Amazon Linux 2 : kernel (ALASKERNEL-5.4-2022-039)

high Nessus Plugin ID 168727

Synopsis

The remote Amazon Linux 2 host is missing a security update.

Description

The version of kernel installed on the remote host is prior to 5.4.224-128.414. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2022-039 advisory.

A memory overflow vulnerability was found in the Linux kernel's ipc functionality of the memcg subsystem, in the way a user calls the semget function multiple times, creating semaphores. This flaw allows a local user to starve the resources, causing a denial of service. The highest threat from this vulnerability is to system availability. (CVE-2021-3759)

In the Linux kernel, the following vulnerability has been resolved:

inet: fully convert sk->sk_rx_dst to RCU rules (CVE-2021-47103)

A use-after-free flaw was found in the Linux kernel's Unix socket Garbage Collection and io_uring. This flaw allows a local user to crash or potentially escalate their privileges on the system. (CVE-2022-2602)

A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6_renew_options of the component IPv6 Handler. The manipulation leads to memory leak. The attack can be launched remotely. It is recommended to apply a patch to fix this issue.
The identifier VDB-211021 was assigned to this vulnerability. (CVE-2022-3524)

A vulnerability classified as problematic was found in Linux Kernel. Affected by this vulnerability is the function mvpp2_dbgfs_port_init of the file drivers/net/ethernet/marvell/mvpp2/mvpp2_debugfs.c of the component mvpp2. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier VDB-211033 was assigned to this vulnerability. (CVE-2022-3535)

A vulnerability classified as problematic was found in Linux Kernel. This vulnerability affects the function bnx2x_tpa_stop of the file drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c of the component BPF.
The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. VDB-211042 is the identifier assigned to this vulnerability. (CVE-2022-3542)

A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211087. (CVE-2022-3564)

A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211088. (CVE-2022-3565)

A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. The manipulation leads to logging of excessive data. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211363.
(CVE-2022-3594)

A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_new_inode of the file fs/nilfs2/inode.c of the component BPF. The manipulation leads to use after free. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue.
The identifier of this vulnerability is VDB-211992. (CVE-2022-3649)

drivers/video/fbdev/smscufx.c in the Linux kernel through 5.19.12 has a race condition and resultant use- after-free if a physically proximate attacker removes a USB device while calling open(), aka a race condition between ufx_ops_open and ufx_usb_disconnect. (CVE-2022-41849)

roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free in certain situations where a report is received while copying a report->value is in progress. (CVE-2022-41850)

In the Linux kernel, the following vulnerability has been resolved:

ext4: fix BUG_ON() when directory entry has invalid rec_len (CVE-2022-49879)

In the Linux kernel, the following vulnerability has been resolved:

ext4: fix warning in 'ext4_da_release_space' (CVE-2022-49880)

In the Linux kernel, the following vulnerability has been resolved:

capabilities: fix potential memleak on error path from vfs_getxattr_alloc() (CVE-2022-49890)

In the Linux kernel, the following vulnerability has been resolved:

ipv6: fix WARNING in ip6_route_net_exit_late() (CVE-2022-49903)

In the Linux kernel, the following vulnerability has been resolved:

net: mdio: fix undefined behavior in bit shift for __mdiobus_register (CVE-2022-49907)

In the Linux kernel, the following vulnerability has been resolved:

btrfs: fix ulist leaks in error paths of qgroup self tests (CVE-2022-49912)

In the Linux kernel, the following vulnerability has been resolved:

btrfs: fix inode list leak during backref walking at find_parent_nodes() (CVE-2022-49913)

In the Linux kernel, the following vulnerability has been resolved:

btrfs: fix inode list leak during backref walking at resolve_indirect_refs() (CVE-2022-49914)

In the Linux kernel, the following vulnerability has been resolved:

mISDN: fix possible memory leak in mISDN_register_device() (CVE-2022-49915)

In the Linux kernel, the following vulnerability has been resolved:

ipvs: fix WARNING in ip_vs_app_net_cleanup() (CVE-2022-49917)

In the Linux kernel, the following vulnerability has been resolved:

ipvs: fix WARNING in __ip_vs_cleanup_batch() (CVE-2022-49918)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nf_tables: release flow rule object from commit path (CVE-2022-49919)

In the Linux kernel, the following vulnerability has been resolved:

RDMA/core: Fix null-ptr-deref in ib_core_cleanup() (CVE-2022-49925)

In the Linux kernel, the following vulnerability has been resolved:

nfs4: Fix kmemleak when allocate slot failed (CVE-2022-49927)

An out-of-bounds memory access flaw was found in the Linux kernel's TUN/TAP device driver functionality in how a user generates a malicious (too big) networking packet when napi frags is enabled. This flaw allows a local user to crash or potentially escalate their privileges on the system. (CVE-2023-3812)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Run 'yum update kernel' to update your system.

See Also

https://alas.aws.amazon.com/AL2/ALASKERNEL-5.4-2022-039.html

https://alas.aws.amazon.com/faqs.html

https://alas.aws.amazon.com/cve/html/CVE-2021-3759.html

https://alas.aws.amazon.com/cve/html/CVE-2021-47103.html

https://alas.aws.amazon.com/cve/html/CVE-2022-2602.html

https://alas.aws.amazon.com/cve/html/CVE-2022-3524.html

https://alas.aws.amazon.com/cve/html/CVE-2022-3535.html

https://alas.aws.amazon.com/cve/html/CVE-2022-3542.html

https://alas.aws.amazon.com/cve/html/CVE-2022-3564.html

https://alas.aws.amazon.com/cve/html/CVE-2022-3565.html

https://alas.aws.amazon.com/cve/html/CVE-2022-3594.html

https://alas.aws.amazon.com/cve/html/CVE-2022-3649.html

https://alas.aws.amazon.com/cve/html/CVE-2022-41849.html

https://alas.aws.amazon.com/cve/html/CVE-2022-41850.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49879.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49880.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49890.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49903.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49907.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49912.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49913.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49914.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49915.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49917.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49918.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49919.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49925.html

https://alas.aws.amazon.com/cve/html/CVE-2022-49927.html

https://alas.aws.amazon.com/cve/html/CVE-2023-3812.html

Plugin Details

Severity: High

ID: 168727

File Name: al2_ALASKERNEL-5_4-2022-039.nasl

Version: 1.9

Type: local

Agent: unix

Published: 12/14/2022

Updated: 6/23/2025

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.3

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2023-3812

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 7

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:amazon:linux:perf, p-cpe:/a:amazon:linux:bpftool, p-cpe:/a:amazon:linux:perf-debuginfo, p-cpe:/a:amazon:linux:kernel-tools-debuginfo, p-cpe:/a:amazon:linux:kernel-debuginfo-common-aarch64, p-cpe:/a:amazon:linux:kernel-tools, p-cpe:/a:amazon:linux:kernel-devel, p-cpe:/a:amazon:linux:python-perf-debuginfo, p-cpe:/a:amazon:linux:kernel, p-cpe:/a:amazon:linux:kernel-debuginfo, p-cpe:/a:amazon:linux:kernel-headers, cpe:/o:amazon:linux:2, p-cpe:/a:amazon:linux:bpftool-debuginfo, p-cpe:/a:amazon:linux:kernel-tools-devel, p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64, p-cpe:/a:amazon:linux:python-perf

Required KB Items: Host/local_checks_enabled, Host/AmazonLinux/release, Host/AmazonLinux/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 12/1/2022

Vulnerability Publication Date: 2/11/2022

Reference Information

CVE: CVE-2021-3759, CVE-2021-47103, CVE-2022-2602, CVE-2022-3524, CVE-2022-3535, CVE-2022-3542, CVE-2022-3564, CVE-2022-3565, CVE-2022-3594, CVE-2022-3649, CVE-2022-41849, CVE-2022-41850, CVE-2022-49879, CVE-2022-49880, CVE-2022-49890, CVE-2022-49903, CVE-2022-49907, CVE-2022-49912, CVE-2022-49913, CVE-2022-49914, CVE-2022-49915, CVE-2022-49917, CVE-2022-49918, CVE-2022-49919, CVE-2022-49925, CVE-2022-49927, CVE-2023-3812