systemd-network does not correctly keep track of a buffer size when constructing DHCPv6 packets. This flaw may lead to an integer underflow that can be used to produce an heap-based buffer overflow. A malicious host on the same network segment as the victim'...

Medium: glibc

Issue Overview: In the GNU C Library aka glibc or libc6 through 2.28, attempting to resolve a crafted hostname via getaddrinfo leads to the allocation of a socket descriptor that is not closed. This is related to the ifnametoindex function.CVE-2018-19591 Affected Packages: glibc Note: This adviso...

Medium: nss-pem

Issue Overview: The nss-pem package provides the PEM file reader for Network Security Services NSS implemented as a PKCS11 module. This update contains fixes related to CURL security updates, specifically updating an object ID when reusing a certificate Affected Packages: nss-pem Note: This...

Medium: kernel

Issue Overview: The USB subsystem mishandles size checks during the reading of an extra descriptor, related to usbgetextradescriptor in drivers/usb/core/usb.c.CVE-2018-20169 A flaw was found where an attacker may be able to have an uncontrolled read to kernel-memory from within a vm guest. A race...

Low: zziplib

Issue Overview: An improper input validation was found in function zzipfetchdisktrailer of ZZIPlib, up to 0.13.68, that could lead to a crash in zzipparserootdirectory function of zzip/ip.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip...