Amazon Linux AMI : kernel (ALAS-2017-845) (Stack Clash)

An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be jmp'ed over, this affects Linux Kernel versions 4.11.5 and earlier the stackguard page was introduced in 2010. CVE-2017-1000364 The offset2lib patch as use...

Amazon Linux AMI : postgresql92 (ALAS-2017-838)

Selectivity estimators bypass SELECT privilege checks It was found that some selectivity estimation functions did not check user privileges before providing information from pgstatistic, possibly leaking information. An unprivileged attacker could use this flaw to steal some information from tabl...

Amazon Linux AMI : postgresql93 / postgresql94,postgresql95 (ALAS-2017-839)

Selectivity estimators bypass SELECT privilege checks It was found that some selectivity estimation functions did not check user privileges before providing information from pgstatistic, possibly leaking information. An unprivileged attacker could use this flaw to steal some information from tabl...

Amazon Linux AMI : sudo (ALAS-2017-843)

A flaw was found in the way sudo parsed tty information from the process status file in the proc filesystem. A local user with privileges to execute commands via sudo could use this flaw to escalate their privileges to root. CVE-2017-1000367 C Tenable Network Security, Inc. The descriptive text a...

Amazon Linux AMI : ghostscript (ALAS-2017-837)

It was found that ghostscript did not properly validate the parameters passed to the .rsdparams and .eqproc functions. During its execution, a specially crafted PostScript document could execute code in the context of the ghostscript process, bypassing the -dSAFER protection. CVE-2017-8291 C...

Amazon Linux AMI : libtirpc (ALAS-2017-840)

Memory leak when failing to parse XDR strings or bytearrays It was found that due to the way rpcbind uses libtirpc libntirpc, a memory leak can occur when parsing specially crafted XDR messages. An attacker sending thousands of messages to rpcbind could cause its memory usage to grow without boun...

Amazon Linux AMI : rpcbind (ALAS-2017-841)

It was found that due to the way rpcbind uses libtirpc libntirpc, a memory leak can occur when parsing specially crafted XDR messages. An attacker sending thousands of messages to rpcbind could cause its memory usage to grow without bound, eventually causing it to be terminated by the OOM killer...

Amazon Linux AMI : git (ALAS-2017-842)

Escape out of git-shell A flaw was found in the way git-shell handled command-line options for the restricted set of git-shell commands. A remote authenticated attacker could use this flaw to bypass git-shell restrictions, to view and manipulate files, by abusing the instance of the less command...

Amazon Linux AMI : kernel (ALAS-2017-832)

Unsafe second checksum calculation in udp.c : The Linux kernel allows remote attackers to execute arbitrary code via UDP traffic that triggers an unsafe second checksum calculation during execution of a recv system call with the MSGPEEK flag. This may create a kernel panic or memory corruption...

Amazon Linux AMI : bind (ALAS-2017-833)

A denial of service flaw was found in the way BIND handled DNSSEC validation. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. CVE-2017-3139 C Tenable Network Security, Inc. The descriptive text and package check...

Amazon Linux AMI : samba (ALAS-2017-834) (SambaCry)

A remote code execution flaw was found in Samba. A malicious authenticated samba client, having write access to the samba share, could use this flaw to execute arbitrary code as root. CVE-2017-7494 It was found that Samba always requested forwardable tickets when using Kerberos authentication. A...

Amazon Linux AMI : mysql56 (ALAS-2017-830)

Server: Security: Privileges unspecified vulnerability CPU Apr 2017 : Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Security: Privileges. Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily 'exploitable...

Amazon Linux AMI : collectd (ALAS-2017-829)

Infinite loop due to incorrect interaction of parsepacket and parsepartsignsha256 functions : Collectd contains an infinite loop due to how the parsepacket and parsepartsignsha256 functions interact. If an instance of collectd is configured with 'SecurityLevel None' and with empty 'AuthFile'...

Amazon Linux AMI : mysql55 (ALAS-2017-831)

Server: Security: Privileges unspecified vulnerability CPU Apr 2017 : Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Security: Privileges. Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily 'exploitable...

Amazon Linux AMI : kernel (ALAS-2017-828)

Infinite recursion in ahash.c by triggering EBUSY on a full queue : A vulnerability was found in crypto/ahash.c in the Linux kernel which allows attackers to cause a denial of service API operation calling its own callback, and infinite recursion by triggering EBUSY on a full queue.CVE-2017-7618...

Amazon Linux AMI : bind (ALAS-2017-826)

A denial of service flaw was found in the way BIND handled a query response containing CNAME or DNAME resource records in an unusual order. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. CVE-2017-3137 A denial ...

Amazon Linux AMI : nss / nss-util (ALAS-2017-825)

An out-of-bounds write flaw was found in the way NSS performed certain Base64-decoding operations. An attacker could use this flaw to create a specially crafted certificate which, when parsed by NSS, could cause it to crash or execute arbitrary code, using the permissions of the user running an...

Amazon Linux AMI : 389-ds-base (ALAS-2017-824)

Remote crash via crafted LDAP messages : An invalid pointer dereference flaw was found in the way 389-ds-base handled LDAP bind requests. A remote unauthenticated attacker could use this flaw to make ns-slapd crash via a specially crafted LDAP bind request, resulting in denial of service...

Amazon Linux AMI : util-linux (ALAS-2017-823)

Sending SIGKILL to other processes with root privileges via su : A race condition was found in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions.CVE-2017-2616 C Tenable...

Amazon Linux AMI : tomcat6 (ALAS-2017-821)

Incorrect handling of pipelined requests when send file was used : A bug in the handling of the pipelined requests in Apache Tomcat 9.0.0.M1 to 9.0.0.M18, 8.5.0 to 8.5.12, 8.0.0.RC1 to 8.0.42, 7.0.0 to 7.0.76, and 6.0.0 to 6.0.52, when send file was used, results in the pipelined request being lo...