Medium: openssh

Issue Overview: An issue was discovered in OpenSSH 7.4 on Amazon Linux 2 and Amazon Linux 1. The fix for CVE-2019-6111 only covered cases where an absolute path is passed to scp. When a relative path is used there is no verification that the name of a file received by the client matches the file...

Medium: yajl

Issue Overview: There's a memory leak in yajl 2.1.0 with use of yajltreeparse function. which will cause out-of-memory in server and cause crash. CVE-2023-33460 Affected Packages: yajl Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the differen...

Medium: java-11-openjdk

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE component: Utility. Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2...

Low: elfutils

Issue Overview: In elfutils 0.183, an infinite loop was found in the function handlesymtab in readelf.c .Which allows attackers to cause a denial of service infinite loop via crafted file. CVE-2021-33294 Affected Packages: elfutils Note: This advisory is applicable to Amazon Linux 2 AL2 Core...

Medium: aspell

Issue Overview: objstack in GNU Aspell 0.60.8 has a heap-based buffer overflow in acommon::ObjStack::duptop called from acommon::StringMap::add and acommon::Config::lookuplist. CVE-2019-25051 Affected Packages: aspell Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit...

Medium: python-pygments

Issue Overview: In pygments 1.1+, fixed in 2.7.4, the lexers used to parse programming languages rely heavily on regular expressions. Some of the regular expressions have exponential or cubic worst-case complexity and are vulnerable to ReDoS. By crafting malicious input, an attacker can cause a...

Important: ca-certificates

Issue Overview: An initial fix in Amazon Linux ca-certificates package relating to CVE-2022-23491 did not properly remove root certificates from TrustCor from the root store. CVE-2023-32803 Affected Packages: ca-certificates Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository...

Medium: cups

Issue Overview: OpenPrinting CUPS is an open source printing system. In versions 2.4.2 and prior, a heap buffer overflow vulnerability would allow a remote attacker to launch a denial of service DoS attack. A buffer overflow vulnerability in the function formatlogline could allow remote attackers...

Important: kernel

Issue Overview: A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled?address, potentially leading to information disclosure. CVE-2023-20569 A use-after-free...

Medium: libtiff

Issue Overview: A NULL pointer dereference in TIFFClose is caused by a failure to open an output file non-existent path or a path that requires permissions like /dev/null while specifying zones. CVE-2023-3316 Affected Packages: libtiff Issue Correction: Run dnf update libtiff --releasever...

Important: golang

Issue Overview: html/template: improper handling of empty HTML attributes. The go command may generate unexpected code at build time when using cgo. This may result in unexpected behavior when running a go program which uses cgo. This may occur when running an untrusted module which contains...

Medium: libtiff

Issue Overview: Memory leak in memory leak in tiffcrop.c. CVE-2023-3576 Affected Packages: libtiff Issue Correction: Run yum update libtiff or yum update --advisory ALAS-2023-1788 to update your system. New Packages: i686: libtiff-debuginfo-4.0.3-35.43.amzn1.i686 ...

Low: sqlite

Issue Overview: No CVE associated with this advisory Affected Packages: sqlite Issue Correction: Run dnf update sqlite --releasever 2023.1.20230725 or dnf update --advisory ALAS2023-2023-264 --releasever 2023.1.20230725 to update your system. More information on how to update your system can be...

Medium: curl

Issue Overview: libcurl offers a feature to verify an SSH server's public key using a SHA 256 hash. When this check fails, libcurl would free the memory for the fingerprint before it returns an error message containing the now freed hash. This flaw risks inserting sensitive heap-based data into t...

Medium: janino

Issue Overview: janino 3.1.9 and earlier are subject to denial of service DOS attacks when using the expression evaluator.guess parameter name method. If the parser runs on user-supplied input, an attacker could supply content that causes the parser to crash due to a stack overflow. CVE-2023-3354...

Medium: libtiff

Issue Overview: loadImage in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image. CVE-2023-26965 Affected Packages: libtiff Issue Correction: Run dnf update libtiff --releasever 2023.1.20230725 or dnf update --advisory ALAS2023-2023-271 --releasever...

Important: bind

Issue Overview: A vulnerability was found in BIND. The effectiveness of the cache-cleaning algorithm used in named can be severely diminished by querying the resolver for specific RRsets in a certain order, effectively allowing the configured max-cache-size limit to exceed significantly...

Medium: libtiff

Issue Overview: Memory leak in memory leak in tiffcrop.c. CVE-2023-3576 Affected Packages: libtiff Issue Correction: Run dnf update libtiff --releasever 2023.1.20230725 or dnf update --advisory ALAS2023-2023-265 --releasever 2023.1.20230725 to update your system. More information on how to update...

Medium: scipy

Issue Overview: A use-after-free issue was discovered in PyFindObjects function in SciPy versions prior to 1.8.0. CVE-2023-29824 Affected Packages: scipy Issue Correction: Run dnf update scipy --releasever 2023.1.20230725 or dnf update --advisory ALAS2023-2023-268 --releasever 2023.1.20230725 to...

Medium: SDL2

Issue Overview: A memory leak issue was discovered in SDL2 version = SDL2-2.0.8. CVE-2022-4743 Affected Packages: SDL2 Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue Correction: R...

Important: apache-ivy

Issue Overview: When Apache Ivy downloads artifacts from a repository it stores them in the local file system based on a user-supplied "pattern" that may include placeholders for artifacts coordinates like the organisation, module or version. If said coordinates contain "../" sequences - which ar...

Low: libvncserver

Issue Overview: libvncclient v0.9.13 was discovered to contain a memory leak via the function rfbClientCleanup. CVE-2020-29260 Affected Packages: libvncserver Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL...

Medium: python-ipaddress

Issue Overview: A vulnerability was found in the way the ipaddress python module computes hash values in the IPv4Interface and IPv6Interface classes. This flaw allows an attacker to create many dictionary entries, due to the performance of a dictionary containing the IPv4Interface or IPv6Interfac...

Medium: qt5-qtbase

Issue Overview: In QT, there is an integer overflow in qfixedp.h when rendering SVG image on the minimal plugin. CVE-2023-32763 Affected Packages: qt5-qtbase Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2...

Medium: avahi

Issue Overview: avahi-daemon denial of service can be caused by unprivileged users via DBus CVE-2023-1981 Affected Packages: avahi Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue...

Low: qemu

Issue Overview: An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the bootpinput function and could occur while processing a udp packet that is smaller than the size of the 'bootpt' structure. A malicious guest could use this flaw...

Important: thunderbird

Issue Overview: An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. This vulnerability affects Firefox 115, Firefox ESR 102.13, and Thunderbird 102.13. CVE-2023-37201 Cross-compartment wrappers wrapping a scripted proxy could have caused objec...

Medium: libtiff

Issue Overview: Memory leak in memory leak in tiffcrop.c. CVE-2023-3576 Affected Packages: libtiff Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue Correction: Run yum update libtif...

Medium: samba

Issue Overview: A flaw was found in Samba. Some SMB1 write requests were not correctly range-checked to ensure the client had sent enough data to fulfill the write, allowing server memory contents to be written into the file or printer instead of client-supplied data. The client cannot control th...

Important: gstreamer1-plugins-good

Issue Overview: Integer overflow leading to heap overwrite in FLAC image tag handling CVE-2023-37327 Affected Packages: gstreamer1-plugins-good Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras...

Important: golang

Issue Overview: RESERVED NOTE: https://groups.google.com/g/golang-announce/c/V0aBFqaFsE CVE-2022-41724 Golang: net/http, mime/multipart: denial of service from excessive resource consumption https://groups.google.com/g/golang-announce/c/V0aBFqaFsE CVE-2022-41725 The ScalarMult and ScalarBaseMult...

Medium: openssl-snapsafe

Issue Overview: A flaw was found in OpenSSL. The issue in CVE-2022-1292 did not find other places in the crehash script where it possibly passed the file names of certificates being hashed to a command executed through the shell. Some operating systems distribute this script in a manner where it ...

Important: openssl-snapsafe

Issue Overview: A timing-based side channel exists in the OpenSSL RSA Decryption implementation, which could be sufficient to recover a ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption, an attacker would have to be able to send a very large number o...

Medium: libicu60

Issue Overview: International Components for Unicode ICU-20850 v66.1 was discovered to contain a use after free bug in the pkgcreateWithAssemblyCode function in the file tools/pkgdata/pkgdata.cpp. CVE-2020-21913 Affected Packages: libicu60 Note: This advisory is applicable to Amazon Linux 2 AL2...

Medium: icu

Issue Overview: International Components for Unicode ICU-20850 v66.1 was discovered to contain a use after free bug in the pkgcreateWithAssemblyCode function in the file tools/pkgdata/pkgdata.cpp. CVE-2020-21913 Affected Packages: icu Note: This advisory is applicable to Amazon Linux 2 AL2 Core...

Medium: transfig

Issue Overview: 2023-08-03: CVE-2021-32280 was added to this advisory. A global buffer overflow in the setfill component in genge.c of fig2dev 3.2.7b allows attackers to cause a denial of service DOS via converting a xfig file into ge format. CVE-2020-21682 An issue was discovered in fig2dev befo...

Medium: bluez

Issue Overview: A heap overflow vulnerability was found in bluez in versions prior to 5.63. An attacker with local network access could pass specially crafted files causing an application to halt or crash, leading to a denial of service. CVE-2022-0204 Affected Packages: bluez Note: This advisory ...

Medium: compat-libtiff3

Issue Overview: Memory leak in memory leak in tiffcrop.c. CVE-2023-3576 Affected Packages: compat-libtiff3 Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue Correction: Run yum updat...

Medium: scipy

Issue Overview: A use-after-free issue was discovered in PyFindObjects function in SciPy versions prior to 1.8.0. CVE-2023-29824 Affected Packages: scipy Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2...

Medium: keepalived

Issue Overview: A flaw was found in keepalived, where an improper authentication vulnerability allows an unprivileged user to change properties that could lead to an access-control bypass. CVE-2021-44225 Affected Packages: keepalived Note: This advisory is applicable to Amazon Linux 2 AL2 Core...

Important: gstreamer1-plugins-base

Issue Overview: Integer overflow leading to heap overwrite in FLAC image tag handling CVE-2023-37327 Affected Packages: gstreamer1-plugins-base Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras...

Important: iperf3

Issue Overview: iperf3 before 3.14 allows peers to cause an integer overflow and heap corruption via a crafted length field. CVE-2023-38403 Affected Packages: iperf3 Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core...

Medium: python-mako

Issue Overview: Sqlalchemy mako before 1.2.2 is vulnerable to Regular expression Denial of Service when using the Lexer class to parse. This also affects babelplugin and linguaplugin. CVE-2022-40023 Affected Packages: python-mako Note: This advisory is applicable to Amazon Linux 2 AL2 Core...

Important: kernel

Issue Overview: 2023-08-03: CVE-2023-3609 was added to this advisory. A use-after-free flaw was found in the Netfilter subsystem of the Linux kernel when processing named and anonymous sets in batch requests, which can lead to performing arbitrary reads and writes in kernel memory. This flaw allo...

Important: kernel

Issue Overview: A use-after-free flaw was found in the Netfilter subsystem of the Linux kernel when processing named and anonymous sets in batch requests, which can lead to performing arbitrary reads and writes in kernel memory. This flaw allows a local user with CAPNETADMIN capability to crash o...

Medium: java-1.8.0-amazon-corretto

Issue Overview: Vulnerability in Oracle Java SE component: JavaFX. The supported version that is affected is Oracle Java SE: 8u371. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE. Successful attacks of thi...

Important: kernel

Issue Overview: A use-after-free flaw was found in the Netfilter subsystem of the Linux kernel when processing named and anonymous sets in batch requests, which can lead to performing arbitrary reads and writes in kernel memory. This flaw allows a local user with CAPNETADMIN capability to crash o...

Medium: tcpdump

Issue Overview: The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrpprint for VRRP version 3, a different vulnerability than CVE-2018-14463. CVE-2019-15167 Affected Packages: tcpdump Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this...

Important: gstreamer-plugins-base

Issue Overview: Integer overflow leading to heap overwrite in FLAC image tag handling CVE-2023-37327 Affected Packages: gstreamer-plugins-base Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras...

Important: kernel

Issue Overview: A use-after-free flaw was found in the Netfilter subsystem of the Linux kernel when processing named and anonymous sets in batch requests, which can lead to performing arbitrary reads and writes in kernel memory. This flaw allows a local user with CAPNETADMIN capability to crash o...