Important: kernel-livepatch-5.10.186-179.751

Issue Overview: A use-after-free vulnerability in the Linux kernel's netfilter: nftables component can be exploited to achieve local privilege escalation. When nftablesdelrule is flushing table rules, it is not checked whether the chain is bound and the chain's owner rule can also release the...

Medium: kernel

Issue Overview: A flaw in the kernel Xen event handler can cause a deadlock with Xen console handling in unprivileged Xen guests. CVE-2023-34324 In the Linux kernel, the following vulnerability has been resolved: usb: hub: Guard against accesses to uninitialized BOS descriptors CVE-2023-52477 In...

Important: kernel-livepatch-4.14.320-243.544

Issue Overview: A use-after-free vulnerability in the Linux kernel's net/sched: clsroute component can be exploited to achieve local privilege escalation. When route4change is called on an existing filter, the whole tcfresult struct is always copied into the new instance of the filter. This cause...

Important: golist

Issue Overview: The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. CVE-2023-39325 Affected Packages: golist Note: This advisory is applicable to Amazon Lin...

Important: httpd

Issue Overview: Out-of-bounds Read vulnerability in modmacro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57. CVE-2023-31122 A flaw was found in httpd. This flaw allows an attacker opening an HTTP/2 connection with an initial window size of 0 to block handling of that...

Low: nmap

Issue Overview: Nmap through 7.70, when the -sV option is used, allows remote attackers to cause a denial of service stack consumption and application crash via a crafted TCP-based service. CVE-2018-15173 Affected Packages: nmap Note: This advisory is applicable to Amazon Linux 2 AL2 Core...

Important: kernel-livepatch-5.10.192-183.736

Issue Overview: A use-after-free vulnerability in the Linux kernel's net/sched: schhfsc HFSC qdisc traffic control component can be exploited to achieve local privilege escalation. If a class with a link-sharing curve i.e. with the HFSCFSC flag set has a parent without a link-sharing curve, then...

Medium: kernel

Issue Overview: An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux kernel 6.2. There is a divide-by-zero error in dodivsz,mtd-erasesize, used indirectly by ctrlcdevioctl, when mtd-erasesize is 0. CVE-2023-31085 A flaw in the kernel Xen event handler can cause a deadlock with Xen conso...

Important: xerces-c

Issue Overview: An integer overflow in xerces-c++ 3.2.3 in BigFix Platform allows remote attackers to cause out-of-bound access via HTTP request. CVE-2023-37536 Affected Packages: xerces-c Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the...

Important: amazon-ecr-credential-helper

Issue Overview: The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. CVE-2023-39325 Affected Packages: amazon-ecr-credential-helper Note: This advisory is...

Important: kernel-livepatch-5.10.192-182.736

Issue Overview: A use-after-free vulnerability in the Linux kernel's net/sched: schhfsc HFSC qdisc traffic control component can be exploited to achieve local privilege escalation. If a class with a link-sharing curve i.e. with the HFSCFSC flag set has a parent without a link-sharing curve, then...

Important: kernel-livepatch-4.14.322-246.539

Issue Overview: A use-after-free vulnerability in the Linux kernel's net/sched: clsfw component can be exploited to achieve local privilege escalation. When fwchange is called on an existing filter, the whole tcfresult struct is always copied into the new instance of the filter. This causes a...

Low: vim

Issue Overview: The severity level was changed from Medium to Low. NULL Pointer Dereference in GitHub repository vim/vim prior to 20d161ace307e28690229b68584f2d84556f8960. CVE-2023-5441 Use After Free in GitHub repository vim/vim prior to v9.0.2010. CVE-2023-5535 Affected Packages: vim Note: This...

Medium: kernel

Issue Overview: A flaw in the kernel Xen event handler can cause a deadlock with Xen console handling in unprivileged Xen guests. CVE-2023-34324 A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer skb was assumed to be associated with a device before callin...

Important: cri-tools

Issue Overview: The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. CVE-2023-39325 Affected Packages: cri-tools Note: This advisory is applicable to Amazon...

Important: python

Issue Overview: An XML External Entity XXE issue was discovered in Python through 3.9.1. The plistlib module no longer accepts entity declarations in XML plist files to avoid XML vulnerabilities. CVE-2022-48565 Affected Packages: python Note: This advisory is applicable to Amazon Linux 2 AL2 Core...

Important: kernel-livepatch-4.14.322-244.539

Issue Overview: A use-after-free vulnerability in the Linux kernel's net/sched: clsfw component can be exploited to achieve local privilege escalation. When fwchange is called on an existing filter, the whole tcfresult struct is always copied into the new instance of the filter. This causes a...

Medium: opensc

Issue Overview: Potential PIN bypass. When the token/card was plugged into the computer and authenticated from one process, it could be used to provide cryptographic operations from different process when the empty, zero-length PIN and the token can track the login status using some of its...

Important: cni-plugins

Issue Overview: The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. CVE-2023-39325 Affected Packages: cni-plugins Note: This advisory is applicable to Amazo...

Medium: libguestfs-winsupport

Issue Overview: An invalid return code in fusekernmount enables intercepting of libfuse-lite protocol traffic between NTFS-3G and the kernel in NTFS-3G through 2021.8.22 when using libfuse-lite. CVE-2022-30783 A crafted NTFS image can cause heap exhaustion in ntfsgetattributevalue in NTFS-3G...

Important: kernel-livepatch-4.14.322-244.536

Issue Overview: A use-after-free vulnerability in the Linux kernel's net/sched: clsfw component can be exploited to achieve local privilege escalation. When fwchange is called on an existing filter, the whole tcfresult struct is always copied into the new instance of the filter. This causes a...

Medium: zlib

Issue Overview: MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip464 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product. CVE-2023-45853 Affected Packages: zlib Note: This advisor...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: unregister flowtable hooks on netns exit CVE-2022-48935 In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: double hook unregistration in netns path...

Critical: squid

Issue Overview: Due to a buffer overflow bug Squid is vulnerable to a Denial of Service attack against HTTP Digest Authentication CVE-2023-46847 Affected Packages: squid Issue Correction: Run yum update squid or yum update --advisory ALAS-2023-1872 to update your system. New Packages: i686: ...

Critical: squid

Issue Overview: An issue was discovered in Squid through 4.7. When handling requests from users, Squid checks its rules to see if the request should be denied. Squid by default comes with rules to block access to the Cache Manager, which serves detailed server information meant for the maintainer...

Important: python3

Issue Overview: A flaw was found in Python. The built-in modules httplib and http.client included in Python 2 and Python 3, respectively do not properly validate CRLF sequences in the HTTP request method, potentially allowing manipulation to the request by injecting additional HTTP headers. The...

Medium: vim

Issue Overview: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1969. CVE-2023-5344 Affected Packages: vim Issue Correction: Run dnf update vim --releasever 2023.2.20231018 or dnf update --advisory ALAS2023-2023-378 --releasever 2023.2.20231018 to update your system. More...

Medium: giflib

Issue Overview: giflib v5.2.1 was discovered to contain a segmentation fault via the component getarg.c. CVE-2023-39742 Affected Packages: giflib Issue Correction: Run dnf update giflib --releasever 2023.2.20231018 or dnf update --advisory ALAS2023-2023-386 --releasever 2023.2.20231018 to update...

Medium: java-21-amazon-corretto

Issue Overview: Memory corruption bug on JDK 21 and 20 when AVX-512 is enabled. CVE-2023-22025 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 20.0.2...

Medium: java-11-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 20.0.2; Oracle GraalVM for JDK: 17.0.8 and 20.0.2. Easily exploitable vulnerability...

Medium: nss-softokn

Issue Overview: new tlsfuzzer code can still detect timing issues in RSA operations CVE-2023-4421 Affected Packages: nss-softokn Issue Correction: Run yum update nss-softokn or yum update --advisory ALAS-2023-1858 to update your system. New Packages: i686: nss-softokn-3.53.1-6.48.amzn1.i686 ...

Medium: mutt

Issue Overview: A flaw was found in mutt. When reading unencoded messages, mutt uses the line length from the untrusted input without any validation. This flaw allows an attacker to craft a malicious message, which leads to an out-of-bounds read, causing data leaks that include fragments of other...

Important: cacti

Issue Overview: Cacti is an open source operational monitoring and fault management framework. In Cacti 1.2.24, under certain conditions, an authenticated privileged user, can use a malicious string in the SNMP options of a Device, performing command injection and obtaining remote code execution ...

Important: apache-ivy

Issue Overview: Improper Restriction of XML External Entity Reference, XML Injection aka Blind XPath Injection vulnerability in Apache Software Foundation Apache Ivy.This issue affects any version of Apache Ivy prior to 2.5.2. When Apache Ivy prior to 2.5.2 parses XML files - either its own...

Medium: libXpm

Issue Overview: libXpm: out of bounds read in XpmCreateXpmImageFromBuffer NOTE: https://www.openwall.com/lists/oss-security/2023/10/03/1 NOTE: Fixed by: https://gitlab.freedesktop.org/xorg/lib/libxpm/-/commit/2fa554b01ef6079a9b35df9332bdc4f139ed67e0 CVE-2023-43788 Affected Packages: libXpm Issue...

Important: tomcat8

Issue Overview: Apache Commons FileUpload before 1.5 does not limit the number of request parts to be processed resulting in the possibility of an attacker triggering a DoS with a malicious upload or series of uploads. Note that, like all of the file upload limits, the new configuration option...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: ceph: drop messages from MDS when unmounting CVE-2022-48628 A use-after-free vulnerability in the Linux kernel's netfilter: nftables component can be exploited to achieve local privilege escalation. Due to a race...

Medium: libXpm

Issue Overview: A vulnerability was found in libX11 due to an infinite loop within the PutSubImage function. This flaw allows a local user to consume all available system resources and cause a denial of service condition. CVE-2023-43786 libX11: integer overflow in XCreateImage leading to a heap...

Important: amazon-ssm-agent

Issue Overview: The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an attacker to panic an SSH server. CVE-2021-43565 A broken cryptographic algorithm flaw was found in golang.org/x/crypto/ssh. This issue causes a client to fail authentification with R...

Important: exim

Issue Overview: Exim SMTP Challenge Stack-based Buffer Overflow Remote Code Execution Vulnerability NOTE: https://www.zerodayinitiative.com/advisories/ZDI-23-1470/ CVE-2023-42116 Exim Improper Neutralization of Special Elements Remote Code Execution Vulnerability NOTE:...

Medium: ghostscript

Issue Overview: A buffer overflow vulnerability in epscprintpage in devices/gdevepsc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. CVE-2020-16294 Affected Packages: ghostscript Issue Correction: Run yu...

Low: containerd

Issue Overview: Containerd is not affected by CVE-2023-39325. While it contains the affected module, it does not use it in a way that exposes users to CVE-2023-39325. Affected Packages: containerd Issue Correction: Run dnf update containerd --releasever 2023.2.20231018 or dnf update --advisory...

Important: amazon-ssm-agent

Issue Overview: The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an attacker to panic an SSH server. CVE-2021-43565 http2/hpack: avoid quadratic complexity in hpack decoding CVE-2022-41723 Templates did not properly consider backticks as Javascript...

Medium: postgresql15

Issue Overview: In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditions a server can cause a libpq client to over-read and report an error message containing uninitialized bytes...

Medium: libX11

Issue Overview: libX11: out-of-bounds memory access in XkbReadKeySyms CVE-2023-43785 A vulnerability was found in libX11 due to an infinite loop within the PutSubImage function. This flaw allows a local user to consume all available system resources and cause a denial of service condition...

Medium: java-17-amazon-corretto

Issue Overview: Memory corruption bug on JDK 21 and 20 when AVX-512 is enabled. CVE-2023-22025 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 20.0.2...

Medium: libX11

Issue Overview: libX11: out-of-bounds memory access in XkbReadKeySyms CVE-2023-43785 libX11: integer overflow in XCreateImage leading to a heap overflow. CVE-2023-43787 Affected Packages: libX11 Issue Correction: Run yum update libX11 or yum update --advisory ALAS-2023-1859 to update your system...

Important: java-1.8.0-openjdk

Issue Overview: An issue was discovered in function ciMethodBlocks::makeblockat in Oracle JDK HotSpot VM 11, 17 and OpenJDK HotSpot VM 8, 11, 17, allows attackers to cause a denial of service. CVE-2022-40433 Affected Packages: java-1.8.0-openjdk Issue Correction: Run yum update java-1.8.0-openjdk...

Important: runc

Issue Overview: The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. CVE-2023-39325 Affected Packages: runc Issue Correction: Run dnf update runc --releaseve...

Medium: java-1.8.0-amazon-corretto

Issue Overview: Vulnerability in Oracle Java SE component: CORBA. Supported versions that are affected are Oracle Java SE: 8u381 and 8u381-perf. Easily exploitable vulnerability allows unauthenticated attacker with network access via CORBA to compromise Oracle Java SE. Successful attacks of this...