Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2023-349)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-349 advisory. KVM: arm64: Prevent unconditional donation of unmapped regions from the hostNOTE: https://source.android.com/docs/security/bulletin/2023-08-01NOTE:...

A vulnerability was found due to missing lock for IOPOLL flaw in io_cqring_event_overflow() in io_uring.c in Linux Kernel. This flaw allows a local attacker with user privilege to trigger a Denial of Service threat.

...

The vulnerability of the io_cqring_event_overflow() function in the uring/msg_ring.c module of the Linux operating system allows a hacker to escalate their privileges or cause service failures.

The vulnerability of the iocqringeventoverflow function in the uring/msgring.c module of the Linux operating system’s kernel is related to improper resource locking. Exploiting this vulnerability can allow an attacker to gain elevated privileges or cause service interruptions...

UBUNTU-CVE-2023-2430

A vulnerability was found due to missing lock for IOPOLL flaw in iocqringeventoverflow in iouring.c in Linux Kernel. This flaw allows a local attacker with user privilege to trigger a Denial of Service threat...

SUSE CVE-2023-2430

A vulnerability was found due to missing lock for IOPOLL flaw in iocqringeventoverflow in iouring.c in Linux Kernel. This flaw allows a local attacker with user privilege to trigger a Denial of Service threat...