SB2017061711 - Amazon Linux AMI update for kernel

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2017061711

SB2017061711 - Amazon Linux AMI update for kernel

Published: June 17, 2017

Security Bulletin ID SB2017061711
Severity
Medium
Patch available
YES
Number of vulnerabilities 5
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

Medium 40% Low 60%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 5 secuirty vulnerabilities.


1) Memory corruption (CVE-ID: CVE-2017-1000364)

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The vulnerability exists due to memory management errors in implementation of various functions under multiple operating systems. A local or remote attacker can trigger the affected application to process specially crafted data, trigger memory corruption and execute arbitrary code on the target system. The vulnerability is dubbed by Qualys researchers as “Stack Clash”.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.


2) Security restrictions bypass (CVE-ID: CVE-2017-7482)

The vulnerability allows a local attacker to bypass security restrictions on the target system.

The weakness exists due to the failure to take the argument and environment strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size) into account when imposing a size restriction. A local attacker can bypass security limitation and perform unauthorized actions.

Successful exploitation of the vulnerability results in access to the system.

3) Security restrictions bypass (CVE-ID: CVE-2017-1000370)

The vulnerability allows a local attacker to bypass security restrictions on the target system.

The weakness exists due to a flaw in offset2lib patch. A local attacker can send a specially-crafted request, bypass security restrictions and gain full access to the system.

4) Security restrictions bypass (CVE-ID: CVE-2017-1000371)

The vulnerability allows a local attacker to bypass security restrictions on the target system.

The weakness exists due to a flaw in offset2lib patch. A local attacker can send a specially-crafted request, bypass security restrictions and gain full access to the system.

5) Buffer overflow (CVE-ID: CVE-2017-1000377)

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

An issue was discovered in the size of the default stack guard page on PAX Linux (originally from GRSecurity but shipped by other Linux vendors), specifically the default stack guard page is not sufficiently large and can be "jumped" over (the stack guard page is bypassed), this affects PAX Linux Kernel versions as of June 19, 2017 (specific version information is not available at this time).


Remediation

Install update from vendor's website.

References