Rapid7 Vulnerability & Exploit Database

Amazon Linux AMI 2: Security patch for kernel-livepatch-4.14.219-161.340 (ALASLIVEPATCH-2021-046)

Back to Search

Amazon Linux AMI 2: Security patch for kernel-livepatch-4.14.219-161.340 (ALASLIVEPATCH-2021-046)

Severity
4
CVSS
(AV:L/AC:M/Au:N/C:P/I:P/A:P)
Published
04/29/2021
Created
05/05/2021
Added
05/04/2021
Modified
05/04/2021

Description

A low severity issue was found in the Nitro Enclaves Linux kernel driver that could lead to local privilege escalation. The issue does not break the isolation or security of what is running inside the enclave as the Nitro Enclave's security model already excludes the instance running the Nitro Enclaves kernel driver from its trust boundary.

For the issue to occur, the Nitro Enclaves kernel module needs to be loaded and in use, and Nitro Enclave (ne) group permissions are required. Only trusted Nitro Enclaves software runs with the ne group permissions, and no interactive logins are in the group by default. As a result, the only actors in a position to take advantage of this issue would already have to have root privileges. While this issue has no impact to Nitro Enclave's security or isolation properties, we recommend that customers update to the latest Kernel provided by Amazon Linux.

Solution(s)

  • amazon-linux-ami-2-upgrade-kernel-livepatch-4-14-219-161-340
  • amazon-linux-ami-2-upgrade-kernel-livepatch-4-14-219-161-340-debuginfo

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;