Amazon Linux AMI : kernel (ALAS-2018-1048)

An issue was discovered in the XFS filesystem in fs/xfs/libxfs/xfsattrleaf.c in the Linux kernel. A NULL pointer dereference may occur for a corrupted xfs image after xfsdashrinkinode is called with a NULL bp. This can lead to a system crash and a denial of service.CVE-2018-13094 An issue was...

Amazon Linux 2 : kernel (ALAS-2018-1050)

Linux kernel versions 4.9+ can be forced to make very expensive calls to tcpcollapseofoqueue and tcppruneofoqueue for every incoming packet which can lead to a denial of service. An attacker can induce a denial of service condition by sending specially modified packets within ongoing TCP sessions...

Critical: kernel

Issue Overview: An issue was discovered in the XFS filesystem in fs/xfs/xfsicache.c in the Linux kernel. There is a NULL pointer dereference leading to a system panic in lookupslow on a NULL inode-iops pointer when doing pathwalks on a corrupted xfs image. This occurs because of a lack of proper...

Amazon Linux AMI : ant (ALAS-2018-1047)

It was discovered that Ant's unzip and untar targets permit the extraction of files outside the target directory. A crafted zip or tar file submitted to an Ant build could create or overwrite arbitrary files with the privileges of the user running Ant.CVE-2018-10886 C Tenable Network Security, In...

Amazon Linux AMI : kernel (ALAS-2018-1046)

The fs/ext4/inline.c:ext4readinlinedata function in the Linux kernel performs a memcpy with an untrusted length value in certain circumstances involving a crafted filesystem that stores the system.data extended attribute value in a dedicated inode. The unbound copy can cause memory corruption or...

Amazon Linux 2 : libvirt (ALAS-2018-1049) (Spectre)

An incomplete fix for CVE-2018-5748 that affects QEMU monitor leading to a resource exhaustion but now also triggered via QEMU guest agent.CVE-2018-1064 qemu/qemumonitor.c in libvirt allows attackers to cause a denial of service memory consumption via a large QEMU reply.CVE-2018-5748 An...

Amazon Linux 2 : kernel (ALAS-2018-1046)

The fs/ext4/inline.c:ext4readinlinedata function in the Linux kernel performs a memcpy with an untrusted length value in certain circumstances involving a crafted filesystem that stores the system.data extended attribute value in a dedicated inode. The unbound copy can cause memory corruption or...

Amazon Linux 2 : glibc (ALAS-2018-1048)

stdlib/canonicalize.c in the GNU C Library aka glibc or libc6 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code...

Amazon Linux 2 : kernel (ALAS-2018-1044)

A NULL pointer dereference issue was found in the Linux kernel. If the close and fchownat system calls share a socket file descriptor as an argument, then the two calls can race and trigger a NULL pointer dereference leading to a system crash and a denial of service.CVE-2018-12232 C Tenable Netwo...

Amazon Linux 2 : xmlrpc (ALAS-2018-1041)

A flaw was discovered in the Apache XML-RPC ws-xmlrpc library that deserializes untrusted data when enabledForExtensions setting is enabled. A remote attacker could use this vulnerability to execute arbitrary code via a crafted serialized Java object in a ex:serializable element.CVE-2016-5003 C...

Amazon Linux AMI : kernel (ALAS-2018-1044)

A NULL pointer dereference issue was found in the Linux kernel. If the close and fchownat system calls share a socket file descriptor as an argument, then the two calls can race and trigger a NULL pointer dereference leading to a system crash and a denial of service.CVE-2018-12232 C Tenable Netwo...

Amazon Linux AMI : gnupg / gnupg2 (ALAS-2018-1045)

A data validation flaw was found in the way gnupg processes file names during decryption and signature validation. An attacker may be able to inject messages into gnupg verbose message logging which may have the potential to bypass the integrity of signature authentication mechanisms and could ha...

Amazon Linux 2 : openssh (ALAS-2018-1042)

The processopen function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.CVE-2017-15906 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted fro...

Amazon Linux 2 : plexus-archiver (ALAS-2018-1043)

A path traversal vulnerability has been discovered in plexus-archiver when extracting a carefully crafted zip file which holds path traversal file names. A remote attacker could use this vulnerability to write files outside the target directory and overwrite existing files with malicious code or...

Amazon Linux 2 : 389-ds-base (ALAS-2018-1036)

It was found that 389-ds-base did not properly handle long search filters with characters needing escapes, possibly leading to buffer overflows. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial...

Amazon Linux 2 : libvirt (ALAS-2018-1033) (Spectre)

An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions a commonly used performance optimization. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the...

Amazon Linux 2 : curl (ALAS-2018-1029)

Curl version curl 7.54.1 to and including curl 7.59.0 contains a CWE-122: Heap-based Buffer Overflow vulnerability in denial of service and more that can result in curl might overflow a heap based memory buffer when closing down an FTP connection with very long server command...

Amazon Linux 2 : procps-ng (ALAS-2018-1031)

Multiple integer overflows leading to heap corruption flaws were discovered in file2strvec. These vulnerabilities can lead to privilege escalation for a local attacker who can create entries in procfs by starting processes, which will lead to crashes or arbitrary code execution in proc utilities...

Amazon Linux 2 : qemu-kvm (ALAS-2018-1034) (Spectre)

An out-of-bounds read access issue was found in the VGA display emulator built into the Quick emulator QEMU. It could occur while reading VGA memory to update graphics display. A privileged user/process inside guest could use this flaw to crash the QEMU process on the host resulting in denial of...

Amazon Linux AMI : kernel (ALAS-2018-1038) (Spectre)

An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions a commonly used performance optimization. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the...