Synopsis
The remote Amazon Linux 2023 host is missing a security update.
Description
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-461 advisory.
2024-11-13: CVE-2023-52752 was added to this advisory.
2024-07-03: CVE-2023-52840 was added to this advisory.
2024-07-03: CVE-2023-6622 was added to this advisory.
2024-07-03: CVE-2023-52813 was added to this advisory.
2024-07-03: CVE-2023-52762 was added to this advisory.
2024-06-19: CVE-2023-52860 was added to this advisory.
2024-06-19: CVE-2023-52796 was added to this advisory.
2024-06-19: CVE-2023-52803 was added to this advisory.
2024-06-19: CVE-2023-52784 was added to this advisory.
2024-06-19: CVE-2023-52778 was added to this advisory.
2024-02-01: CVE-2024-0584 was added to this advisory.
2024-02-01: CVE-2024-0607 was added to this advisory.
2024-01-03: CVE-2023-6932 was added to this advisory.
In the Linux kernel, the following vulnerability has been resolved:
smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (CVE-2023-52752)
In the Linux kernel, the following vulnerability has been resolved:
virtio-blk: fix implicit overflow on virtio_max_dma_size (CVE-2023-52762)
In the Linux kernel, the following vulnerability has been resolved:
mptcp: deal with large GSO size (CVE-2023-52778)
In the Linux kernel, the following vulnerability has been resolved:
bonding: stop the device in bond_setup_by_slave() (CVE-2023-52784)
In the Linux kernel, the following vulnerability has been resolved:
ipvlan: add ipvlan_route_v6_outbound() helper (CVE-2023-52796)
In the Linux kernel, the following vulnerability has been resolved:
SUNRPC: Fix RPC client cleaned up the freed pipefs dentries (CVE-2023-52803)
In the Linux kernel, the following vulnerability has been resolved:
crypto: pcrypt - Fix hungtask for PADATA_RESET (CVE-2023-52813)
In the Linux kernel, the following vulnerability has been resolved:
Input: synaptics-rmi4 - fix use after free in rmi_unregister_function() (CVE-2023-52840)
In the Linux kernel, the following vulnerability has been resolved:
drivers/perf: hisi: use cpuhp_state_remove_instance_nocalls() for hisi_hns3_pmu uninit process (CVE-2023-52860)
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.
The function nft_trans_gc_catchall did not remove the catchall set element from the catchall_list when the argument sync is true, making it possible to free a catchall set element many times.
We recommend upgrading past commit 93995bf4af2c5a99e2a87f0cd5ce547d31eb7630. (CVE-2023-6111)
A null pointer dereference vulnerability was found in nft_dynset_init() in net/netfilter/nft_dynset.c in nf_tables in the Linux kernel. This issue may allow a local attacker with CAP_NET_ADMIN user privilege to trigger a denial of service. (CVE-2023-6622)
A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to achieve local privilege escalation.
A race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object which is freed by another thread.
We recommend upgrading past commit e2b706c691905fe78468c361aaabc719d0a496f1. (CVE-2023-6932)
A use-after-free issue was found in igmp_start_timer in net/ipv4/igmp.c in the network sub-component in the Linux Kernel. This flaw allows a local user to observe a refcnt use-after-free issue when receiving an igmp query packet, leading to a kernel information leak. (CVE-2024-0584)
netfilter: nf_tables: fix pointer math issue in nft_byteorder_eval() (CVE-2024-0607)
Tenable has extracted the preceding description block directly from the tested product security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Run 'dnf update kernel --releasever 2023.3.20231211' to update your system.
Plugin Details
File Name: al2023_ALAS2023-2023-461.nasl
Agent: unix
Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Nessus Agent, Nessus
Risk Information
Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: p-cpe:/a:amazon:linux:perf-debuginfo, p-cpe:/a:amazon:linux:kernel-modules-extra, p-cpe:/a:amazon:linux:kernel-debuginfo-common-aarch64, p-cpe:/a:amazon:linux:kernel-tools, p-cpe:/a:amazon:linux:python3-perf, p-cpe:/a:amazon:linux:kernel-libbpf-static, p-cpe:/a:amazon:linux:kernel-debuginfo, p-cpe:/a:amazon:linux:kernel-libbpf, p-cpe:/a:amazon:linux:bpftool-debuginfo, p-cpe:/a:amazon:linux:kernel-libbpf-devel, p-cpe:/a:amazon:linux:kernel-headers, p-cpe:/a:amazon:linux:kernel-livepatch-6.1.66-91.160, p-cpe:/a:amazon:linux:kernel-tools-devel, cpe:/o:amazon:linux:2023, p-cpe:/a:amazon:linux:perf, p-cpe:/a:amazon:linux:bpftool, p-cpe:/a:amazon:linux:kernel-tools-debuginfo, p-cpe:/a:amazon:linux:kernel-devel, p-cpe:/a:amazon:linux:kernel, p-cpe:/a:amazon:linux:python3-perf-debuginfo, p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64
Required KB Items: Host/local_checks_enabled, Host/AmazonLinux/release, Host/AmazonLinux/rpm-list
Exploit Ease: No known exploits are available
Patch Publication Date: 12/13/2023
Vulnerability Publication Date: 11/14/2023
Reference Information
CVE: CVE-2023-52752, CVE-2023-52762, CVE-2023-52778, CVE-2023-52784, CVE-2023-52796, CVE-2023-52803, CVE-2023-52813, CVE-2023-52840, CVE-2023-52860, CVE-2023-6111, CVE-2023-6622, CVE-2023-6932, CVE-2024-0584, CVE-2024-0607