Amazon Linux AMI update for kernel

1) Information disclosure

EUVDB-ID: #VU43443

Risk: Low

CVSSv4.0: 2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2012-3430

CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor

Exploit availability: Yes

Description

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

The rds_recvmsg function in net/rds/recv.c in the Linux kernel before 3.0.44 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a (1) recvfrom or (2) recvmsg system call on an RDS socket.

Mitigation

Update the affected packages:

i686:
    kernel-tools-debuginfo-3.2.28-45.62.amzn1.i686
    kernel-3.2.28-45.62.amzn1.i686
    kernel-debuginfo-common-i686-3.2.28-45.62.amzn1.i686
    kernel-devel-3.2.28-45.62.amzn1.i686
    kernel-headers-3.2.28-45.62.amzn1.i686
    kernel-tools-3.2.28-45.62.amzn1.i686
    kernel-debuginfo-3.2.28-45.62.amzn1.i686

noarch:
    kernel-doc-3.2.28-45.62.amzn1.noarch

src:
    kernel-3.2.28-45.62.amzn1.src

x86_64:
    kernel-tools-3.2.28-45.62.amzn1.x86_64
    kernel-debuginfo-common-x86_64-3.2.28-45.62.amzn1.x86_64
    kernel-devel-3.2.28-45.62.amzn1.x86_64
    kernel-headers-3.2.28-45.62.amzn1.x86_64
    kernel-debuginfo-3.2.28-45.62.amzn1.x86_64
    kernel-tools-debuginfo-3.2.28-45.62.amzn1.x86_64
    kernel-3.2.28-45.62.amzn1.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

CPE2.3

• cpe:2.3:o:amazon_web_services:amazon_linux_ami:*:*:*:*:*:*:*:*

External links

https://alas.aws.amazon.com/ALAS-2012-118.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.