Amazon Linux AMI update for gnutls



Published: 2017-04-07
Risk Low
Patch available YES
Number of vulnerabilities 4
CVE-ID CVE-2017-5335
CVE-2017-5336
CVE-2017-5337
CVE-2016-8610
CWE-ID CWE-119
CWE-121
CWE-122
CWE-388
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe 		Amazon Linux AMI
Operating systems & Components / Operating system

Vendor Amazon Web Services

Security Bulletin

This security bulletin contains information about 4 vulnerabilities.

1) Memory corruption

EUVDB-ID: #VU7657

Risk: Low

CVSSv3.1: 5.1 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-5335

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote unauthenticated attacker to cause DoS condition on the target system.

The weakness exists due to insufficient error checking in the stream-reading functions. A remote attacker can send a specially crafted OpenPGP certificate, trigger memory corruption and cause the application to crash.

Successful exploitation of the vulnerability results in denial of service.

Mitigation

Update the affected packages.

i686:
    gnutls-2.12.23-21.18.amzn1.i686
    gnutls-devel-2.12.23-21.18.amzn1.i686
    gnutls-guile-2.12.23-21.18.amzn1.i686
    gnutls-utils-2.12.23-21.18.amzn1.i686
    gnutls-debuginfo-2.12.23-21.18.amzn1.i686

src:
    gnutls-2.12.23-21.18.amzn1.src

x86_64:
    gnutls-guile-2.12.23-21.18.amzn1.x86_64
    gnutls-debuginfo-2.12.23-21.18.amzn1.x86_64
    gnutls-devel-2.12.23-21.18.amzn1.x86_64
    gnutls-utils-2.12.23-21.18.amzn1.x86_64
    gnutls-2.12.23-21.18.amzn1.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

External links

http://alas.aws.amazon.com/ALAS-2017-815.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Stack-based buffer overflow

EUVDB-ID: #VU7658

Risk: Low

CVSSv3.1: 5.1 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-5336

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

Description

The vulnerability allows a remote unauthenticated attacker to cause DoS condition on the target system.

The weakness exists due to improper processing of malicious OpenPGP certificates by the cdk_pk_get_keyid function. A remote attacker can send a specially crafted OpenPGP certificate, trigger stack-based buffer overflow and cause the application to crash.

Successful exploitation of the vulnerability results in denial of service.

Mitigation

Update the affected packages.

i686:
    gnutls-2.12.23-21.18.amzn1.i686
    gnutls-devel-2.12.23-21.18.amzn1.i686
    gnutls-guile-2.12.23-21.18.amzn1.i686
    gnutls-utils-2.12.23-21.18.amzn1.i686
    gnutls-debuginfo-2.12.23-21.18.amzn1.i686

src:
    gnutls-2.12.23-21.18.amzn1.src

x86_64:
    gnutls-guile-2.12.23-21.18.amzn1.x86_64
    gnutls-debuginfo-2.12.23-21.18.amzn1.x86_64
    gnutls-devel-2.12.23-21.18.amzn1.x86_64
    gnutls-utils-2.12.23-21.18.amzn1.x86_64
    gnutls-2.12.23-21.18.amzn1.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

External links

http://alas.aws.amazon.com/ALAS-2017-815.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Heap-based buffer overflow

EUVDB-ID: #VU7660

Risk: Low

CVSSv3.1: 5.1 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-5337

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote unauthenticated attacker to cause DoS condition on the target system.

The weakness exists due to improper processing of malicious OpenPGP certificates by the read_attribute function. A remote attacker can send a specially crafted OpenPGP certificate, trigger heap-based buffer overflow and cause the application to crash.

Successful exploitation of the vulnerability results in denial of service.

Mitigation

Update the affected packages.

i686:
    gnutls-2.12.23-21.18.amzn1.i686
    gnutls-devel-2.12.23-21.18.amzn1.i686
    gnutls-guile-2.12.23-21.18.amzn1.i686
    gnutls-utils-2.12.23-21.18.amzn1.i686
    gnutls-debuginfo-2.12.23-21.18.amzn1.i686

src:
    gnutls-2.12.23-21.18.amzn1.src

x86_64:
    gnutls-guile-2.12.23-21.18.amzn1.x86_64
    gnutls-debuginfo-2.12.23-21.18.amzn1.x86_64
    gnutls-devel-2.12.23-21.18.amzn1.x86_64
    gnutls-utils-2.12.23-21.18.amzn1.x86_64
    gnutls-2.12.23-21.18.amzn1.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

External links

http://alas.aws.amazon.com/ALAS-2017-815.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Denial of service

EUVDB-ID: #VU1083

Risk: Low

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2016-8610

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a remote unauthenticated user to exhaust memory on the target system.
The weakness is due to improper handling of certain packets by the ssl3_read_bytes() function in 'ssl/s3_pkt.c.
By sending a flood of SSL3_AL_WARNING alerts during the SSL handshake, a remote attacker can consume excessive CPU resources that may lead to OpenSSL library being unavailable.
Successful exploitation of the vulnerability results in denial of service on the vulnerable system.

Mitigation

Update the affected packages.

i686:
    gnutls-2.12.23-21.18.amzn1.i686
    gnutls-devel-2.12.23-21.18.amzn1.i686
    gnutls-guile-2.12.23-21.18.amzn1.i686
    gnutls-utils-2.12.23-21.18.amzn1.i686
    gnutls-debuginfo-2.12.23-21.18.amzn1.i686

src:
    gnutls-2.12.23-21.18.amzn1.src

x86_64:
    gnutls-guile-2.12.23-21.18.amzn1.x86_64
    gnutls-debuginfo-2.12.23-21.18.amzn1.x86_64
    gnutls-devel-2.12.23-21.18.amzn1.x86_64
    gnutls-utils-2.12.23-21.18.amzn1.x86_64
    gnutls-2.12.23-21.18.amzn1.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

External links

http://alas.aws.amazon.com/ALAS-2017-815.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###