SB202502194530 - Amazon Linux AMI update for kernel

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB202502194530

SB202502194530 - Amazon Linux AMI update for kernel

Published: February 19, 2025

Security Bulletin ID SB202502194530
Severity
Medium
Patch available
YES
Number of vulnerabilities 9
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

Medium 11% Low 89%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 9 secuirty vulnerabilities.


1) Deadlock (CVE-ID: CVE-2023-34324)

The vulnerability allows a malicious guest to perform a denial of service (DoS) attack.

The vulnerability exists due to improper event handling in Linux kernel. A malicious guest can disable paravirtualized device to cause a deadlock in a backend domain (other than dom0).


2) Input validation error (CVE-ID: CVE-2023-39191)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to insufficient validation of user-supplied input in the eBPF subsystem in the Linux kernel. A local user with CAP_BPF capability can execute arbitrary code with elevated privileges.


3) Out-of-bounds read (CVE-ID: CVE-2023-52476)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition within the branch_type() and get_branch_type() functions in arch/x86/events/utils.c. A local user can trigger an out-of-bounds read error and crash the kernel.


4) Use of uninitialized resource (CVE-ID: CVE-2023-52477)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to usage of uninitialized BOS descriptors in drivers/usb/core/hub.c. A local user can perform a denial of service (DoS) attack.


5) Information disclosure (CVE-ID: CVE-2023-52481)

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information disclosure within the ERRATA_MIDR_REV_RANGE() function in arch/arm64/kernel/cpu_errata.c. A local user can gain access to sensitive information.


6) Resource management error (CVE-ID: CVE-2023-52522)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper management of internal resources within the neigh_periodic_work() function in net/core/neighbour.c. A local user can  perform a denial of service (DoS) attack.


7) NULL pointer dereference (CVE-ID: CVE-2023-52523)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the BPF_CALL_4() function in net/core/sock_map.c. A local user can perform a denial of service (DoS) attack.


8) Resource management error (CVE-ID: CVE-2023-52559)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the iommu_suspend() and iommu_resume() functions in drivers/iommu/intel/iommu.c. A local user can perform a denial of service (DoS) attack.


9) Improper locking (CVE-ID: CVE-2024-0641)

The vulnerability allows a malicious guest to perform a denial of service attack (DoS) on the target system.

The vulnerability exists due to double-locking error within the tipc_crypto_key_revoke() function in net/tipc/crypto.c. A malicious guest can exploit this vulnerability to cause a deadlock, resulting in a denial of service.


Remediation

Install update from vendor's website.

References