Risk | Medium |
Patch available | YES |
Number of vulnerabilities | 8 |
CVE-ID | CVE-2022-0494 CVE-2022-0812 CVE-2022-1012 CVE-2022-1184 CVE-2022-1966 CVE-2022-32250 CVE-2022-32296 CVE-2022-32981 |
CWE-ID | CWE-200 CWE-401 CWE-416 CWE-330 CWE-119 |
Exploitation vector | Network |
Public exploit |
Public exploit code for vulnerability #5 is available. Public exploit code for vulnerability #6 is available. |
Vulnerable software Subscribe |
Amazon Linux AMI Operating systems & Components / Operating system |
Vendor | Amazon Web Services |
Security Bulletin
This security bulletin contains information about 8 vulnerabilities.
EUVDB-ID: #VU64259
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-0494
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output in the scsi_ioctl() function in drivers/scsi/scsi_ioctl.c in the Linux kernel. A local user with a special user privilege (CAP_SYS_ADMIN or CAP_SYS_RAWIO) can gain unauthorized access to sensitive information on the system.
MitigationUpdate the affected packages:
i686:Vulnerable software versions
kernel-devel-4.14.285-147.501.amzn1.i686
kernel-debuginfo-common-i686-4.14.285-147.501.amzn1.i686
perf-debuginfo-4.14.285-147.501.amzn1.i686
kernel-4.14.285-147.501.amzn1.i686
kernel-headers-4.14.285-147.501.amzn1.i686
kernel-debuginfo-4.14.285-147.501.amzn1.i686
kernel-tools-devel-4.14.285-147.501.amzn1.i686
kernel-tools-4.14.285-147.501.amzn1.i686
perf-4.14.285-147.501.amzn1.i686
kernel-tools-debuginfo-4.14.285-147.501.amzn1.i686
src:
kernel-4.14.285-147.501.amzn1.src
x86_64:
kernel-tools-4.14.285-147.501.amzn1.x86_64
kernel-debuginfo-common-x86_64-4.14.285-147.501.amzn1.x86_64
kernel-tools-debuginfo-4.14.285-147.501.amzn1.x86_64
kernel-headers-4.14.285-147.501.amzn1.x86_64
perf-4.14.285-147.501.amzn1.x86_64
kernel-debuginfo-4.14.285-147.501.amzn1.x86_64
kernel-tools-devel-4.14.285-147.501.amzn1.x86_64
kernel-devel-4.14.285-147.501.amzn1.x86_64
perf-debuginfo-4.14.285-147.501.amzn1.x86_64
kernel-4.14.285-147.501.amzn1.x86_64
Amazon Linux AMI: All versions
External linkshttp://alas.aws.amazon.com/ALAS-2022-1604.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU64919
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-0812
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists in NFS over RDMA in the net/sunrpc/xprtrdma/rpc_rdma.c() function in RPCRDMA_HDRLEN_MIN (7). A local user can gain unauthorized access to sensitive information on the system.
MitigationUpdate the affected packages:
i686:Vulnerable software versions
kernel-devel-4.14.285-147.501.amzn1.i686
kernel-debuginfo-common-i686-4.14.285-147.501.amzn1.i686
perf-debuginfo-4.14.285-147.501.amzn1.i686
kernel-4.14.285-147.501.amzn1.i686
kernel-headers-4.14.285-147.501.amzn1.i686
kernel-debuginfo-4.14.285-147.501.amzn1.i686
kernel-tools-devel-4.14.285-147.501.amzn1.i686
kernel-tools-4.14.285-147.501.amzn1.i686
perf-4.14.285-147.501.amzn1.i686
kernel-tools-debuginfo-4.14.285-147.501.amzn1.i686
src:
kernel-4.14.285-147.501.amzn1.src
x86_64:
kernel-tools-4.14.285-147.501.amzn1.x86_64
kernel-debuginfo-common-x86_64-4.14.285-147.501.amzn1.x86_64
kernel-tools-debuginfo-4.14.285-147.501.amzn1.x86_64
kernel-headers-4.14.285-147.501.amzn1.x86_64
perf-4.14.285-147.501.amzn1.x86_64
kernel-debuginfo-4.14.285-147.501.amzn1.x86_64
kernel-tools-devel-4.14.285-147.501.amzn1.x86_64
kernel-devel-4.14.285-147.501.amzn1.x86_64
perf-debuginfo-4.14.285-147.501.amzn1.x86_64
kernel-4.14.285-147.501.amzn1.x86_64
Amazon Linux AMI: All versions
External linkshttp://alas.aws.amazon.com/ALAS-2022-1604.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU64079
Risk: Medium
CVSSv3.1: 5.1 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-1012
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to insufficient randomization in the net/ipv4/tcp.c when calculating port offsets in Linux kernel cause by small table perturb size. A remote attacker can cause memory leak and gain access to sensitive information.
MitigationUpdate the affected packages:
i686:Vulnerable software versions
kernel-devel-4.14.285-147.501.amzn1.i686
kernel-debuginfo-common-i686-4.14.285-147.501.amzn1.i686
perf-debuginfo-4.14.285-147.501.amzn1.i686
kernel-4.14.285-147.501.amzn1.i686
kernel-headers-4.14.285-147.501.amzn1.i686
kernel-debuginfo-4.14.285-147.501.amzn1.i686
kernel-tools-devel-4.14.285-147.501.amzn1.i686
kernel-tools-4.14.285-147.501.amzn1.i686
perf-4.14.285-147.501.amzn1.i686
kernel-tools-debuginfo-4.14.285-147.501.amzn1.i686
src:
kernel-4.14.285-147.501.amzn1.src
x86_64:
kernel-tools-4.14.285-147.501.amzn1.x86_64
kernel-debuginfo-common-x86_64-4.14.285-147.501.amzn1.x86_64
kernel-tools-debuginfo-4.14.285-147.501.amzn1.x86_64
kernel-headers-4.14.285-147.501.amzn1.x86_64
perf-4.14.285-147.501.amzn1.x86_64
kernel-debuginfo-4.14.285-147.501.amzn1.x86_64
kernel-tools-devel-4.14.285-147.501.amzn1.x86_64
kernel-devel-4.14.285-147.501.amzn1.x86_64
perf-debuginfo-4.14.285-147.501.amzn1.x86_64
kernel-4.14.285-147.501.amzn1.x86_64
Amazon Linux AMI: All versions
External linkshttp://alas.aws.amazon.com/ALAS-2022-1604.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU64438
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-1184
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service attack.
The vulnerability exists due to a use-after-free error in fs/ext4/namei.c:dx_insert_block() function in the Linux kernel’s filesystem sub-component.. A local user can trigger use-after-free and perform a denial of service attack.
MitigationUpdate the affected packages:
i686:Vulnerable software versions
kernel-devel-4.14.285-147.501.amzn1.i686
kernel-debuginfo-common-i686-4.14.285-147.501.amzn1.i686
perf-debuginfo-4.14.285-147.501.amzn1.i686
kernel-4.14.285-147.501.amzn1.i686
kernel-headers-4.14.285-147.501.amzn1.i686
kernel-debuginfo-4.14.285-147.501.amzn1.i686
kernel-tools-devel-4.14.285-147.501.amzn1.i686
kernel-tools-4.14.285-147.501.amzn1.i686
perf-4.14.285-147.501.amzn1.i686
kernel-tools-debuginfo-4.14.285-147.501.amzn1.i686
src:
kernel-4.14.285-147.501.amzn1.src
x86_64:
kernel-tools-4.14.285-147.501.amzn1.x86_64
kernel-debuginfo-common-x86_64-4.14.285-147.501.amzn1.x86_64
kernel-tools-debuginfo-4.14.285-147.501.amzn1.x86_64
kernel-headers-4.14.285-147.501.amzn1.x86_64
perf-4.14.285-147.501.amzn1.x86_64
kernel-debuginfo-4.14.285-147.501.amzn1.x86_64
kernel-tools-devel-4.14.285-147.501.amzn1.x86_64
kernel-devel-4.14.285-147.501.amzn1.x86_64
perf-debuginfo-4.14.285-147.501.amzn1.x86_64
kernel-4.14.285-147.501.amzn1.x86_64
Amazon Linux AMI: All versions
External linkshttp://alas.aws.amazon.com/ALAS-2022-1604.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU64070
Risk: Low
CVSSv3.1: 7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2022-1966
CWE-ID:
CWE-416 - Use After Free
Exploit availability: Yes
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error in the Linux kernel's Netfilter subsystem in net/netfilter/nf_tables_api.c. A local user can trigger use-after-free error to escalate privileges on the system.
MitigationUpdate the affected packages:
i686:Vulnerable software versions
kernel-devel-4.14.285-147.501.amzn1.i686
kernel-debuginfo-common-i686-4.14.285-147.501.amzn1.i686
perf-debuginfo-4.14.285-147.501.amzn1.i686
kernel-4.14.285-147.501.amzn1.i686
kernel-headers-4.14.285-147.501.amzn1.i686
kernel-debuginfo-4.14.285-147.501.amzn1.i686
kernel-tools-devel-4.14.285-147.501.amzn1.i686
kernel-tools-4.14.285-147.501.amzn1.i686
perf-4.14.285-147.501.amzn1.i686
kernel-tools-debuginfo-4.14.285-147.501.amzn1.i686
src:
kernel-4.14.285-147.501.amzn1.src
x86_64:
kernel-tools-4.14.285-147.501.amzn1.x86_64
kernel-debuginfo-common-x86_64-4.14.285-147.501.amzn1.x86_64
kernel-tools-debuginfo-4.14.285-147.501.amzn1.x86_64
kernel-headers-4.14.285-147.501.amzn1.x86_64
perf-4.14.285-147.501.amzn1.x86_64
kernel-debuginfo-4.14.285-147.501.amzn1.x86_64
kernel-tools-devel-4.14.285-147.501.amzn1.x86_64
kernel-devel-4.14.285-147.501.amzn1.x86_64
perf-debuginfo-4.14.285-147.501.amzn1.x86_64
kernel-4.14.285-147.501.amzn1.x86_64
Amazon Linux AMI: All versions
External linkshttp://alas.aws.amazon.com/ALAS-2022-1604.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU64668
Risk: Low
CVSSv3.1: 7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2022-32250
CWE-ID:
CWE-416 - Use After Free
Exploit availability: Yes
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free incorrect NFT_STATEFUL_EXPR in net/netfilter/nf_tables_api.c in Linux kernel. A local user with ability to create user/net namespaces can execute arbitrary code with root privileges.
Update the affected packages:
i686:Vulnerable software versions
kernel-devel-4.14.285-147.501.amzn1.i686
kernel-debuginfo-common-i686-4.14.285-147.501.amzn1.i686
perf-debuginfo-4.14.285-147.501.amzn1.i686
kernel-4.14.285-147.501.amzn1.i686
kernel-headers-4.14.285-147.501.amzn1.i686
kernel-debuginfo-4.14.285-147.501.amzn1.i686
kernel-tools-devel-4.14.285-147.501.amzn1.i686
kernel-tools-4.14.285-147.501.amzn1.i686
perf-4.14.285-147.501.amzn1.i686
kernel-tools-debuginfo-4.14.285-147.501.amzn1.i686
src:
kernel-4.14.285-147.501.amzn1.src
x86_64:
kernel-tools-4.14.285-147.501.amzn1.x86_64
kernel-debuginfo-common-x86_64-4.14.285-147.501.amzn1.x86_64
kernel-tools-debuginfo-4.14.285-147.501.amzn1.x86_64
kernel-headers-4.14.285-147.501.amzn1.x86_64
perf-4.14.285-147.501.amzn1.x86_64
kernel-debuginfo-4.14.285-147.501.amzn1.x86_64
kernel-tools-devel-4.14.285-147.501.amzn1.x86_64
kernel-devel-4.14.285-147.501.amzn1.x86_64
perf-debuginfo-4.14.285-147.501.amzn1.x86_64
kernel-4.14.285-147.501.amzn1.x86_64
Amazon Linux AMI: All versions
External linkshttp://alas.aws.amazon.com/ALAS-2022-1604.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU64943
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-32296
CWE-ID:
CWE-330 - Use of Insufficiently Random Values
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to Linux kernel allowing TCP servers to identify clients by observing what source ports are used. A local user can gain unauthorized access to sensitive information on the system.
MitigationUpdate the affected packages:
i686:Vulnerable software versions
kernel-devel-4.14.285-147.501.amzn1.i686
kernel-debuginfo-common-i686-4.14.285-147.501.amzn1.i686
perf-debuginfo-4.14.285-147.501.amzn1.i686
kernel-4.14.285-147.501.amzn1.i686
kernel-headers-4.14.285-147.501.amzn1.i686
kernel-debuginfo-4.14.285-147.501.amzn1.i686
kernel-tools-devel-4.14.285-147.501.amzn1.i686
kernel-tools-4.14.285-147.501.amzn1.i686
perf-4.14.285-147.501.amzn1.i686
kernel-tools-debuginfo-4.14.285-147.501.amzn1.i686
src:
kernel-4.14.285-147.501.amzn1.src
x86_64:
kernel-tools-4.14.285-147.501.amzn1.x86_64
kernel-debuginfo-common-x86_64-4.14.285-147.501.amzn1.x86_64
kernel-tools-debuginfo-4.14.285-147.501.amzn1.x86_64
kernel-headers-4.14.285-147.501.amzn1.x86_64
perf-4.14.285-147.501.amzn1.x86_64
kernel-debuginfo-4.14.285-147.501.amzn1.x86_64
kernel-tools-devel-4.14.285-147.501.amzn1.x86_64
kernel-devel-4.14.285-147.501.amzn1.x86_64
perf-debuginfo-4.14.285-147.501.amzn1.x86_64
kernel-4.14.285-147.501.amzn1.x86_64
Amazon Linux AMI: All versions
External linkshttp://alas.aws.amazon.com/ALAS-2022-1604.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU65005
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-32981
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error in ptrace PEEKUSER and POKEUSER when accessing floating point registers on powerpc 32-bit platforms. A local user can trigger buffer overflow and execute arbitrary code with elevated privileges.
Update the affected packages:
i686:Vulnerable software versions
kernel-devel-4.14.285-147.501.amzn1.i686
kernel-debuginfo-common-i686-4.14.285-147.501.amzn1.i686
perf-debuginfo-4.14.285-147.501.amzn1.i686
kernel-4.14.285-147.501.amzn1.i686
kernel-headers-4.14.285-147.501.amzn1.i686
kernel-debuginfo-4.14.285-147.501.amzn1.i686
kernel-tools-devel-4.14.285-147.501.amzn1.i686
kernel-tools-4.14.285-147.501.amzn1.i686
perf-4.14.285-147.501.amzn1.i686
kernel-tools-debuginfo-4.14.285-147.501.amzn1.i686
src:
kernel-4.14.285-147.501.amzn1.src
x86_64:
kernel-tools-4.14.285-147.501.amzn1.x86_64
kernel-debuginfo-common-x86_64-4.14.285-147.501.amzn1.x86_64
kernel-tools-debuginfo-4.14.285-147.501.amzn1.x86_64
kernel-headers-4.14.285-147.501.amzn1.x86_64
perf-4.14.285-147.501.amzn1.x86_64
kernel-debuginfo-4.14.285-147.501.amzn1.x86_64
kernel-tools-devel-4.14.285-147.501.amzn1.x86_64
kernel-devel-4.14.285-147.501.amzn1.x86_64
perf-debuginfo-4.14.285-147.501.amzn1.x86_64
kernel-4.14.285-147.501.amzn1.x86_64
Amazon Linux AMI: All versions
External linkshttp://alas.aws.amazon.com/ALAS-2022-1604.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.