Amazon Linux AMI : kernel (ALAS-2017-782)
High Nessus Plugin ID 96284
SynopsisThe remote Amazon Linux AMI host is missing a security update.
DescriptionA flaw was found in the Linux kernel key management subsystem in which a local attacker could crash the kernel or corrupt the stack and additional memory (denial of service) by supplying a specially crafted RSA key. This flaw panics the machine during the verification of the RSA key. (CVE-2016-8650)
The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device. (CVE-2016-9576)
The sock_setsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUFFORCE or (2) SO_RCVBUFFORCE option.
A flaw was found in the Linux networking subsystem where a local attacker with CAP_NET_ADMIN capabilities could cause an out of bounds read by creating a smaller-than-expected ICMP header and sending to its destination via sendto(). (CVE-2016-8399)
Algorithms not compatible with mcryptd could be spawned by mcryptd with a direct crypto_alloc_tfm invocation using a 'mcryptd(alg)' name construct. This causes mcryptd to crash the kernel if an arbitrary 'alg' is incompatible and not intended to be used with mcryptd.
(Updated on 2017-01-19: CVE-2016-8399 was fixed in this release but was previously not part of this errata.)
(Updated on 2017-02-22: CVE-2016-10147 was fixed in this release but was previously not part of this errata.)
SolutionRun 'yum update kernel' to update your system. You will need to reboot your system in order for the new kernel to be running.