Amazon Linux 2 : curl (ALAS-2018-995)

FTP path trickery leads to NIL byte out of bounds write : It was found that libcurl did not safely parse FTP URLs when using the CURLOPTFTPFILEMETHOD method. An attacker, able to provide a specially crafted FTP URL to an application using libcurl, could write a NULL byte at an arbitrary location,...

Amazon Linux AMI : stunnel / amazon-efs-utils (ALAS-2018-996)

This update adds the checkHost option to stunnel, which verifies the host of the peer certificate subject. Certificates are accepted if no checkHost option was specified, or the host name of the peer certificate matches any of the hosts specified with checkHost. This update adds the OCSPaia optio...

Important: slf4j

Issue Overview: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution: An XML deserialization vulnerability was discovered in slf4j's EventData which accepts anXML serialized string and can lead to arbitrary code execution. CVE-2018-8088 Affected Packages:...

Medium: curl

Issue Overview: FTP path trickery leads to NIL byte out of bounds write: It was found that libcurl did not safely parse FTP URLs when using the CURLOPTFTPFILEMETHOD method. An attacker, able to provide a specially crafted FTP URL to an application using libcurl, could write a NULL byte at an...

Amazon Linux 2 : mod_wsgi (ALAS-2018-987)

Failure to handle errors when attempting to drop group privileges : modwsgi before 4.2.4 for Apache, when creating a daemon process group, does not properly handle when group privileges cannot be dropped, which might allow attackers to gain privileges via unspecified vectors. CVE-2014-8583 C...

Amazon Linux 2 : linux-firmware (ALAS-2018-962) (Spectre)

Speculative execution branch target injection An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions a commonly used performance optimization. There are three primary variants of the issue which differ in the way the...

Amazon Linux 2 : nautilus (ALAS-2018-960)

Insufficient validation of trust of .desktop files with execute permission An untrusted .desktop file with executable permission set could choose its displayed name and icon, and execute commands without warning when opened by the user. An attacker could use this flaw to trick a user into opening...

Amazon Linux 2 : 389-ds-base (ALAS-2018-980)

Authentication bypass due to lack of size check in slapictmemcmp function in chmalloc.c : It was found that 389-ds-base did not always handle internal hash comparison operations correctly during the authentication process. A remote, unauthenticated attacker could potentially use this flaw to bypa...

Amazon Linux 2 : libvorbis (ALAS-2018-981)

Vorbis audio processing out of bounds write MFSA 2018-08 : An out of bounds write flaw was found in the processing of vorbis audio data. A maliciously crafted file or audio stream could cause the application to crash or, potentially, execute arbitrary code. CVE-2018-5146 C Tenable Network Securit...

Amazon Linux 2 : bind (ALAS-2018-954)

Improper fetch cleanup sequencing in the resolver can cause named to crash A use-after-free flaw leading to denial of service was found in the way BIND internally handled cleanup operations on upstream recursion fetch contexts. A remote attacker could potentially use this flaw to make named, acti...

Amazon Linux 2 : kernel (ALAS-2018-971)

Out-of-bounds write via userland offsets in ebtentry struct in netfilter/ebtables.c : A flaw was found in the Linux kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory. CVE-2018-1068 C Tenable...

Amazon Linux 2 : 389-ds-base (ALAS-2018-955)

Remote DoS via search filters in slapifiltersprintf in slapd/util.c A stack buffer overflow flaw was found in the way 389-ds-base handled certain LDAP search filters. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, th...

Amazon Linux 2 : glibc (ALAS-2018-992)

Integer overflow in malloc functions : The malloc implementation in the GNU C Library aka glibc or libc6, from version 2.24 to 2.26 on powerpc, and only in version 2.26 on i386, did not properly handle malloc calls with arguments close to SIZEMAX and could return a pointer to a heap region that i...

Amazon Linux 2 : dhcp (ALAS-2018-984)

Buffer overflow in dhclient possibly allowing code execution triggered by malicious server An out-of-bound memory access flaw was found in the way dhclient processed a DHCP response packet. A malicious DHCP server could potentially use this flaw to crash dhclient processes running on DHCP client...

Amazon Linux 2 : mailman (ALAS-2018-985)

Cross-site scripting XSS vulnerability in web UI A cross-site scripting XSS flaw was found in mailman. An attacker, able to trick the user into visiting a specific URL, can execute arbitrary web scripts on the user's side and force the victim to perform unintended actions. CVE-2018-5950 C Tenable...

Amazon Linux 2 : memcached (ALAS-2018-964)

It was discovered that the memcached daemon listened on UDP port 11211 by default. An attacker could use memcached for UDP amplification denial-of-service attacks. The UDP port has been disabled by default, but can still be enabled. It was discovered that the memcached connections using UDP...

Amazon Linux 2 : systemd (ALAS-2018-961)

Access to automounted volumes can lock up A race condition was found in systemd. This could result in automount requests not being serviced and processes using them could hang, causing denial of service.CVE-2018-1049 C Tenable Network Security, Inc. The descriptive text and package checks in this...

Amazon Linux 2 : kernel (ALAS-2018-939) (Meltdown) (Spectre)

An updated kernel release for Amazon Linux has been made available which prevents speculative execution of indirect branches within the kernel. This release incorporates latest stable open source Linux security improvements to address CVE-2017-5715 within the kernel and builds upon previously...

Amazon Linux 2 : qemu-kvm (ALAS-2018-942) (Spectre)

An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions a commonly used performance optimization. There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant...

Amazon Linux 2 : microcode_ctl (ALAS-2018-953) (Spectre)

An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions a commonly used performance optimization. There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant...