vulnerability

Amazon Linux AMI 2: CVE-2023-5197: Security patch for kernel, kernel-livepatch-5.10.192-182.736, kernel-livepatch-5.10.192-183.736, kernel-livepatch-5.10.196-185.743 (Multiple Advisories)

Try Surface Command
Back to search
Severity
6
CVSS
(AV:L/AC:L/Au:S/C:P/I:P/A:C)
Published
Sep 27, 2023
Added
Oct 18, 2023
Modified
Feb 20, 2025

Description

A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.

Addition and removal of rules from chain bindings within the same transaction causes leads to use-after-free.

We recommend upgrading past commit f15f29fd4779be8a418b66e9d52979bb6d6c2325.

Solutions

amazon-linux-ami-2-upgrade-bpftoolamazon-linux-ami-2-upgrade-bpftool-debuginfoamazon-linux-ami-2-upgrade-kernelamazon-linux-ami-2-upgrade-kernel-debuginfoamazon-linux-ami-2-upgrade-kernel-debuginfo-common-aarch64amazon-linux-ami-2-upgrade-kernel-debuginfo-common-x86_64amazon-linux-ami-2-upgrade-kernel-develamazon-linux-ami-2-upgrade-kernel-headersamazon-linux-ami-2-upgrade-kernel-livepatch-5-10-192-182-736amazon-linux-ami-2-upgrade-kernel-livepatch-5-10-192-182-736-debuginfoamazon-linux-ami-2-upgrade-kernel-livepatch-5-10-192-183-736amazon-linux-ami-2-upgrade-kernel-livepatch-5-10-192-183-736-debuginfoamazon-linux-ami-2-upgrade-kernel-livepatch-5-10-196-185-743amazon-linux-ami-2-upgrade-kernel-livepatch-5-10-196-185-743-debuginfoamazon-linux-ami-2-upgrade-kernel-livepatch-5-10-197-186-748amazon-linux-ami-2-upgrade-kernel-livepatch-5-15-134-87-145amazon-linux-ami-2-upgrade-kernel-toolsamazon-linux-ami-2-upgrade-kernel-tools-debuginfoamazon-linux-ami-2-upgrade-kernel-tools-develamazon-linux-ami-2-upgrade-perfamazon-linux-ami-2-upgrade-perf-debuginfoamazon-linux-ami-2-upgrade-python-perfamazon-linux-ami-2-upgrade-python-perf-debuginfo

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today