Detections
Analytics

Amazon Linux 2 : kernel (ALASKERNEL-5.4-2022-023)

high Nessus Plugin ID 161456

Language:

Synopsis

The remote Amazon Linux 2 host is missing a security update.

Description

The version of kernel installed on the remote host is prior to 5.4.181-99.354. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2022-023 advisory.

 - Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage. (CVE-2021-26341)

 - LFENCE/JMP (mitigation V2-2) may not sufficiently mitigate CVE-2017-5715 on some AMD CPUs.
 (CVE-2021-26401)

 - An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. It is actually both for cgroup2 and cgroup1 versions of control groups. A local user could use this flaw to crash the system or escalate their privileges on the system. (CVE-2021-4197)

 - Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. (CVE-2022-0001)

 - Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. (CVE-2022-0002)

 - A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed.
 This flaw allows a remote user to crash the system or possibly escalate their privileges if they have access to the TIPC network. (CVE-2022-0435)

 - Certain Arm Cortex and Neoverse processors through 2022-03-08 do not properly restrict cache speculation, aka Spectre-BHB. An attacker can leverage the shared branch history in the Branch History Buffer (BHB) to influence mispredicted branches. Then, cache allocation can allow the attacker to obtain sensitive information. (CVE-2022-23960)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Run 'yum update kernel' to update your system.

See Also

https://alas.aws.amazon.com/AL2/ALASKERNEL-5.4-2022-023.html

https://alas.aws.amazon.com/cve/html/CVE-2021-4197.html

https://alas.aws.amazon.com/cve/html/CVE-2021-26341.html

https://alas.aws.amazon.com/cve/html/CVE-2021-26401.html

https://alas.aws.amazon.com/cve/html/CVE-2022-0001.html

https://alas.aws.amazon.com/cve/html/CVE-2022-0002.html

https://alas.aws.amazon.com/cve/html/CVE-2022-0435.html

https://alas.aws.amazon.com/cve/html/CVE-2022-23960.html

https://alas.aws.amazon.com/cve/html/CVE-2022-2964.html

Plugin Details

Severity: High

ID: 161456

File Name: al2_ALASKERNEL-5_4-2022-023.nasl

Version: 1.6

Type: local

Agent: unix

Published: 5/24/2022

Updated: 9/5/2023

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: High

Base Score: 9

Temporal Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2022-0435

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 8.4

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:amazon:linux:2, p-cpe:/a:amazon:linux:bpftool, p-cpe:/a:amazon:linux:bpftool-debuginfo, p-cpe:/a:amazon:linux:kernel, p-cpe:/a:amazon:linux:kernel-debuginfo, p-cpe:/a:amazon:linux:kernel-debuginfo-common-aarch64, p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64, p-cpe:/a:amazon:linux:kernel-devel, p-cpe:/a:amazon:linux:kernel-headers, p-cpe:/a:amazon:linux:kernel-tools, p-cpe:/a:amazon:linux:kernel-tools-debuginfo, p-cpe:/a:amazon:linux:kernel-tools-devel, p-cpe:/a:amazon:linux:perf, p-cpe:/a:amazon:linux:perf-debuginfo, p-cpe:/a:amazon:linux:python-perf, p-cpe:/a:amazon:linux:python-perf-debuginfo

Required KB Items: Host/local_checks_enabled, Host/AmazonLinux/release, Host/AmazonLinux/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 3/7/2022

Vulnerability Publication Date: 3/7/2022

Reference Information

CVE: CVE-2021-26341, CVE-2021-26401, CVE-2021-4197, CVE-2022-0001, CVE-2022-0002, CVE-2022-0435, CVE-2022-23960, CVE-2022-2964