Amazon Linux AMI : gnupg2 (ALAS-2018-1025)

Unenforced configuration allows for apparently valid certifications actually signed by signing subkeys : GnuPG 2.2.4 and 2.2.5 does not enforce a configuration in which key certification requires an offline master Certify key, which results in apparently valid certifications that occurred only wi...

Amazon Linux AMI : mysql56 (ALAS-2018-1027)

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: InnoDB. Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

Amazon Linux 2 : ghostscript (ALAS-2018-1022)

The settextdistance function in devices/vector/gdevpdts.c in the pdfwrite component in Artifex Ghostscript through 9.22 does not prevent overflows in text-positioning calculation, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impac...

Amazon Linux AMI : kernel (ALAS-2018-1023)

A weakness was found in the Linux kernel's implementation of random seed data. Programs, early in the boot sequence, could use the data allocated for the seed before it was sufficiently generated. CVE-2018-1108 A flaw was found in the way the Linux kernel handled exceptions delivered after a stac...

Low: dhcp

Issue Overview: Command injection vulnerability in the DHCP client NetworkManager integration script A command injection flaw was found in the NetworkManager integration script included in the DHCP client packages in Amazon Linux 2. A malicious DHCP server, or an attacker on the local network abl...

Medium: nghttp2

Issue Overview: nghttp2 version = 1.10.0 and nghttp2 = 1.31.1. CVE-2018-1000168 Affected Packages: nghttp2 Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue Correction: Run yum updat...

Important: kernel

Issue Overview: A weakness was found in the Linux kernel's implementation of random seed data. Programs, early in the boot sequence, could use the data allocated for the seed before it was sufficiently generated. CVE-2018-1108 A flaw was found in the way the Linux kernel handled exceptions...

Critical: dhcp

Issue Overview: Command injection vulnerability in the DHCP client NetworkManager integration script: A command injection flaw was found in the NetworkManager integration script included in the DHCP client packages in Amazon Linux 2. A malicious DHCP server, or an attacker on the local network ab...

Amazon Linux 2 : java-1.7.0-openjdk (ALAS-2018-1007)

Unbounded memory allocation during deserialization in NamedNodeMapImpl JAXP, 8189993 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JAXP. Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit:...

Amazon Linux 2 : patch (ALAS-2018-1008)

Malicious patch files cause ed to execute arbitrary commands GNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, specifically the EDITORPROGRAM invocation using ed can result in code execution. This attack appear to be exploitable via a patch file...

Amazon Linux 2 : libvncserver (ALAS-2018-1012)

Improper input sanitization in rfbProcessClientNormalMessage in rfbserver.c An issue was discovered in LibVNCServer through 0.9.11. rfbProcessClientNormalMessage in rfbserver.c does not sanitize msg.cct.length, leading to access to uninitialized and potentially sensitive data or possibly...

Amazon Linux AMI : glibc (ALAS-2018-1017)

Fragmentation attacks possible when EDNS0 is enabled The DNS stub resolver in the GNU C Library aka glibc or libc6 before version 2.26, when EDNS support is enabled, will solicit large UDP responses from name servers, potentially simplifying off-path DNS spoofing attacks due to IP...

Amazon Linux AMI : php56 / php70,php71 (ALAS-2018-1019)

NULL pointer dereference due to mishandling of ldapgetdn return value allows denial-of-service by malicious LDAP server or man-in-the-middle attacker An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. ext/ldap/ldap.c allows remote LDAP...

Amazon Linux 2 : golang (ALAS-2018-1011)

Arbitrary code execution during go get or go get -d Go before 1.8.4 and 1.9.x before 1.9.1 allows 'go get' remote command execution. Using custom domains, it is possible to arrange things so that example.com/pkg1 points to a Subversion repository but example.com/pkg1/pkg2 points to a Git...

Amazon Linux AMI : java-1.7.0-openjdk (ALAS-2018-1007)

Unbounded memory allocation during deserialization in NamedNodeMapImpl JAXP, 8189993 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JAXP. Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit:...

Amazon Linux AMI : openssh (ALAS-2018-1018)

Improper write operations in readonly mode allow for zero-length file creation The processopen function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.CVE-2017-15906 C Tenable Network Security,...

Amazon Linux 2 : krb5 (ALAS-2018-1010)

Authentication bypass by improper validation of certificate EKU and SAN An authentication bypass flaw was found in the way krb5's certauth interface handled the validation of client certificates. A remote attacker able to communicate with the KDC could potentially use this flaw to impersonate...

Amazon Linux 2 : corosync (ALAS-2018-1014)

Integer overflow in exec/totemcrypto.c:authenticatenss23 function An integer overflow leading to an out-of-bound read was found in authenticatenss23 in Corosync. An attacker could craft a malicious packet that would lead to a denial of service.CVE-2018-1084 C Tenable Network Security, Inc. The...

Amazon Linux 2 : zsh (ALAS-2018-1013)

1553531 : Stack-based buffer overflow in exec.c:hashcmd zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the exec.c:hashcmd function. A local attacker could exploit this to cause a denial of service.CVE-2018-1071 Stack-based buffer overflow in genmatchesfiles at compctl...

Amazon Linux 2 : libvpx (ALAS-2018-1015)

Denial of service DoS in vpx/src/vpximage.c file A vulnerability in the Android media framework libvpx related to odd frame width.CVE-2017-13194 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Amazon Linux 2 Security Advisory...