Amazon Linux AMI : ruby24 / ruby22,ruby23 (ALAS-2018-978)

Unsafe object deserialization through YAML formatted gem specifications : A vulnerability was found where the rubygems module was vulnerable to an unsafe YAML deserialization when inspecting a gem. Applications inspecting gem files without installing them can be tricked to execute arbitrary code ...

Critical: libvorbis

Issue Overview: Vorbis audio processing out of bounds write MFSA 2018-08: An out of bounds write flaw was found in the processing of vorbis audio data. A maliciously crafted file or audio stream could cause the application to crash or, potentially, execute arbitrary code. CVE-2018-5146 Affected...

Important: 389-ds-base

Issue Overview: Authentication bypass due to lack of size check in slapictmemcmp function in chmalloc.c: It was found that 389-ds-base did not always handle internal hash comparison operations correctly during the authentication process. A remote, unauthenticated attacker could potentially use th...

Amazon Linux AMI : kernel (ALAS-2018-971)

Out-of-bounds write via userland offsets in ebtentry struct in netfilter/ebtables.c : A flaw was found in the Linux kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory. CVE-2018-1068 C Tenable...

Important: kernel

Issue Overview: Out-of-bounds write via userland offsets in ebtentry struct in netfilter/ebtables.c: A flaw was found in the Linux kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory. CVE-2018-10...

Amazon Linux AMI : mysql55 / mysql56,mysql57 (ALAS-2018-969)

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Optimizer. Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols...

Amazon Linux AMI : mod_auth_mellon / mod24_auth_mellon (ALAS-2018-968)

Cross-site session transfer vulnerability : It was found that modauthmellon was vulnerable to a cross-site session transfer attack. An attacker with access to one website on a server could use the same session to get access to a different site running on the same server. CVE-2017-6807 C Tenable...

Amazon Linux AMI : tomcat-native (ALAS-2018-965)

Mishandling of client certificates can allow for OCSP check bypass : When parsing the AIA-Extension field of a client certificate, Apache Tomcat Native Connector 1.2.0 to 1.2.14 and 1.1.23 to 1.1.34 did not correctly handle fields longer than 127 bytes. The result of the parsing error was to skip...

Amazon Linux AMI : libvpx (ALAS-2018-967)

Denial of service DoS in vpx/src/vpximage.c file A vulnerability in the Android media framework libvpx related to odd frame width CVE-2017-13194 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Amazon Linux AMI Security Advisory...

Amazon Linux AMI : exim (ALAS-2018-970)

Buffer overflow in b64decode function, possibly leading to remote code execution : An issue was discovered in the base64d function in the SMTP listener in Exim before 4.90.1. By sending a handcrafted message, a buffer overflow may happen. This can be used to execute code remotely. CVE-2018-6789 C...

Amazon Linux AMI : clamav (ALAS-2018-958)

Heap-based buffer overflow in mspack/lzxd.c : mspack/lzxd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2, allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted CHM file.CVE-2017-6419 The...

Amazon Linux AMI : curl (ALAS-2018-951)

Out-of-bounds read in code handling HTTP/2 trailers : libcurl contains an out bounds read in code handling HTTP/2 trailers. It was reported https://github.com/curl/curl/pull/2231 that reading an HTTP/2 trailer could mess up future trailers since the stored size was one byte less than required. Th...

Amazon Linux AMI : tomcat8 (ALAS-2018-959)

Incorrect documentation of CGI Servlet search algorithm may lead to misconfiguration As part of the fix for bug 61201, the documentation for Apache Tomcat included an updated description of the search algorithm used by the CGI Servlet to identify which script to execute. The update was not correc...

Amazon Linux AMI : kernel (ALAS-2018-956) (Dirty COW) (Spectre)

Kernel address information leak in drivers/acpi/sbshc.c:acpismbushcadd function potentially allowing KASLR bypass The acpismbushcadd function in drivers/acpi/sbshc.c in the Linux kernel, through 4.14.15, allows local users to obtain sensitive address information by reading dmesg data from an SBS ...

Amazon Linux AMI : 389-ds-base (ALAS-2018-955)

Remote DoS via search filters in slapifiltersprintf in slapd/util.c A stack buffer overflow flaw was found in the way 389-ds-base handled certain LDAP search filters. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, th...

Amazon Linux AMI : quagga (ALAS-2018-957)

Infinite loop issue triggered by invalid OPEN message allows denial-of-service An infinite loop vulnerability was discovered in Quagga. A BGP peer could send specially crafted packets that would cause the daemon to enter an infinite loop, denying service and consuming CPU until it is...

Amazon Linux AMI : bind (ALAS-2018-954)

Improper fetch cleanup sequencing in the resolver can cause named to crash : A use-after-free flaw leading to denial of service was found in the way BIND internally handled cleanup operations on upstream recursion fetch contexts. A remote attacker could potentially use this flaw to make named,...

Medium: dhcp

Issue Overview: Omapi code doesn't free socket descriptors when empty message is received allowing denial-of-service It was found that the DHCP daemon did not properly clean up closed OMAPI connections in certain cases. A remote attacker able to connect to the OMAPI port could use this flaw to...

Important: 389-ds-base

Issue Overview: Remote DoS via search filters in slapifiltersprintf in slapd/util.c A stack buffer overflow flaw was found in the way 389-ds-base handled certain LDAP search filters. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted...

Important: linux-firmware

Issue Overview: Speculative execution branch target injection An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions a commonly used performance optimization. There are three primary variants of the issue which differ ...