Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: ima: Fix use-after-free on a dentry's dname.name CVE-2024-39494 Affected Packages: kernel Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between...

Important: tomcat8

Issue Overview: Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to keep WebSocket connections open leading to increased resource consumption.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through...

Medium: ghostscript

Issue Overview: An issue was discovered in Artifex Ghostscript through 10.01.0. psi/zmisc1.c, when SAFER mode is used, allows eexec seeds other than the Type 1 standard. CVE-2023-52722 Affected Packages: ghostscript Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit th...

Important: unbound

Issue Overview: An issue was discovered in some DNS recursive resolvers that allows remote attackers to cause a denial of service using a maliciously designed authority and response amplification. CVE-2024-33655 Affected Packages: unbound Note: This advisory is applicable to Amazon Linux 2 AL2 Co...

Medium: jose

Issue Overview: latchset jose through version 11 allows attackers to cause a denial of service CPU consumption via a large p2c aka PBES2 Count value. CVE-2023-50967 Affected Packages: jose Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the...

Medium: flatpak

Issue Overview: Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.12.3 and 1.10.6, Flatpak doesn't properly validate that the permissions displayed to the user for an app at install time match the actual permissions granted to the app at runtime, in the cas...

Medium: libXpm

Issue Overview: libXpm: out of bounds read in XpmCreateXpmImageFromBuffer NOTE: https://www.openwall.com/lists/oss-security/2023/10/03/1 NOTE: Fixed by: https://gitlab.freedesktop.org/xorg/lib/libxpm/-/commit/2fa554b01ef6079a9b35df9332bdc4f139ed67e0 CVE-2023-43788 Affected Packages: libXpm Issue...

Important: php56

Issue Overview: In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high resource consumption and excessive number of log entries. This can cause denial of service on the affected server by exhausting CPU resources or dis...

Medium: ImageMagick

Issue Overview: A vulnerability was found in ImageMagick. This issue occurs as an undefined behavior, casting double to sizet in svg, mvg and other coders. CVE-2023-34151 Affected Packages: ImageMagick Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section...

Medium: ImageMagick

Issue Overview: A memory leak in ImageMagick 7.0.10-45 and 6.9.11-22 allows remote attackers to perform a denial of service via the "identify -help" command. CVE-2022-48541 Affected Packages: ImageMagick Issue Correction: Run yum update ImageMagick or yum update --advisory ALAS-2023-1831 to updat...

Important: libjpeg-turbo

Issue Overview: Libjpeg-turbo all version have a stack-based buffer overflow in the "transform" component. A remote attacker can send a malformed jpeg file to the service and cause arbitrary code execution or denial of service of the target service. CVE-2020-17541 libjpeg-turbo version 2.0.90 has...

Important: open-vm-tools

Issue Overview: VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor with man-in-the-middle MITM network positioning between vCenter server and the virtual machine may be able to bypass SAML token signature verification, to perform VMware Tools Guest Operations...

Medium: krb5

Issue Overview: lib/kadm5/kadmrpcxdr.c in MIT Kerberos 5 aka krb5 before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because xdrkadm5principalentrec does not validate the relationship between nkeydata and the...

Important: GraphicsMagick

Issue Overview: Buffer Overflow vulnerability in WritePCXImage function in pcx.c in GraphicsMagick 1.4 allows remote attackers to cause a denial of service via converting of crafted image file to pcx format. CVE-2020-21679 In GraphicsMagick, a heap buffer overflow was found when parsing MIFF...

Medium: libtiff

Issue Overview: A flaw was found in libtiff 4.4.0rc1. There is a sysmalloc assertion fail in rotateImage at tiffcrop.c:8621 that can cause program crash when reading a crafted input. CVE-2022-2520 libtiff's tiffcrop utility has a improper input validation flaw that can lead to out of bounds read...

Medium: cups

Issue Overview: OpenPrinting CUPS is an open source printing system. In versions 2.4.2 and prior, a heap buffer overflow vulnerability would allow a remote attacker to launch a denial of service DoS attack. A buffer overflow vulnerability in the function formatlogline could allow remote attackers...

Important: ipa

Issue Overview: A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication. The Samba AD DC, could become confused about the user a ticket represents if it did not strictly require a Kerberos PAC and always use the SIDs found within...

Low: open-vm-tools

Issue Overview: A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine. CVE-2023-20867 Affected Packages: open-vm-tools Note: This advisory is applicable to Amazon Linux 2 AL2...

Medium: ImageMagick

Issue Overview: stack overflow when parsing malicious tiff image CVE-2023-3195 Affected Packages: ImageMagick Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue Correction: Run yum...

Important: c-ares

Issue Overview: Denial of Service. An issue in c-ares was found where a 0-byte UDP payload can cause a Denial of Service CVE-2023-32067. Affected Packages: c-ares Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core an...

Low: wireshark

Issue Overview: Due to failure in validating the length provided by an attacker-crafted MSMMS packet, Wireshark version 4.0.5 and prior, in an unusual configuration, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark...

Important: perl-HTTP-Tiny

Issue Overview: HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates. CVE-2023-31486 Affected Packages: perl-HTTP-Tiny Note: This advisory is applicable to Amazon Linux 2 AL2 Co...

Medium: qt5-qtsvg

Issue Overview: In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont munitsPerEm initialization is mishandled. CVE-2023-32573 Affected Packages: qt5-qtsvg Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FA...

Medium: qt

Issue Overview: An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2. Certificate validation for TLS does not always consider whether the root of a chain is a configured CA certificate. CVE-2023-34410 Affected Packages: qt Note: This advisory is...

Medium: OpenEXR

Issue Overview: A flaw was found in OpenEXR's B44Compressor. This flaw allows an attacker who can submit a crafted file to be processed by OpenEXR, to exhaust all memory accessible to the application. The highest threat from this vulnerability is to system availability. CVE-2021-20298 A flaw foun...

Important: sysstat

Issue Overview: sysstat through 12.7.2 allows a multiplication integer overflow in checkoverflow in common.c. NOTE: this issue exists because of an incomplete fix for CVE-2022-39377. CVE-2023-33204 Affected Packages: sysstat Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository...

Important: kernel

Issue Overview: There is a potential deadlock in the eBPF subsystem in the Linux kernel. The default sysctl configuration "kernel.unprivilegedbpfdisabled" on Amazon Linux does not allow unprivileged users to use eBPF. CVE-2023-0160 A denial of service problem was found, due to a possible recursiv...

Important: squid

Issue Overview: An issue was discovered in Squid before 4.12 and 5.x before 5.0.3. Due to use of a potentially dangerous function, Squid and the default certificate validation helper are vulnerable to a Denial of Service when opening a TLS connection to an attacker-controlled server for HTTPS. Th...

Medium: qt5-qtbase

Issue Overview: When using the Qt SQL ODBC driver plugin, then it is possible to trigger a DOS with a specifically crafted string RESERVED NOTE: https://www.qt.io/blog/security-advisory-qt-sql-odbc-driver-plugin NOTE: https://github.com/qt/qtbase/commit/aaf1381eab6292aa0444a5eadcc24165b6e1c02d 6....

Important: glib2

Issue Overview: GNOME GLib 2.56.1 has an out-of-bounds read vulnerability in gmarkupparsecontextparse in gmarkup.c, related to utf8str. CVE-2018-16429 Affected Packages: glib2 Issue Correction: Run yum update glib2 or yum update --advisory ALAS-2023-1749 to update your system. New Packages: i686:...

Medium: kernel

Issue Overview: A use-after-free vulnerability was found in the Linux kernel's ext4 filesystem in the way it handled the extra inode size for extended attributes. This flaw could allow a privileged local user to cause a system crash or other undefined behaviors. CVE-2023-2513 qfqchangeclass in...

Low: screen

Issue Overview: socket.c in GNU Screen through 4.9.0, when installed setuid or setgid the default on platforms such as Arch Linux and FreeBSD, allows local users to send a privileged SIGHUP signal to any PID, causing a denial of service or disruption of the target process. CVE-2023-24626 Affected...

Medium: yasm

Issue Overview: An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in yasmexprgetintnum in libyasm/expr.c. CVE-2021-33454 An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in nasmparserdirective in modules/parsers/nasm/nasm-parse.c...

Low: openvpn

Issue Overview: OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially correct credentials...

Important: cifs-utils

Issue Overview: A stack-based buffer overflow issue was found in pifs-utils. Parsing the mount.cifs ip command-line argument can lead to local attackers gaining root privileges. CVE-2022-27239 Affected Packages: cifs-utils Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository...

Medium: qt5-qtbase

Issue Overview: Qt 5.x before 5.15.6 and 6.x through 6.1.2 has an out-of-bounds write in QOutlineMapper::convertPath called from QRasterPaintEngine::fill and QPaintEngineEx::stroke. CVE-2021-38593 Affected Packages: qt5-qtbase Note: This advisory is applicable to Amazon Linux 2 AL2 Core repositor...

Medium: protobuf

Issue Overview: A flaw was found in protobuf. The vulnerability occurs due to incorrect parsing of a NULL character in the proto symbol and leads to a Null pointer dereference. This flaw allows an attacker to execute unauthorized code or commands, read memory, modify memory. CVE-2021-22570 Affect...

Critical: php55-pecl-memcached

Issue Overview: PHP-Memcached v2.2.0 and below contains an improper NULL termination which allows attackers to execute CLRF injection. CVE-2022-26635 Affected Packages: php55-pecl-memcached Issue Correction: Run yum update php55-pecl-memcached or yum update --advisory ALAS-2023-1671 to update you...

Medium: vim

Issue Overview: The target's backtrace indicates that libc has detected a heap error or that the target was executing a heap function when it stopped. This could be due to heap corruption, passing a bad pointer to a heap function such as free, etc. Since heap errors might include buffer overflows...

Important: squid

Issue Overview: In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due to improper buffer management, a Denial of Service can occur when processing long Gopher server responses. CVE-2021-46784 A flaw was found in Squid. An incorrect integer overflow protection in the Squid SSPI an...

Important: libksba

Issue Overview: A vulnerability was found in the Libksba library due to an integer overflow within the CRL parser. The vulnerability can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment...

Medium: amazon-ssm-agent

Issue Overview: A buffer overflow flaw was found in Golang's library encoding/pem. This flaw allows an attacker to use a large PEM input more than 5 MB , causing a stack overflow in Decode, which leads to a loss of availability. CVE-2022-24675 Affected Packages: amazon-ssm-agent Note: This adviso...

Critical: perl-Image-ExifTool

Issue Overview: lib/Image/ExifTool.pm in ExifTool before 12.38 mishandles a $file = /|$/ check. CVE-2022-23935 Affected Packages: perl-Image-ExifTool Issue Correction: Run yum update perl-Image-ExifTool or yum update --advisory ALAS-2022-1566 to update your system. New Packages: noarch: ...

Low: 389-ds-base

Issue Overview: A flaw was found in 389-ds-base. If an asterisk is imported as password hashes, either accidentally or maliciously, then instead of being inactive, any password will successfully match during authentication. This flaw allows an attacker to successfully authenticate as a user whose...

Important: libsndfile

Issue Overview: A heap buffer overflow flaw was found in libsndfile. This flaw allows an attacker to execute arbitrary code via a crafted WAV file. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. CVE-2021-3246 Affected Packages:...

Low: bzip2

Issue Overview: BZ2decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors. CVE-2019-12900 Affected Packages: bzip2 Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Cor...

Medium: 389-ds-base

Issue Overview: When binding against a DN during authentication, the reply from 389-ds-base will be different whether the DN exists or not. This can be used by an unauthenticated attacker to check the existence of an entry in the LDAP database. CVE-2020-35518 Affected Packages: 389-ds-base Note:...

Medium: php7-pear

Issue Overview: ArchiveTar through 1.4.10 allows an unserialization attack because phar: is blocked but PHAR: is not blocked. CVE-2020-28948 ArchiveTar through 1.4.10 has :// filename sanitization only to address phar attacks, and thus any other stream-wrapper attack such as file:// to overwrite...

Medium: tigervnc

Issue Overview: TigerVNC version prior to 1.10.1 is vulnerable to stack use-after-return, which occurs due to incorrect usage of stack memory in ZRLEDecoder. If decoding routine would throw an exception, ZRLEDecoder may try to access stack variable, which has been already freed during the process...

Important: libX11

Issue Overview: An integer overflow vulnerability leading to a double-free was found in libX11. This flaw allows a local privileged attacker to cause an application compiled with libX11 to crash, or in some cases, result in arbitrary code execution. The highest threat from this flaw is to...