Amazon Linux AMI 2: CVE-2023-3776: Security patch for kernel, kernel-livepatch-4.14.318-240.529, kernel-livepatch-4.14.318-241.531, kernel-livepatch-4.14.320-242.534, kernel-livepatch-5.10.179-171.711, kernel-livepatch-5.10.184-174.730, kernel-livepatch-5.10.184-175.731, kernel-livepatch-5.10.184-175.749 (Multiple Advisories)
Description
A use-after-free vulnerability in the Linux kernel's net/sched: cls_fw component can be exploited to achieve local privilege escalation. If tcf_change_indev() fails, fw_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_bind_filter(). If an attacker can control the reference counter and set it to zero, they can cause the reference to be freed, leading to a use-after-free vulnerability. We recommend upgrading past commit 0323bce598eea038714f941ce2b22541c46d488f.
Solution(s)
- amazon-linux-ami-2-upgrade-bpftool
- amazon-linux-ami-2-upgrade-bpftool-debuginfo
- amazon-linux-ami-2-upgrade-kernel
- amazon-linux-ami-2-upgrade-kernel-debuginfo
- amazon-linux-ami-2-upgrade-kernel-debuginfo-common-aarch64
- amazon-linux-ami-2-upgrade-kernel-debuginfo-common-x86_64
- amazon-linux-ami-2-upgrade-kernel-devel
- amazon-linux-ami-2-upgrade-kernel-headers
- amazon-linux-ami-2-upgrade-kernel-livepatch-4-14-318-240-529
- amazon-linux-ami-2-upgrade-kernel-livepatch-4-14-318-240-529-debuginfo
- amazon-linux-ami-2-upgrade-kernel-livepatch-4-14-318-241-531
- amazon-linux-ami-2-upgrade-kernel-livepatch-4-14-318-241-531-debuginfo
- amazon-linux-ami-2-upgrade-kernel-livepatch-4-14-320-242-534
- amazon-linux-ami-2-upgrade-kernel-livepatch-4-14-320-242-534-debuginfo
- amazon-linux-ami-2-upgrade-kernel-livepatch-4-14-320-243-544
- amazon-linux-ami-2-upgrade-kernel-livepatch-5-10-179-171-711
- amazon-linux-ami-2-upgrade-kernel-livepatch-5-10-179-171-711-debuginfo
- amazon-linux-ami-2-upgrade-kernel-livepatch-5-10-184-174-730
- amazon-linux-ami-2-upgrade-kernel-livepatch-5-10-184-174-730-debuginfo
- amazon-linux-ami-2-upgrade-kernel-livepatch-5-10-184-175-731
- amazon-linux-ami-2-upgrade-kernel-livepatch-5-10-184-175-731-debuginfo
- amazon-linux-ami-2-upgrade-kernel-livepatch-5-10-184-175-749
- amazon-linux-ami-2-upgrade-kernel-livepatch-5-10-184-175-749-debuginfo
- amazon-linux-ami-2-upgrade-kernel-livepatch-5-10-186-179-751
- amazon-linux-ami-2-upgrade-kernel-livepatch-5-15-122-77-145
- amazon-linux-ami-2-upgrade-kernel-tools
- amazon-linux-ami-2-upgrade-kernel-tools-debuginfo
- amazon-linux-ami-2-upgrade-kernel-tools-devel
- amazon-linux-ami-2-upgrade-perf
- amazon-linux-ami-2-upgrade-perf-debuginfo
- amazon-linux-ami-2-upgrade-python-perf
- amazon-linux-ami-2-upgrade-python-perf-debuginfo
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center