Detections
Analytics
Amazon Linux 2 : aws-cfn-bootstrap, --advisory ALAS2-2025-3104 (ALAS-2025-3104)
medium Nessus Plugin ID 281817
Language:
Synopsis
The remote Amazon Linux 2 host is missing a security update.Description
The version of aws-cfn-bootstrap installed on the remote host is prior to 2.0-38. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-3104 advisory.Issue summary: A timing side-channel which could potentially allow recoveringthe private key exists in the ECDSA signature computation.
Impact summary: A timing side-channel in ECDSA signature computationscould allow recovering the private key by an attacker. However, measuringthe timing would require either local access to the signing application ora very fast network connection with low latency.
There is a timing signal of around 300 nanoseconds when the top word ofthe inverted ECDSA nonce value is zero. This can happen with significantprobability only for some of the supported elliptic curves. In particularthe NIST P-521 curve is affected. To be able to measure this leak, the attackerprocess must either be located in the same physical computer or musthave a very fast network connection with low latency. For that reasonthe severity of this vulnerability is Low. (CVE-2024-13176)
Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to version 2.32.4 to receive a fix. For older versions of Requests, use of the .netrc file can be disabled with `trust_env=False` on one's Requests Session. (CVE-2024-47081)
Issue summary: An application trying to decrypt CMS messages encrypted usingpassword based encryption can trigger an out-of-bounds read and write.
Impact summary: This out-of-bounds read may trigger a crash which leads toDenial of Service for an application. The out-of-bounds write can causea memory corruption which can have various consequences includinga Denial of Service or Execution of attacker-supplied code.
Although the consequences of a successful exploit of this vulnerabilitycould be severe, the probability that the attacker would be able toperform it is low. Besides, password based (PWRI) encryption support in CMSmessages is very rarely used. For that reason the issue was assessed asModerate severity according to our Security Policy.
The FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by thisissue, as the CMS implementation is outside the OpenSSL FIPS moduleboundary. (CVE-2025-9230)
Tenable has extracted the preceding description block directly from the tested product security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Run 'yum update aws-cfn-bootstrap' or or 'yum update --advisory ALAS2-2025-3104' to update your system.See Also
https://alas.aws.amazon.com//AL2/ALAS2-2025-3104.html
https://alas.aws.amazon.com/faqs.html
https://explore.alas.aws.amazon.com/CVE-2024-13176.html
Plugin Details
Severity: Medium
ID: 281817
File Name: al2_ALAS-2025-3104.nasl
Version: 1.1
Type: local
Agent: unix
Published: 1/5/2026
Updated: 1/5/2026
Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 4.4
CVSS v2
Risk Factor: High
Base Score: 7.1
Temporal Score: 5.3
Vector: CVSS2#AV:N/AC:H/Au:S/C:C/I:C/A:C
CVSS Score Source: CVE-2025-9230
CVSS v3
Risk Factor: Medium
Base Score: 5.3
Temporal Score: 4.6
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
CVSS Score Source: CVE-2024-47081
Vulnerability Information
CPE: p-cpe:/a:amazon:linux:aws-cfn-bootstrap, cpe:/o:amazon:linux:2
Required KB Items: Host/local_checks_enabled, Host/AmazonLinux/release, Host/AmazonLinux/rpm-list
Exploit Ease: No known exploits are available
Patch Publication Date: 1/5/2026
Vulnerability Publication Date: 4/9/2024