Detections
Analytics

Amazon Linux 2 : kernel (ALAS-2020-1480)

medium Nessus Plugin ID 139858

Language:

Synopsis

The remote Amazon Linux 2 host is missing a security update.

Description

The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1480 advisory.

 - The Serial Attached SCSI (SAS) implementation in the Linux kernel through 4.15.9 mishandles a mutex within libsas, which allows local users to cause a denial of service (deadlock) by triggering certain error- handling code. (CVE-2017-18232)

 - The unimac_mdio_probe function in drivers/net/phy/mdio-bcm-unimac.c in the Linux kernel through 4.15.8 does not validate certain resource availability, which allows local users to cause a denial of service (NULL pointer dereference). (CVE-2018-8043)

 - A memory leak in the ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-128c66429247.
 (CVE-2019-18808)

 - A memory leak in the cx23888_ir_probe() function in drivers/media/pci/cx23885/cx23888-ir.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering kfifo_alloc() failures, aka CID-a7b2df76b42b. (CVE-2019-19054)

 - A memory leak in the adis_update_scan_mode_burst() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-9c0530e898f3. (CVE-2019-19061)

 - Memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering wait_for_completion_timeout() failures. This affects the htc_config_pipe_credits() function, the htc_setup_complete() function, and the htc_connect_service() function, aka CID-853acf7caf10. (CVE-2019-19073)

 - A memory leak in the ath9k_wmi_cmd() function in drivers/net/wireless/ath/ath9k/wmi.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-728c1e2a05e4.
 (CVE-2019-19074)

 - In a Linux KVM guest that has PV TLB enabled, a process in the guest kernel may be able to read memory locations from another process in the same guest. This problem is limit to the host running linux kernel 4.10 with a guest running linux kernel 4.16 or later. The problem mainly affects AMD processors but Intel CPUs cannot be ruled out. (CVE-2019-3016)

 - In the Android kernel in F2FS driver there is a possible out of bounds read due to a missing bounds check.
 This could lead to local information disclosure with system execution privileges needed. User interaction is not needed for exploitation. (CVE-2019-9445)

 - An issue was discovered in xfs_agf_verify in fs/xfs/libxfs/xfs_alloc.c in the Linux kernel through 5.6.10.
 Attackers may trigger a sync of excessive duration via an XFS v5 image with crafted metadata, aka CID-d0c7feaf8767. (CVE-2020-12655)

 - In the Linux kernel through 5.7.6, usbtest_disconnect in drivers/usb/misc/usbtest.c has a memory leak, aka CID-28ebeb8db770. (CVE-2020-15393)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Run 'yum update kernel' to update your system.

See Also

https://alas.aws.amazon.com/AL2/ALAS-2020-1480.html

https://access.redhat.com/security/cve/CVE-2017-18232

https://access.redhat.com/security/cve/CVE-2018-10323

https://access.redhat.com/security/cve/CVE-2018-8043

https://access.redhat.com/security/cve/CVE-2019-18808

https://access.redhat.com/security/cve/CVE-2019-19054

https://access.redhat.com/security/cve/CVE-2019-19061

https://access.redhat.com/security/cve/CVE-2019-19073

https://access.redhat.com/security/cve/CVE-2019-19074

https://access.redhat.com/security/cve/CVE-2019-3016

https://access.redhat.com/security/cve/CVE-2019-9445

https://access.redhat.com/security/cve/CVE-2020-10781

https://access.redhat.com/security/cve/CVE-2020-12655

https://access.redhat.com/security/cve/CVE-2020-15393

Plugin Details

Severity: Medium

ID: 139858

File Name: al2_ALAS-2020-1480.nasl

Version: 1.3

Type: local

Agent: unix

Published: 8/26/2020

Updated: 2/23/2024

Supported Sensors: Agentless Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: Low

Base Score: 2.1

Temporal Score: 1.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS Score Source: CVE-2019-9445

CVSS v3

Risk Factor: Medium

Base Score: 4.7

Temporal Score: 4.2

Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

CVSS Score Source: CVE-2019-3016

Vulnerability Information

CPE: p-cpe:/a:amazon:linux:kernel, p-cpe:/a:amazon:linux:kernel-debuginfo, p-cpe:/a:amazon:linux:kernel-debuginfo-common-aarch64, p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64, p-cpe:/a:amazon:linux:kernel-devel, p-cpe:/a:amazon:linux:kernel-headers, p-cpe:/a:amazon:linux:kernel-livepatch-4.14.192-147.314, p-cpe:/a:amazon:linux:kernel-tools, p-cpe:/a:amazon:linux:kernel-tools-debuginfo, p-cpe:/a:amazon:linux:kernel-tools-devel, p-cpe:/a:amazon:linux:perf, p-cpe:/a:amazon:linux:perf-debuginfo, p-cpe:/a:amazon:linux:python-perf, p-cpe:/a:amazon:linux:python-perf-debuginfo, cpe:/o:amazon:linux:2

Required KB Items: Host/local_checks_enabled, Host/AmazonLinux/release, Host/AmazonLinux/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 8/18/2020

Vulnerability Publication Date: 3/10/2018

Reference Information

CVE: CVE-2017-18232, CVE-2018-10323, CVE-2018-8043, CVE-2019-18808, CVE-2019-19054, CVE-2019-19061, CVE-2019-19073, CVE-2019-19074, CVE-2019-3016, CVE-2019-9445, CVE-2020-10781, CVE-2020-12655, CVE-2020-15393

BID: 103354, 103423

ALAS: 2020-1480