vulnerability
Amazon Linux AMI 2: CVE-2023-3090: Security patch for kernel, kernel-livepatch-4.14.313-235.533, kernel-livepatch-4.14.314-237.533, kernel-livepatch-4.14.314-238.539, kernel-livepatch-5.10.177-158.645, kernel-livepatch-5.10.178-162.673, kernel-livepatch-5.10.179-166.674, kernel-livepatch-5.10.179-168.710, kernel-livepatch-5.10.179-171.711 (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:L/AC:L/Au:S/C:C/I:C/A:C) | 2023-06-28 | 2023-07-21 | 2025-02-20 |
Severity
7
CVSS
(AV:L/AC:L/Au:S/C:C/I:C/A:C)
Published
2023-06-28
Added
2023-07-21
Modified
2025-02-20
Description
A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation.
The out-of-bounds write is caused by missing skb->cb initialization in the ipvlan network driver. The vulnerability is reachable if CONFIG_IPVLAN is enabled.
We recommend upgrading past commit 90cbed5247439a966b645b34eb0a2e037836ea8e.
Solution(s)
amazon-linux-ami-2-upgrade-bpftoolamazon-linux-ami-2-upgrade-bpftool-debuginfoamazon-linux-ami-2-upgrade-kernelamazon-linux-ami-2-upgrade-kernel-debuginfoamazon-linux-ami-2-upgrade-kernel-debuginfo-common-aarch64amazon-linux-ami-2-upgrade-kernel-debuginfo-common-x86_64amazon-linux-ami-2-upgrade-kernel-develamazon-linux-ami-2-upgrade-kernel-headersamazon-linux-ami-2-upgrade-kernel-livepatch-4-14-313-235-533amazon-linux-ami-2-upgrade-kernel-livepatch-4-14-313-235-533-debuginfoamazon-linux-ami-2-upgrade-kernel-livepatch-4-14-314-237-533amazon-linux-ami-2-upgrade-kernel-livepatch-4-14-314-237-533-debuginfoamazon-linux-ami-2-upgrade-kernel-livepatch-4-14-314-238-539amazon-linux-ami-2-upgrade-kernel-livepatch-4-14-314-238-539-debuginfoamazon-linux-ami-2-upgrade-kernel-livepatch-4-14-318-240-529amazon-linux-ami-2-upgrade-kernel-livepatch-5-10-177-158-645amazon-linux-ami-2-upgrade-kernel-livepatch-5-10-177-158-645-debuginfoamazon-linux-ami-2-upgrade-kernel-livepatch-5-10-178-162-673amazon-linux-ami-2-upgrade-kernel-livepatch-5-10-178-162-673-debuginfoamazon-linux-ami-2-upgrade-kernel-livepatch-5-10-179-166-674amazon-linux-ami-2-upgrade-kernel-livepatch-5-10-179-166-674-debuginfoamazon-linux-ami-2-upgrade-kernel-livepatch-5-10-179-168-710amazon-linux-ami-2-upgrade-kernel-livepatch-5-10-179-168-710-debuginfoamazon-linux-ami-2-upgrade-kernel-livepatch-5-10-179-171-711amazon-linux-ami-2-upgrade-kernel-livepatch-5-10-179-171-711-debuginfoamazon-linux-ami-2-upgrade-kernel-livepatch-5-10-184-174-730amazon-linux-ami-2-upgrade-kernel-livepatch-5-15-117-72-142amazon-linux-ami-2-upgrade-kernel-toolsamazon-linux-ami-2-upgrade-kernel-tools-debuginfoamazon-linux-ami-2-upgrade-kernel-tools-develamazon-linux-ami-2-upgrade-perfamazon-linux-ami-2-upgrade-perf-debuginfoamazon-linux-ami-2-upgrade-python-perfamazon-linux-ami-2-upgrade-python-perf-debuginfo
References
- AMAZON-AL2/ALAS-2023-2100
- AMAZON-AL2/ALASKERNEL-5.10-2023-034
- AMAZON-AL2/ALASKERNEL-5.15-2023-021
- AMAZON-AL2/ALASKERNEL-5.4-2023-047
- AMAZON-AL2/ALASLIVEPATCH-2023-134
- AMAZON-AL2/ALASLIVEPATCH-2023-135
- AMAZON-AL2/ALASLIVEPATCH-2023-136
- AMAZON-AL2/ALASLIVEPATCH-2023-137
- AMAZON-AL2/ALASLIVEPATCH-2023-138
- AMAZON-AL2/ALASLIVEPATCH-2023-139
- AMAZON-AL2/ALASLIVEPATCH-2023-140
- AMAZON-AL2/ALASLIVEPATCH-2023-141
- CVE-2023-3090
- https://attackerkb.com/topics/CVE-2023-3090
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.