Detections
Analytics

Amazon Linux 2 : kernel (ALASKERNEL-5.15-2022-011)

high Nessus Plugin ID 168507

Language:

Synopsis

The remote Amazon Linux 2 host is missing a security update.

Description

The version of kernel installed on the remote host is prior to 5.15.79-51.138. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2022-011 advisory.

 A vulnerability classified as problematic has been found in Linux Kernel. This affects the function fib_nh_match of the file net/ipv4/fib_semantics.c of the component IPv4 Handler. The manipulation leads to out-of-bounds read. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-210357 was assigned to this vulnerability. (CVE-2022-3435)

 A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6_renew_options of the component IPv6 Handler. The manipulation leads to memory leak. The attack can be launched remotely. It is recommended to apply a patch to fix this issue.
 The identifier VDB-211021 was assigned to this vulnerability. (CVE-2022-3524)

 A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function unix_sock_destructor/unix_release_sock of the file net/unix/af_unix.c of the component BPF.
 The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211043. (CVE-2022-3543)

 A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211087. (CVE-2022-3564)

 A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function l2cap_recv_acldata of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. VDB-211918 is the identifier assigned to this vulnerability. (CVE-2022-3619)

 A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function follow_page_pte of the file mm/gup.c of the component BPF. The manipulation leads to race condition. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211921 was assigned to this vulnerability. (CVE-2022-3623)

 In the Linux kernel, the following vulnerability has been resolved:

 btrfs: zoned: initialize device's zone info for seeding (CVE-2022-49831)

 In the Linux kernel, the following vulnerability has been resolved:

 udf: Fix a slab-out-of-bounds write bug in udf_find_entry() (CVE-2022-49846)

 In the Linux kernel, the following vulnerability has been resolved:

 btrfs: fix match incorrectly in dev_args_match_device (CVE-2022-49849)

 In the Linux kernel, the following vulnerability has been resolved:

 net: macvlan: fix memory leaks of macvlan_common_newlink (CVE-2022-49853)

 In the Linux kernel, the following vulnerability has been resolved:

 ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network (CVE-2022-49865)

 In the Linux kernel, the following vulnerability has been resolved:

 capabilities: fix undefined behavior in bit shift for CAP_TO_MASK (CVE-2022-49870)

 In the Linux kernel, the following vulnerability has been resolved:

 net: tun: Fix memory leaks of napi_get_frags (CVE-2022-49871)

 In the Linux kernel, the following vulnerability has been resolved:

 bpf: Fix wrong reg type conversion in release_reference() (CVE-2022-49873)

 In the Linux kernel, the following vulnerability has been resolved:

 HID: hyperv: fix possible memory leak in mousevsc_probe() (CVE-2022-49874)

 In the Linux kernel, the following vulnerability has been resolved:

 bpftool: Fix NULL pointer dereference when pin {PROG, MAP, LINK} without FILE (CVE-2022-49875)

 In the Linux kernel, the following vulnerability has been resolved:

 bpf, verifier: Fix memory leak in array reallocation for stack state (CVE-2022-49878)

 In the Linux kernel, the following vulnerability has been resolved:

 ext4: fix BUG_ON() when directory entry has invalid rec_len (CVE-2022-49879)

 In the Linux kernel, the following vulnerability has been resolved:

 ext4: fix warning in 'ext4_da_release_space' (CVE-2022-49880)

 In the Linux kernel, the following vulnerability has been resolved:

 ACPI: APEI: Fix integer overflow in ghes_estatus_pool_init() (CVE-2022-49885)

 In the Linux kernel, the following vulnerability has been resolved:

 arm64: entry: avoid kprobe recursion (CVE-2022-49888)

 In the Linux kernel, the following vulnerability has been resolved:

 capabilities: fix potential memleak on error path from vfs_getxattr_alloc() (CVE-2022-49890)

 In the Linux kernel, the following vulnerability has been resolved:

 ftrace: Fix use-after-free for dynamic ftrace_ops (CVE-2022-49892)

 In the Linux kernel, the following vulnerability has been resolved:

 btrfs: fix tree mod log mishandling of reallocated nodes (CVE-2022-49898)

 In the Linux kernel, the following vulnerability has been resolved:

 fscrypt: stop using keyrings subsystem for fscrypt_master_key (CVE-2022-49899)

 In the Linux kernel, the following vulnerability has been resolved:

 block: Fix possible memory leak for rq_wb on add_disk failure (CVE-2022-49902)

 In the Linux kernel, the following vulnerability has been resolved:

 ipv6: fix WARNING in ip6_route_net_exit_late() (CVE-2022-49903)

 In the Linux kernel, the following vulnerability has been resolved:

 net/smc: Fix possible leaked pernet namespace in smc_init() (CVE-2022-49905)

 In the Linux kernel, the following vulnerability has been resolved:

 net: mdio: fix undefined behavior in bit shift for __mdiobus_register (CVE-2022-49907)

 In the Linux kernel, the following vulnerability has been resolved:

 netfilter: ipset: enforce documented limit to prevent allocating huge memory (CVE-2022-49911)

 In the Linux kernel, the following vulnerability has been resolved:

 btrfs: fix ulist leaks in error paths of qgroup self tests (CVE-2022-49912)

 In the Linux kernel, the following vulnerability has been resolved:

 btrfs: fix inode list leak during backref walking at find_parent_nodes() (CVE-2022-49913)

 In the Linux kernel, the following vulnerability has been resolved:

 btrfs: fix inode list leak during backref walking at resolve_indirect_refs() (CVE-2022-49914)

 In the Linux kernel, the following vulnerability has been resolved:

 mISDN: fix possible memory leak in mISDN_register_device() (CVE-2022-49915)

 In the Linux kernel, the following vulnerability has been resolved:

 ipvs: fix WARNING in ip_vs_app_net_cleanup() (CVE-2022-49917)

 In the Linux kernel, the following vulnerability has been resolved:

 ipvs: fix WARNING in __ip_vs_cleanup_batch() (CVE-2022-49918)

 In the Linux kernel, the following vulnerability has been resolved:

 netfilter: nf_tables: release flow rule object from commit path (CVE-2022-49919)

 In the Linux kernel, the following vulnerability has been resolved:

 netfilter: nf_tables: netlink notifier might race to release objects (CVE-2022-49920)

 In the Linux kernel, the following vulnerability has been resolved:

 RDMA/core: Fix null-ptr-deref in ib_core_cleanup() (CVE-2022-49925)

 In the Linux kernel, the following vulnerability has been resolved:

 nfs4: Fix kmemleak when allocate slot failed (CVE-2022-49927)

 In the Linux kernel, the following vulnerability has been resolved:

 SUNRPC: Fix null-ptr-deref when xps sysfs alloc failed (CVE-2022-49928)

 A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. (CVE-2023-0590)

 An out-of-bounds memory access flaw was found in the Linux kernel's TUN/TAP device driver functionality in how a user generates a malicious (too big) networking packet when napi frags is enabled. This flaw allows a local user to crash or potentially escalate their privileges on the system. (CVE-2023-3812)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Run 'yum update kernel' to update your system.

See Also

https://alas.aws.amazon.com/AL2/ALASKERNEL-5.15-2022-011.html

https://alas.aws.amazon.com/faqs.html

https://alas.aws.amazon.com/cve/html/CVE-2022-3435.html

https://alas.aws.amazon.com/cve/html/CVE-2022-3524.html

https://alas.aws.amazon.com/cve/html/CVE-2022-3543.html

https://alas.aws.amazon.com/cve/html/CVE-2022-3564.html

https://alas.aws.amazon.com/cve/html/CVE-2022-3619.html

https://alas.aws.amazon.com/cve/html/CVE-2022-3623.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49831.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49846.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49849.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49853.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49865.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49870.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49871.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49873.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49874.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49875.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49878.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49879.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49880.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49885.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49888.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49890.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49892.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49898.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49899.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49902.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49903.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49905.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49907.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49911.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49912.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49913.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49914.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49915.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49917.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49918.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49919.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49920.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49925.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49927.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49928.html

https://alas.aws.amazon.com/cve/html/CVE-2023-0590.html

https://alas.aws.amazon.com/cve/html/CVE-2023-3812.html

Plugin Details

Severity: High

ID: 168507

File Name: al2_ALASKERNEL-5_15-2022-011.nasl

Version: 1.13

Type: local

Agent: unix

Published: 12/8/2022

Updated: 6/23/2025

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.1

Temporal Score: 5.6

Vector: CVSS2#AV:N/AC:H/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2022-3623

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 7

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

CVSS Score Source: CVE-2023-3812

Vulnerability Information

CPE: cpe:/o:amazon:linux:2, p-cpe:/a:amazon:linux:kernel-livepatch-5.15.79-51.138, p-cpe:/a:amazon:linux:python-perf, p-cpe:/a:amazon:linux:perf, p-cpe:/a:amazon:linux:kernel-headers, p-cpe:/a:amazon:linux:kernel-tools-devel, p-cpe:/a:amazon:linux:kernel-devel, p-cpe:/a:amazon:linux:bpftool-debuginfo, p-cpe:/a:amazon:linux:kernel-tools-debuginfo, p-cpe:/a:amazon:linux:bpftool, p-cpe:/a:amazon:linux:python-perf-debuginfo, p-cpe:/a:amazon:linux:kernel-debuginfo-common-aarch64, p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64, p-cpe:/a:amazon:linux:perf-debuginfo, p-cpe:/a:amazon:linux:kernel, p-cpe:/a:amazon:linux:kernel-tools, p-cpe:/a:amazon:linux:kernel-debuginfo

Required KB Items: Host/local_checks_enabled, Host/AmazonLinux/release, Host/AmazonLinux/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 12/1/2022

Vulnerability Publication Date: 10/17/2022

Reference Information

CVE: CVE-2022-3435, CVE-2022-3524, CVE-2022-3543, CVE-2022-3564, CVE-2022-3619, CVE-2022-3623, CVE-2022-49831, CVE-2022-49846, CVE-2022-49849, CVE-2022-49853, CVE-2022-49865, CVE-2022-49870, CVE-2022-49871, CVE-2022-49873, CVE-2022-49874, CVE-2022-49875, CVE-2022-49878, CVE-2022-49879, CVE-2022-49880, CVE-2022-49885, CVE-2022-49888, CVE-2022-49890, CVE-2022-49892, CVE-2022-49898, CVE-2022-49899, CVE-2022-49902, CVE-2022-49903, CVE-2022-49905, CVE-2022-49907, CVE-2022-49911, CVE-2022-49912, CVE-2022-49913, CVE-2022-49914, CVE-2022-49915, CVE-2022-49917, CVE-2022-49918, CVE-2022-49919, CVE-2022-49920, CVE-2022-49925, CVE-2022-49927, CVE-2022-49928, CVE-2023-0590, CVE-2023-3812