vulnerability
Amazon Linux AMI 2: Security patch for filesystem (ALAS-2019-1175)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:S/C:C/I:N/A:N) | Mar 14, 2019 | Apr 27, 2020 | Feb 20, 2025 |
Severity
5
CVSS
(AV:L/AC:L/Au:S/C:C/I:N/A:N)
Published
Mar 14, 2019
Added
Apr 27, 2020
Modified
Feb 20, 2025
Description
Images built for the Amazon Linux 2.0.20190218 release included system files with incorrect permissions applied.
Incorrect permissions were applied to files including:/etc/fstab/etc/localtime/etc/image-id/etc/sysconfig/i18n/etc/sysconfig/clock/etc/sysconfig/keyboard/etc/sysctl.d/99-amazon.conf/var/lib/rpm/Packages All users should upgrade to this updated package which corrects permissions for these files if they are not already in the expected state. The latest Amazon Linux 2 AMIs, on-premises VM images, and Docker Hub listings already include these updates.
Solutions
amazon-linux-ami-2-upgrade-filesystemamazon-linux-ami-2-upgrade-filesystem-content
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.