Amazon Linux 2 : kernel (ALASKERNEL-5.10-2022-023)

high Nessus Plugin ID 168520

Synopsis

The remote Amazon Linux 2 host is missing a security update.

Description

The version of kernel installed on the remote host is prior to 5.10.155-138.670. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2022-023 advisory.

A memory overflow vulnerability was found in the Linux kernel's ipc functionality of the memcg subsystem, in the way a user calls the semget function multiple times, creating semaphores. This flaw allows a local user to starve the resources, causing a denial of service. The highest threat from this vulnerability is to system availability. (CVE-2021-3759)

In the Linux kernel, the following vulnerability has been resolved:

inet: fully convert sk->sk_rx_dst to RCU rules (CVE-2021-47103)

A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6_renew_options of the component IPv6 Handler. The manipulation leads to memory leak. The attack can be launched remotely. It is recommended to apply a patch to fix this issue.
The identifier VDB-211021 was assigned to this vulnerability. (CVE-2022-3524)

A vulnerability classified as problematic was found in Linux Kernel. This vulnerability affects the function bnx2x_tpa_stop of the file drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c of the component BPF.
The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. VDB-211042 is the identifier assigned to this vulnerability. (CVE-2022-3542)

A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211087. (CVE-2022-3564)

A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. The manipulation leads to logging of excessive data. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211363.
(CVE-2022-3594)

In the Linux kernel, the following vulnerability has been resolved:

arm64: topology: fix possible overflow in amu_fie_setup() (CVE-2022-48657)

In the Linux kernel, the following vulnerability has been resolved:

nilfs2: fix use-after-free bug of ns_writer on remount (CVE-2022-49834)

In the Linux kernel, the following vulnerability has been resolved:

can: j1939: j1939_send_one(): fix missing CAN header initialization (CVE-2022-49845)

In the Linux kernel, the following vulnerability has been resolved:

udf: Fix a slab-out-of-bounds write bug in udf_find_entry() (CVE-2022-49846)

In the Linux kernel, the following vulnerability has been resolved:

nilfs2: fix deadlock in nilfs_count_free_blocks() (CVE-2022-49850)

In the Linux kernel, the following vulnerability has been resolved:

net: macvlan: fix memory leaks of macvlan_common_newlink (CVE-2022-49853)

In the Linux kernel, the following vulnerability has been resolved:

ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network (CVE-2022-49865)

In the Linux kernel, the following vulnerability has been resolved:

bnxt_en: Fix possible crash in bnxt_hwrm_set_coal() (CVE-2022-49869)

In the Linux kernel, the following vulnerability has been resolved:

capabilities: fix undefined behavior in bit shift for CAP_TO_MASK (CVE-2022-49870)

In the Linux kernel, the following vulnerability has been resolved:

net: tun: Fix memory leaks of napi_get_frags (CVE-2022-49871)

In the Linux kernel, the following vulnerability has been resolved:

bpf: Fix wrong reg type conversion in release_reference() (CVE-2022-49873)

In the Linux kernel, the following vulnerability has been resolved:

HID: hyperv: fix possible memory leak in mousevsc_probe() (CVE-2022-49874)

In the Linux kernel, the following vulnerability has been resolved:

bpftool: Fix NULL pointer dereference when pin {PROG, MAP, LINK} without FILE (CVE-2022-49875)

In the Linux kernel, the following vulnerability has been resolved:

ext4: fix BUG_ON() when directory entry has invalid rec_len (CVE-2022-49879)

In the Linux kernel, the following vulnerability has been resolved:

ext4: fix warning in 'ext4_da_release_space' (CVE-2022-49880)

In the Linux kernel, the following vulnerability has been resolved:

ACPI: APEI: Fix integer overflow in ghes_estatus_pool_init() (CVE-2022-49885)

In the Linux kernel, the following vulnerability has been resolved:

capabilities: fix potential memleak on error path from vfs_getxattr_alloc() (CVE-2022-49890)

In the Linux kernel, the following vulnerability has been resolved:

ftrace: Fix use-after-free for dynamic ftrace_ops (CVE-2022-49892)

In the Linux kernel, the following vulnerability has been resolved:

fscrypt: stop using keyrings subsystem for fscrypt_master_key (CVE-2022-49899)

In the Linux kernel, the following vulnerability has been resolved:

ipv6: fix WARNING in ip6_route_net_exit_late() (CVE-2022-49903)

In the Linux kernel, the following vulnerability has been resolved:

net: mdio: fix undefined behavior in bit shift for __mdiobus_register (CVE-2022-49907)

In the Linux kernel, the following vulnerability has been resolved:

btrfs: fix ulist leaks in error paths of qgroup self tests (CVE-2022-49912)

In the Linux kernel, the following vulnerability has been resolved:

btrfs: fix inode list leak during backref walking at find_parent_nodes() (CVE-2022-49913)

In the Linux kernel, the following vulnerability has been resolved:

btrfs: fix inode list leak during backref walking at resolve_indirect_refs() (CVE-2022-49914)

In the Linux kernel, the following vulnerability has been resolved:

mISDN: fix possible memory leak in mISDN_register_device() (CVE-2022-49915)

In the Linux kernel, the following vulnerability has been resolved:

ipvs: fix WARNING in ip_vs_app_net_cleanup() (CVE-2022-49917)

In the Linux kernel, the following vulnerability has been resolved:

ipvs: fix WARNING in __ip_vs_cleanup_batch() (CVE-2022-49918)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nf_tables: release flow rule object from commit path (CVE-2022-49919)

In the Linux kernel, the following vulnerability has been resolved:

RDMA/core: Fix null-ptr-deref in ib_core_cleanup() (CVE-2022-49925)

In the Linux kernel, the following vulnerability has been resolved:

nfs4: Fix kmemleak when allocate slot failed (CVE-2022-49927)

A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. (CVE-2023-0590)

An out-of-bounds memory access flaw was found in the Linux kernel's TUN/TAP device driver functionality in how a user generates a malicious (too big) networking packet when napi frags is enabled. This flaw allows a local user to crash or potentially escalate their privileges on the system. (CVE-2023-3812)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Run 'yum update kernel' to update your system.

See Also

https://alas.aws.amazon.com/cve/html/CVE-2022-49870.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49871.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49873.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49874.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49875.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49879.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49880.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49885.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49890.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49892.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49899.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49903.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49907.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49912.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49913.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49914.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49915.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49917.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49918.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49919.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49925.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49927.html

https://alas.aws.amazon.com/cve/html/CVE-2023-0590.html

https://alas.aws.amazon.com/cve/html/CVE-2023-3812.html

https://alas.aws.amazon.com/AL2/ALASKERNEL-5.10-2022-023.html

https://alas.aws.amazon.com/faqs.html

https://alas.aws.amazon.com/cve/html/CVE-2021-3759.html

https://alas.aws.amazon.com/cve/html/CVE-2021-47103.html

https://alas.aws.amazon.com/cve/html/CVE-2022-3524.html

https://alas.aws.amazon.com/cve/html/CVE-2022-3542.html

https://alas.aws.amazon.com/cve/html/CVE-2022-3564.html

https://alas.aws.amazon.com/cve/html/CVE-2022-3594.html

https://alas.aws.amazon.com/cve/html/CVE-2022-48657.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49834.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49845.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49846.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49850.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49853.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49865.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49869.html

Plugin Details

Severity: High

ID: 168520

File Name: al2_ALASKERNEL-5_10-2022-023.nasl

Version: 1.10

Type: local

Agent: unix

Published: 12/8/2022

Updated: 6/23/2025

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.3

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2023-3812

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 7

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:amazon:linux:perf, p-cpe:/a:amazon:linux:kernel-livepatch-5.10.155-138.670, p-cpe:/a:amazon:linux:bpftool, p-cpe:/a:amazon:linux:perf-debuginfo, p-cpe:/a:amazon:linux:kernel-tools-debuginfo, p-cpe:/a:amazon:linux:kernel-debuginfo-common-aarch64, p-cpe:/a:amazon:linux:kernel-tools, p-cpe:/a:amazon:linux:kernel-devel, p-cpe:/a:amazon:linux:python-perf-debuginfo, p-cpe:/a:amazon:linux:kernel, p-cpe:/a:amazon:linux:kernel-debuginfo, p-cpe:/a:amazon:linux:kernel-headers, cpe:/o:amazon:linux:2, p-cpe:/a:amazon:linux:bpftool-debuginfo, p-cpe:/a:amazon:linux:kernel-tools-devel, p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64, p-cpe:/a:amazon:linux:python-perf

Required KB Items: Host/local_checks_enabled, Host/AmazonLinux/release, Host/AmazonLinux/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 12/1/2022

Vulnerability Publication Date: 2/11/2022

Reference Information

CVE: CVE-2021-3759, CVE-2021-47103, CVE-2022-3524, CVE-2022-3542, CVE-2022-3564, CVE-2022-3594, CVE-2022-48657, CVE-2022-49834, CVE-2022-49845, CVE-2022-49846, CVE-2022-49850, CVE-2022-49853, CVE-2022-49865, CVE-2022-49869, CVE-2022-49870, CVE-2022-49871, CVE-2022-49873, CVE-2022-49874, CVE-2022-49875, CVE-2022-49879, CVE-2022-49880, CVE-2022-49885, CVE-2022-49890, CVE-2022-49892, CVE-2022-49899, CVE-2022-49903, CVE-2022-49907, CVE-2022-49912, CVE-2022-49913, CVE-2022-49914, CVE-2022-49915, CVE-2022-49917, CVE-2022-49918, CVE-2022-49919, CVE-2022-49925, CVE-2022-49927, CVE-2023-0590, CVE-2023-3812