vulnerability
Amazon Linux AMI 2: Security patch for filesystem (ALAS-2019-1190)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:N/C:C/I:N/A:N) | Apr 17, 2019 | Apr 27, 2020 | Feb 20, 2025 |
Severity
5
CVSS
(AV:L/AC:L/Au:N/C:C/I:N/A:N)
Published
Apr 17, 2019
Added
Apr 27, 2020
Modified
Feb 20, 2025
Description
Images built for the Amazon Linux 2.0.20190313 release included system files with incorrect permissions applied.
Incorrect permissions were applied to the following file:
/etc/shadow
All users should upgrade to this updated package which corrects permissions for these files if they are not already in the expected state.
Solutions
amazon-linux-ami-2-upgrade-filesystemamazon-linux-ami-2-upgrade-filesystem-content
References
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.