vulnerability
Amazon Linux AMI 2: Security patch for filesystem (ALAS2-2019-1175)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:S/C:N/I:C/A:N) | Jul 9, 2025 | Jul 9, 2025 | Jul 9, 2025 |
Severity
5
CVSS
(AV:L/AC:L/Au:S/C:N/I:C/A:N)
Published
Jul 9, 2025
Added
Jul 9, 2025
Modified
Jul 9, 2025
Description
Images built for the Amazon Linux 2.0.20190218 release included system files with incorrect permissions applied.
Incorrect permissions were applied to files including:/etc/fstab/etc/localtime/etc/image-id/etc/sysconfig/i18n/etc/sysconfig/clock/etc/sysconfig/keyboard/etc/sysctl.d/99-amazon.conf/var/lib/rpm/Packages All users should upgrade to this updated package which corrects permissions for these files if they are not already in the expected state. The latest Amazon Linux 2 AMIs, on-premises VM images, and Docker Hub listings already include these updates.
Solutions
amazon-linux-ami-2-upgrade-filesystemamazon-linux-ami-2-upgrade-filesystem-content
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.