vulnerability

Amazon Linux AMI 2: Security patch for kernel (ALAS-2021-1634)

Try Surface Command
Back to search
Severity
7
CVSS
(AV:L/AC:L/Au:S/C:C/I:C/A:C)
Published
04/29/2021
Added
05/04/2021
Modified
02/19/2025

Description

A low severity issue was found in the Nitro Enclaves Linux kernel driver that could lead to local privilege escalation. The issue does not break the isolation or security of what is running inside the enclave as the Nitro Enclave's security model already excludes the instance running the Nitro Enclaves kernel driver from its trust boundary.For the issue to occur, the Nitro Enclaves kernel module needs to be loaded and in use, and Nitro Enclave (ne) group permissions are required. Only trusted Nitro Enclaves software runs with the ne group permissions, and no interactive logins are in the group by default. As a result, the only actors in a position to take advantage of this issue would already have to have root privileges. While this issue has no impact to Nitro Enclave's security or isolation properties, we recommend that customers update to the latest Kernel provided by Amazon Linux.

Solution(s)

amazon-linux-ami-2-upgrade-kernelamazon-linux-ami-2-upgrade-kernel-debuginfoamazon-linux-ami-2-upgrade-kernel-debuginfo-common-aarch64amazon-linux-ami-2-upgrade-kernel-debuginfo-common-x86_64amazon-linux-ami-2-upgrade-kernel-develamazon-linux-ami-2-upgrade-kernel-headersamazon-linux-ami-2-upgrade-kernel-livepatch-4-14-231-173-361amazon-linux-ami-2-upgrade-kernel-toolsamazon-linux-ami-2-upgrade-kernel-tools-debuginfoamazon-linux-ami-2-upgrade-kernel-tools-develamazon-linux-ami-2-upgrade-perfamazon-linux-ami-2-upgrade-perf-debuginfoamazon-linux-ami-2-upgrade-python-perfamazon-linux-ami-2-upgrade-python-perf-debuginfo

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today