QID 354742
Date Published: 2023-02-10
QID 354742: Amazon Linux Security Advisory for kernel-livepatch : ALAS2LIVEPATCH-2023-105
A vulnerability was found in linux kernel.
It has been declared as problematic.
Affected by this vulnerability is the function ipv6_renew_options of the component ipv6 handler.
The manipulation leads to memory leak.
The attack can be launched remotely.
It is recommended to apply a patch to fix this issue.
The identifier vdb-211021 was assigned to this vulnerability. (
( CVE-2022-3524) a vulnerability was found in linux kernel.
Affected by this vulnerability is the function intr_callback of the file drivers/net/usb/r8152.c of the component bpf.
The manipulation leads to logging of excessive data.
The associated identifier of this vulnerability is vdb-211363. (
( CVE-2022-3594) a vulnerability was found in linux kernel.
Affected by this vulnerability is the function follow_page_pte of the file mm/gup.c of the component bpf.
The manipulation leads to race condition.
The identifier vdb-211921 was assigned to this vulnerability. (
( CVE-2022-3623) a missing check on user input in the _do_proc_dointvec function can result in a stack-based buffer overflow in the linux kernel, which can cause a crash or potentially escalate privileges. (
( CVE-2022-4378)
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Successful exploitation of this vulnerability could lead to a securitybreach or could affect integrity, availability, and confidentiality.
- ALAS2LIVEPATCH-2023-105 -
alas.aws.amazon.com/AL2/ALASLIVEPATCH-2023-105.html
CVEs related to QID 354742
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| ALAS2LIVEPATCH-2023-105 | amazon linux 2 |
alas.aws.amazon.com/AL2/ALASLIVEPATCH-2023-105.html |