Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.10-2022-023 (ALASKERNEL-5.10-2022-023)

high Nessus Plugin ID 168520

Language:

Synopsis

The remote Amazon Linux 2 host is missing a security update.

Description

The version of kernel installed on the remote host is prior to 5.10.155-138.670. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2022-023 advisory.

A memory overflow vulnerability was found in the Linux kernel's ipc functionality of the memcg subsystem, in the way a user calls the semget function multiple times, creating semaphores. This flaw allows a local user to starve the resources, causing a denial of service. The highest threat from this vulnerability is to system availability. (CVE-2021-3759)

In the Linux kernel, the following vulnerability has been resolved:

inet: fully convert sk->sk_rx_dst to RCU rules (CVE-2021-47103)

A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6_renew_options of the component IPv6 Handler. The manipulation leads to memory leak. The attack can be launched remotely. It is recommended to apply a patch to fix this issue.
The identifier VDB-211021 was assigned to this vulnerability. (CVE-2022-3524)

A vulnerability classified as problematic was found in Linux Kernel. This vulnerability affects the function bnx2x_tpa_stop of the file drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c of the component BPF.
The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. VDB-211042 is the identifier assigned to this vulnerability. (CVE-2022-3542)

A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211087. (CVE-2022-3564)

A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. The manipulation leads to logging of excessive data. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211363.
(CVE-2022-3594)

In the Linux kernel, the following vulnerability has been resolved:

arm64: topology: fix possible overflow in amu_fie_setup() (CVE-2022-48657)

In the Linux kernel, the following vulnerability has been resolved:

nilfs2: fix use-after-free bug of ns_writer on remount (CVE-2022-49834)

In the Linux kernel, the following vulnerability has been resolved:

can: j1939: j1939_send_one(): fix missing CAN header initialization (CVE-2022-49845)

In the Linux kernel, the following vulnerability has been resolved:

udf: Fix a slab-out-of-bounds write bug in udf_find_entry() (CVE-2022-49846)

In the Linux kernel, the following vulnerability has been resolved:

nilfs2: fix deadlock in nilfs_count_free_blocks() (CVE-2022-49850)

In the Linux kernel, the following vulnerability has been resolved:

net: macvlan: fix memory leaks of macvlan_common_newlink (CVE-2022-49853)

In the Linux kernel, the following vulnerability has been resolved:

tipc: fix the msg->req tlv len check in tipc_nl_compat_name_table_dump_header (CVE-2022-49862)

In the Linux kernel, the following vulnerability has been resolved:

can: af_can: fix NULL pointer dereference in can_rx_register() (CVE-2022-49863)

In the Linux kernel, the following vulnerability has been resolved:

ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network (CVE-2022-49865)

In the Linux kernel, the following vulnerability has been resolved:

bnxt_en: Fix possible crash in bnxt_hwrm_set_coal() (CVE-2022-49869)

In the Linux kernel, the following vulnerability has been resolved:

capabilities: fix undefined behavior in bit shift for CAP_TO_MASK (CVE-2022-49870)

In the Linux kernel, the following vulnerability has been resolved:

net: tun: Fix memory leaks of napi_get_frags (CVE-2022-49871)

In the Linux kernel, the following vulnerability has been resolved:

net: gso: fix panic on frag_list with mixed head alloc types (CVE-2022-49872)

In the Linux kernel, the following vulnerability has been resolved:

bpf: Fix wrong reg type conversion in release_reference() (CVE-2022-49873)

In the Linux kernel, the following vulnerability has been resolved:

HID: hyperv: fix possible memory leak in mousevsc_probe() (CVE-2022-49874)

In the Linux kernel, the following vulnerability has been resolved:

bpftool: Fix NULL pointer dereference when pin {PROG, MAP, LINK} without FILE (CVE-2022-49875)

In the Linux kernel, the following vulnerability has been resolved:

bpf, sockmap: Fix the sk->sk_forward_alloc warning of sk_stream_kill_queues (CVE-2022-49877)

In the Linux kernel, the following vulnerability has been resolved:

ext4: fix BUG_ON() when directory entry has invalid rec_len (CVE-2022-49879)

In the Linux kernel, the following vulnerability has been resolved:

ext4: fix warning in 'ext4_da_release_space' (CVE-2022-49880)

In the Linux kernel, the following vulnerability has been resolved:

ACPI: APEI: Fix integer overflow in ghes_estatus_pool_init() (CVE-2022-49885)

In the Linux kernel, the following vulnerability has been resolved:

capabilities: fix potential memleak on error path from vfs_getxattr_alloc() (CVE-2022-49890)

In the Linux kernel, the following vulnerability has been resolved:

ftrace: Fix use-after-free for dynamic ftrace_ops (CVE-2022-49892)

In the Linux kernel, the following vulnerability has been resolved:

fscrypt: stop using keyrings subsystem for fscrypt_master_key (CVE-2022-49899)

In the Linux kernel, the following vulnerability has been resolved:

ipv6: fix WARNING in ip6_route_net_exit_late() (CVE-2022-49903)

In the Linux kernel, the following vulnerability has been resolved:

net, neigh: Fix null-ptr-deref in neigh_table_clear() (CVE-2022-49904)

In the Linux kernel, the following vulnerability has been resolved:

net: mdio: fix undefined behavior in bit shift for __mdiobus_register (CVE-2022-49907)

In the Linux kernel, the following vulnerability has been resolved:

btrfs: fix ulist leaks in error paths of qgroup self tests (CVE-2022-49912)

In the Linux kernel, the following vulnerability has been resolved:

btrfs: fix inode list leak during backref walking at find_parent_nodes() (CVE-2022-49913)

In the Linux kernel, the following vulnerability has been resolved:

btrfs: fix inode list leak during backref walking at resolve_indirect_refs() (CVE-2022-49914)

In the Linux kernel, the following vulnerability has been resolved:

mISDN: fix possible memory leak in mISDN_register_device() (CVE-2022-49915)

In the Linux kernel, the following vulnerability has been resolved:

ipvs: fix WARNING in ip_vs_app_net_cleanup() (CVE-2022-49917)

In the Linux kernel, the following vulnerability has been resolved:

ipvs: fix WARNING in __ip_vs_cleanup_batch() (CVE-2022-49918)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nf_tables: release flow rule object from commit path (CVE-2022-49919)

In the Linux kernel, the following vulnerability has been resolved:

net: sched: Fix use after free in red_enqueue() (CVE-2022-49921)

In the Linux kernel, the following vulnerability has been resolved:

RDMA/core: Fix null-ptr-deref in ib_core_cleanup() (CVE-2022-49925)

In the Linux kernel, the following vulnerability has been resolved:

nfs4: Fix kmemleak when allocate slot failed (CVE-2022-49927)

In the Linux kernel, the following vulnerability has been resolved:

binder: fix UAF of alloc->vma in race with munmap() (CVE-2022-50240)

In the Linux kernel, the following vulnerability has been resolved:

NFSD: fix use-after-free on source server when doing inter-server copy (CVE-2022-50241)

In the Linux kernel, the following vulnerability has been resolved:

sctp: handle the error returned from sctp_auth_asoc_init_active_key (CVE-2022-50243)

In the Linux kernel, the following vulnerability has been resolved:

xen/gntdev: Prevent leaking grants (CVE-2022-50257)

In the Linux kernel, the following vulnerability has been resolved:

kcm: annotate data-races around kcm->rx_wait (CVE-2022-50265)

In the Linux kernel, the following vulnerability has been resolved:

vhost/vsock: Use kvmalloc/kvfree for larger packets. (CVE-2022-50271)

In the Linux kernel, the following vulnerability has been resolved:

mm,hugetlb: take hugetlb_lock before decrementing h->resv_huge_pages (CVE-2022-50285)

In the Linux kernel, the following vulnerability has been resolved:

kcm: annotate data-races around kcm->rx_psock (CVE-2022-50291)

In the Linux kernel, the following vulnerability has been resolved:

md: Replace snprintf with scnprintf (CVE-2022-50299)

In the Linux kernel, the following vulnerability has been resolved:

nbd: Fix hung when signal interrupts nbd_start_device_ioctl() (CVE-2022-50314)

In the Linux kernel, the following vulnerability has been resolved:

ata: ahci: Match EM_MAX_SLOTS with SATA_PMP_MAX_PORTS (CVE-2022-50315)

In the Linux kernel, the following vulnerability has been resolved:

jbd2: fix potential use-after-free in jbd2_fc_wait_bufs (CVE-2022-50328)

In the Linux kernel, the following vulnerability has been resolved:

crypto: cavium - prevent integer overflow loading firmware (CVE-2022-50330)

In the Linux kernel, the following vulnerability has been resolved:

binder: fix UAF of alloc->vma in race with munmap() (CVE-2022-50338)

In the Linux kernel, the following vulnerability has been resolved:

ext4: fix null-ptr-deref in ext4_write_info (CVE-2022-50344)

In the Linux kernel, the following vulnerability has been resolved:

nfsd: Fix a memory leak in an error handling path (CVE-2022-50348)

In the Linux kernel, the following vulnerability has been resolved:

net: hns: fix possible memory leak in hnae_ae_register() (CVE-2022-50352)

In the Linux kernel, the following vulnerability has been resolved:

net: sched: sfb: fix null pointer access issue when sfb_init() fails (CVE-2022-50356)

In the Linux kernel, the following vulnerability has been resolved:

btrfs: fix race between quota enable and quota rescan ioctl (CVE-2022-50379)

In the Linux kernel, the following vulnerability has been resolved:

mm: /proc/pid/smaps_rollup: fix no vma's null-deref (CVE-2022-50380)

In the Linux kernel, the following vulnerability has been resolved:

net/ieee802154: reject zero-sized raw_sendmsg() (CVE-2022-50397)

In the Linux kernel, the following vulnerability has been resolved:

net: If sock is dead don't access sock's sk_wq in sk_stream_wait_memory (CVE-2022-50409)

In the Linux kernel, the following vulnerability has been resolved:

scsi: libsas: Fix use-after-free bug in smp_execute_task_sg() (CVE-2022-50422)

In the Linux kernel, the following vulnerability has been resolved:

kernfs: fix use-after-free in __kernfs_remove (CVE-2022-50432)

In the Linux kernel, the following vulnerability has been resolved:

ext4: avoid crash when inline data creation follows DIO write (CVE-2022-50435)

In the Linux kernel, the following vulnerability has been resolved:

net: sched: cake: fix null pointer access issue when cake_init() fails (CVE-2022-50452)

In the Linux kernel, the following vulnerability has been resolved:

scsi: iscsi: iscsi_tcp: Fix null-ptr-deref while calling getpeername() (CVE-2022-50459)

In the Linux kernel, the following vulnerability has been resolved:

cifs: Fix xid leak in cifs_flock() (CVE-2022-50460)

In the Linux kernel, the following vulnerability has been resolved:

fs/binfmt_elf: Fix memory leak in load_elf_binary() (CVE-2022-50466)

In the Linux kernel, the following vulnerability has been resolved:

xhci: Remove device endpoints from bandwidth list when freeing the device (CVE-2022-50470)

In the Linux kernel, the following vulnerability has been resolved:

xen/gntdev: Accommodate VMA splitting (CVE-2022-50471)

In the Linux kernel, the following vulnerability has been resolved:

iommu/vt-d: Clean up si_domain in the init_dmars() error path (CVE-2022-50482)

In the Linux kernel, the following vulnerability has been resolved:

ext4: fix potential memory leak in ext4_fc_record_regions() (CVE-2022-50512)

In the Linux kernel, the following vulnerability has been resolved:

tipc: fix an information leak in tipc_topsrv_kern_subscr (CVE-2022-50531)

In the Linux kernel, the following vulnerability has been resolved:

usb: host: xhci: Fix potential memory leak in xhci_alloc_stream_info() (CVE-2022-50544)

In the Linux kernel, the following vulnerability has been resolved:

tipc: fix a null-ptr-deref in tipc_topsrv_accept (CVE-2022-50555)

In the Linux kernel, the following vulnerability has been resolved:

xfrm: Update ipcomp_scratches with NULL when freed (CVE-2022-50569)

In the Linux kernel, the following vulnerability has been resolved:

arm64: ftrace: fix module PLTs with mcount (CVE-2022-50579)

In the Linux kernel, the following vulnerability has been resolved:

blk-throttle: prevent overflow while calculating wait time (CVE-2022-50580)

In the Linux kernel, the following vulnerability has been resolved:

regulator: core: Prevent integer underflow (CVE-2022-50582)

A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. (CVE-2023-0590)

An out-of-bounds memory access flaw was found in the Linux kernel's TUN/TAP device driver functionality in how a user generates a malicious (too big) networking packet when napi frags is enabled. This flaw allows a local user to crash or potentially escalate their privileges on the system. (CVE-2023-3812)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Run 'yum update kernel' or or 'yum update --advisory ALAS2KERNEL-5.10-2022-023' to update your system.

Plugin Details

Severity: High

ID: 168520

File Name: al2_ALASKERNEL-5_10-2022-023.nasl

Version: 1.23

Type: local

Agent: unix

Family: Amazon Linux Local Security Checks

Published: 12/8/2022

Updated: 11/6/2025

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.3

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2023-3812

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 7

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:amazon:linux:2, p-cpe:/a:amazon:linux:python-perf, p-cpe:/a:amazon:linux:perf, p-cpe:/a:amazon:linux:kernel-livepatch-5.10.155-138.670, p-cpe:/a:amazon:linux:bpftool-debuginfo, p-cpe:/a:amazon:linux:kernel-headers, p-cpe:/a:amazon:linux:kernel-tools-devel, p-cpe:/a:amazon:linux:kernel-devel, p-cpe:/a:amazon:linux:kernel-tools-debuginfo, p-cpe:/a:amazon:linux:kernel-debuginfo-common-aarch64, p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64, p-cpe:/a:amazon:linux:kernel-tools, p-cpe:/a:amazon:linux:bpftool, p-cpe:/a:amazon:linux:python-perf-debuginfo, p-cpe:/a:amazon:linux:kernel, p-cpe:/a:amazon:linux:kernel-debuginfo, p-cpe:/a:amazon:linux:perf-debuginfo

Required KB Items: Host/local_checks_enabled, Host/AmazonLinux/release, Host/AmazonLinux/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 12/1/2022

Vulnerability Publication Date: 2/11/2022

Reference Information

CVE: CVE-2021-3759, CVE-2021-47103, CVE-2022-3524, CVE-2022-3564, CVE-2022-3594, CVE-2022-48657, CVE-2022-49834, CVE-2022-49845, CVE-2022-49846, CVE-2022-49850, CVE-2022-49853, CVE-2022-49862, CVE-2022-49863, CVE-2022-49865, CVE-2022-49869, CVE-2022-49870, CVE-2022-49871, CVE-2022-49872, CVE-2022-49873, CVE-2022-49874, CVE-2022-49875, CVE-2022-49877, CVE-2022-49879, CVE-2022-49880, CVE-2022-49885, CVE-2022-49890, CVE-2022-49892, CVE-2022-49899, CVE-2022-49903, CVE-2022-49904, CVE-2022-49907, CVE-2022-49912, CVE-2022-49913, CVE-2022-49914, CVE-2022-49915, CVE-2022-49917, CVE-2022-49918, CVE-2022-49919, CVE-2022-49921, CVE-2022-49925, CVE-2022-49927, CVE-2022-50240, CVE-2022-50241, CVE-2022-50243, CVE-2022-50257, CVE-2022-50265, CVE-2022-50271, CVE-2022-50285, CVE-2022-50291, CVE-2022-50299, CVE-2022-50314, CVE-2022-50315, CVE-2022-50328, CVE-2022-50330, CVE-2022-50344, CVE-2022-50348, CVE-2022-50352, CVE-2022-50356, CVE-2022-50379, CVE-2022-50380, CVE-2022-50409, CVE-2022-50422, CVE-2022-50432, CVE-2022-50435, CVE-2022-50452, CVE-2022-50459, CVE-2022-50460, CVE-2022-50466, CVE-2022-50470, CVE-2022-50471, CVE-2022-50482, CVE-2022-50512, CVE-2022-50531, CVE-2022-50544, CVE-2022-50555, CVE-2022-50569, CVE-2022-50579, CVE-2022-50580, CVE-2022-50582, CVE-2023-0590, CVE-2023-3812

Detections

Analytics