vulnerability
Amazon Linux AMI 2: CVE-2024-0217: Security patch for PackageKit (ALAS-2025-2811)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 2 | (AV:L/AC:L/Au:S/C:N/I:N/A:P) | Jan 3, 2024 | Apr 2, 2025 | Apr 2, 2025 |
Severity
2
CVSS
(AV:L/AC:L/Au:S/C:N/I:N/A:P)
Published
Jan 3, 2024
Added
Apr 2, 2025
Modified
Apr 2, 2025
Description
A use-after-free flaw was found in PackageKitd. In some conditions, the order of cleanup mechanics for a transaction could be impacted. As a result, some memory access could occur on memory regions that were previously freed. Once freed, a memory region can be reused for other allocations and any previously stored data in this memory region is considered lost.
Solutions
amazon-linux-ami-2-upgrade-packagekitamazon-linux-ami-2-upgrade-packagekit-command-not-foundamazon-linux-ami-2-upgrade-packagekit-cronamazon-linux-ami-2-upgrade-packagekit-debuginfoamazon-linux-ami-2-upgrade-packagekit-glibamazon-linux-ami-2-upgrade-packagekit-glib-develamazon-linux-ami-2-upgrade-packagekit-gstreamer-pluginamazon-linux-ami-2-upgrade-packagekit-gtk3-moduleamazon-linux-ami-2-upgrade-packagekit-yumamazon-linux-ami-2-upgrade-packagekit-yum-plugin
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.