Risk | Low |
Patch available | YES |
Number of vulnerabilities | 1 |
CVE-ID | CVE-2017-12134 |
CWE-ID | CWE-264 |
Exploitation vector | Local network |
Public exploit | N/A |
Vulnerable software Subscribe |
Amazon Linux AMI Operating systems & Components / Operating system |
Vendor | Amazon Web Services |
Security Bulletin
This security bulletin contains one low risk vulnerability.
EUVDB-ID: #VU7952
Risk: Low
CVSSv3.1: 7 [CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-12134
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local attacker on a Linux-based guest system to gain elevated privileges on the host system.
The weakness exists due to aa flaw in merging adjacent block IO requests. A local attacker on the guest system can incorrectly access memory during block stream processing to obtain potentially sensitive information or gain elevated privileges on the host system.
Update the affected packages.
i686:Vulnerable software versions
kernel-devel-4.9.43-17.39.amzn1.i686
kernel-tools-4.9.43-17.39.amzn1.i686
perf-debuginfo-4.9.43-17.39.amzn1.i686
kernel-headers-4.9.43-17.39.amzn1.i686
kernel-tools-devel-4.9.43-17.39.amzn1.i686
perf-4.9.43-17.39.amzn1.i686
kernel-debuginfo-4.9.43-17.39.amzn1.i686
kernel-debuginfo-common-i686-4.9.43-17.39.amzn1.i686
kernel-4.9.43-17.39.amzn1.i686
kernel-tools-debuginfo-4.9.43-17.39.amzn1.i686
noarch:
kernel-doc-4.9.43-17.39.amzn1.noarch
src:
kernel-4.9.43-17.39.amzn1.src
x86_64:
kernel-debuginfo-common-x86_64-4.9.43-17.39.amzn1.x86_64
kernel-tools-4.9.43-17.39.amzn1.x86_64
perf-debuginfo-4.9.43-17.39.amzn1.x86_64
perf-4.9.43-17.39.amzn1.x86_64
kernel-tools-devel-4.9.43-17.39.amzn1.x86_64
kernel-tools-debuginfo-4.9.43-17.39.amzn1.x86_64
kernel-headers-4.9.43-17.39.amzn1.x86_64
kernel-devel-4.9.43-17.39.amzn1.x86_64
kernel-debuginfo-4.9.43-17.39.amzn1.x86_64
kernel-4.9.43-17.39.amzn1.x86_64
Amazon Linux AMI: All versions
External linkshttp://alas.aws.amazon.com/ALAS-2017-897.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.