Important: kernel-livepatch-5.10.157-139.675

Issue Overview: A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function followpagepte of the file mm/gup.c of the component BPF. The manipulation leads to race condition. The attack can be launched remotely. It is recommended ...

Medium: java-1.8.0-amazon-corretto

Issue Overview: Improve CORBA communication: CORBA deserialization can result in outbound network connections with data passed in. CVE-2023-21830 Better Banking of Sounds: JARSoundbankReader can load classes from remote URLs. CVE-2023-21843 Affected Packages: java-1.8.0-amazon-corretto Note: This...

Important: kernel-livepatch-4.14.294-220.533

Issue Overview: A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6renewoptions of the component IPv6 Handler. The manipulation leads to memory leak. The attack can be launched remotely. It is recommended to apply a...

Important: kernel-livepatch-5.10.155-138.670

Issue Overview: A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function followpagepte of the file mm/gup.c of the component BPF. The manipulation leads to race condition. The attack can be launched remotely. It is recommended ...

Important: kernel-livepatch-5.10.147-133.644

Issue Overview: A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6renewoptions of the component IPv6 Handler. The manipulation leads to memory leak. The attack can be launched remotely. It is recommended to apply a...

Important: kernel

Issue Overview: A vulnerability classified as problematic has been found in Linux Kernel. This affects the function fibnhmatch of the file net/ipv4/fibsemantics.c of the component IPv4 Handler. The manipulation leads to out-of-bounds read. It is possible to initiate the attack remotely. It is...

Important: kernel-livepatch-4.14.299-223.520

Issue Overview: A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6renewoptions of the component IPv6 Handler. The manipulation leads to memory leak. The attack can be launched remotely. It is recommended to apply a...

Important: kernel-livepatch-4.14.296-222.539

Issue Overview: A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6renewoptions of the component IPv6 Handler. The manipulation leads to memory leak. The attack can be launched remotely. It is recommended to apply a...

Important: kernel

Issue Overview: A flaw was found in the Linux kernel. A denial of service flaw may occur if there is a consecutive request of the NVMEIOCTLRESET and the NVMEIOCTLSUBSYSRESET through the device file of the driver, resulting in a PCIe link disconnect. CVE-2022-3169 A vulnerability classified as...

Important: kernel

Issue Overview: A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function followpagepte of the file mm/gup.c of the component BPF. The manipulation leads to race condition. The attack can be launched remotely. It is recommended ...

Important: kernel-livepatch-5.10.144-127.601

Issue Overview: A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6renewoptions of the component IPv6 Handler. The manipulation leads to memory leak. The attack can be launched remotely. It is recommended to apply a...

Important: kernel-livepatch-5.10.149-133.644

Issue Overview: A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6renewoptions of the component IPv6 Handler. The manipulation leads to memory leak. The attack can be launched remotely. It is recommended to apply a...

Important: xorg-x11-server

Issue Overview: A vulnerability classified as critical was found in X.org Server. Affected by this vulnerability is the function GetCountedString of the file xkb/xkb.c. The manipulation leads to buffer overflow. It is recommended to apply a patch to fix this issue. The associated identifier of th...

Medium: freetype

Issue Overview: A heap buffer overflow flaw was found in Freetype's sfntinitface function in the sfobjs.c file. The vulnerability occurs when creating a face with a strange file and invalid index. This flaw allows an attacker to read and modify a small amount of memory, causing the application to...

Medium: pcs

Issue Overview: A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the extend function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data...

Medium: java-17-amazon-corretto

Issue Overview: Enhance DTLS performance: DTLS does not avail itself of the HelloVerifyRequest message which opens opportunities for DoS. CVE-2023-21835 Better Banking of Sounds: JARSoundbankReader can load classes from remote URLs. CVE-2023-21843 Affected Packages: java-17-amazon-corretto Note:...

Important: squid

Issue Overview: In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due to improper buffer management, a Denial of Service can occur when processing long Gopher server responses. CVE-2021-46784 A flaw was found in Squid. An incorrect integer overflow protection in the Squid SSPI an...

Important: libtasn1

Issue Overview: GNU Libtasn1 before 4.19.0 has an ETYPEOK off-by-one array size check that affects asn1encodesimpleder. CVE-2021-46848 Affected Packages: libtasn1 Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core an...

Important: golist

Issue Overview: Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics. After fix, Reader.Read limits the maximum size of header blocks to 1 MiB...

Important: bcel

Issue Overview: Apache Commons BCEL has a number of APIs that would normally only allow changing specific class characteristics. However, due to an out-of-bounds writing issue, these APIs can be used to produce arbitrary bytecode. This could be abused in applications that pass attacker-controllab...

Low: unzip

Issue Overview: A flaw was found in unzip. The vulnerability occurs due to improper handling of Unicode strings, which can lead to a null pointer dereference. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution. CVE-2021-4217 A flaw was found i...

Important: krb5

Issue Overview: Integer overflow vulnerabilities in PAC parsing CVE-2022-42898 Affected Packages: krb5 Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue Correction: Run yum update kr...

Important: python3

Issue Overview: An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA RFC 3490 decoder, such that a crafted, unreasonably long name being presented to the decoder could lead to a CPU denial of service...

Important: hsqldb

Issue Overview: Those using java.sql.Statement or java.sql.PreparedStatement in hsqldb HyperSQL DataBase to process untrusted input may be vulnerable to a remote code execution attack. By default it is allowed to call any static method of any Java class in the classpath resulting in code executio...

Medium: java-11-amazon-corretto

Issue Overview: Enhance DTLS performance: DTLS does not avail itself of the HelloVerifyRequest message which opens opportunities for DoS. CVE-2023-21835 Better Banking of Sounds: JARSoundbankReader can load classes from remote URLs. CVE-2023-21843 Affected Packages: java-11-amazon-corretto Note:...

Medium: vim

Issue Overview: The target's backtrace indicates that libc has detected a heap error or that the target was executing a heap function when it stopped. This could be due to heap corruption, passing a bad pointer to a heap function such as free, etc. Since heap errors might include buffer overflows...

Important: libpng

Issue Overview: Integer underflow in the pngcheckkeyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1.4.x before 1.4.19, and 1.5.x before 1.5.26 allows remote attackers to have unspecified impact via a space character as a...

Important: sqlite

Issue Overview: SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API. CVE-2022-35737 Affected Packages: sqlite Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ...

Important: kernel

Issue Overview: A flaw was found in the Linux kernel. A denial of service flaw may occur if there is a consecutive request of the NVMEIOCTLRESET and the NVMEIOCTLSUBSYSRESET through the device file of the driver, resulting in a PCIe link disconnect. CVE-2022-3169 An incorrect TLB flush issue was...

Medium: kernel

Issue Overview: A flaw was found in the Linux kernel. A denial of service flaw may occur if there is a consecutive request of the NVMEIOCTLRESET and the NVMEIOCTLSUBSYSRESET through the device file of the driver, resulting in a PCIe link disconnect. CVE-2022-3169 Affected Packages: kernel Note:...

Important: kernel

Issue Overview: A memory overflow vulnerability was found in the Linux kernel's ipc functionality of the memcg subsystem, in the way a user calls the semget function multiple times, creating semaphores. This flaw allows a local user to starve the resources, causing a denial of service. The highes...

Important: kernel

Issue Overview: A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6renewoptions of the component IPv6 Handler. The manipulation leads to memory leak. The attack can be launched remotely. It is recommended to apply a...

Important: kernel-livepatch-5.10.135-122.509

Issue Overview: A use-after-free flaw was found in route4change in the net/sched/clsroute.c filter implementation in the Linux kernel. This flaw allows a local user to crash the system and possibly lead to a local privilege escalation problem. CVE-2022-2588 Affected Packages:...

Important: kernel

Issue Overview: A memory overflow vulnerability was found in the Linux kernel's ipc functionality of the memcg subsystem, in the way a user calls the semget function multiple times, creating semaphores. This flaw allows a local user to starve the resources, causing a denial of service. The highes...

Important: kernel-livepatch-4.14.290-217.505

Issue Overview: A use-after-free flaw was found in route4change in the net/sched/clsroute.c filter implementation in the Linux kernel. This flaw allows a local user to crash the system and possibly lead to a local privilege escalation problem. CVE-2022-2588 Affected Packages:...

Important: kernel

Issue Overview: A vulnerability classified as problematic has been found in Linux Kernel. This affects the function fibnhmatch of the file net/ipv4/fibsemantics.c of the component IPv4 Handler. The manipulation leads to out-of-bounds read. It is possible to initiate the attack remotely. It is...

Important: samba

Issue Overview: It was found that the Kerberos Key Distribution Center KDC delegation feature, Service for User S4U, did not sufficiently protect the tickets it's providing from tempering. A malicious, authenticated service principal allowed to delegate could use this flaw to impersonate a...

Important: python3

Issue Overview: The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface. CVE-2022-37454 Affected...

Important: samba

Issue Overview: A flaw was found in Samba. The KDC accepts kpasswd requests encrypted with any key known to it. By encrypting forged kpasswd requests with its own key, a user can change other users' passwords, enabling full domain takeover. CVE-2022-32744 Affected Packages: samba Note: This...

Important: bluez

Issue Overview: 2023-06-07: CVE-2022-39177 was added to this advisory. A vulnerability was found in BlueZ. This flaw allows physically proximate attackers to cause a denial of service due to malformed and invalid capabilities processed in profiles/audio/avdtp.c. CVE-2022-39177 A vulnerability was...

Medium: util-linux

Issue Overview: A command injection flaw was found in the way util-linux implements umount autocompletion in Bash. An attacker with the ability to mount a filesystem with custom mount points may execute arbitrary commands on behalf of the user who triggers the umount autocompletion. CVE-2018-7738...

Medium: ant

Issue Overview: When reading a specially crafted ZIP archive, or a derived formats, an Apache Ant build can be made to allocate large amounts of memory that leads to an out of memory error, even for small inputs. This can be used to disrupt builds using Apache Ant. Commonly used derived formats...

Important: expat

Issue Overview: A vulnerability was found in expat. With this flaw, it is possible to create a situation in which parsing is suspended while substituting in an internal entity so that XMLResumeParser directly uses the internalEntityProcessor as its processor. If the subsequent parse includes some...

Important: device-mapper-multipath

Issue Overview: multipath-tools 0.7.0 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited alone or in conjunction with CVE-2022-41973. Local users able to write to UNIX domain sockets can bypass access controls and manipulate the multipath setup. This can lead to loc...

Important: libtiff

Issue Overview: A stack buffer overflow flaw was found in Libtiffs' tiffcp.c in main function. This flaw allows an attacker to pass a crafted TIFF file to the tiffcp tool, triggering a stack buffer overflow issue, possibly corrupting the memory, and causing a crash that leads to a denial of...

Medium: mutt

Issue Overview: Mutt before 1.14.3 allows an IMAP fcc/postpone man-in-the-middle attack via a PREAUTH response. CVE-2020-14093 Mutt before 1.14.3 proceeds with a connection even if, in response to a GnuTLS certificate prompt, the user rejects an expired intermediate certificate. CVE-2020-14154 Mu...

Medium: tcpdump

Issue Overview: The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrpprint for VRRP version 3, a different vulnerability than CVE-2018-14463. CVE-2019-15167 Affected Packages: tcpdump Issue Correction: Run yum update tcpdump or yum update --advisory ALAS-2022-1641 to...

Medium: 389-ds-base

Issue Overview: A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service. CVE-2022-2850 Affected Packages...

Important: python38

Issue Overview: The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface. CVE-2022-37454 Affected...

Important: expat

Issue Overview: In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XMLExternalEntityParserCreate in out-of-memory situations. CVE-2022-43680 Affected Packages: expat Issue Correction: Run yum update expat or yum update --advisory ALAS-2022-1655...