Amazon Linux AMI : kernel (ALAS-2017-868)
High Nessus Plugin ID 102367
SynopsisThe remote Amazon Linux AMI host is missing a security update.
DescriptionExploitable memory corruption due to UFO to non-UFO path switch (CVE-2017-1000112)
heap out-of-bounds in AF_PACKET sockets (CVE-2017-1000111)
The mq_notify function in the Linux kernel does not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allows attackers to possibly cause a situation where a value may be used after being freed (use-after-free) which may lead to memory corruption or other unspecified other impact.
SolutionRun 'yum update kernel' to update your system.