VULNERABILITY

Amazon Linux AMI 2: CVE-2024-50230: Security patch for kernel, kernel-livepatch-5.10.227-219.884, kernel-livepatch-5.10.228-219.884 (Multiple Advisories)

Try Surface Command Get a continuous 360° view of your attack surface
Back to Search

Amazon Linux AMI 2: CVE-2024-50230: Security patch for kernel, kernel-livepatch-5.10.227-219.884, kernel-livepatch-5.10.228-219.884 (Multiple Advisories)

Severity
7
CVSS
(AV:L/AC:L/Au:S/C:C/I:C/A:C)
Published
11/09/2024
Created
01/28/2025
Added
01/27/2025
Modified
02/05/2025

Description

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix kernel bug due to missing clearing of checked flag Syzbot reported that in directory operations after nilfs2 detects filesystem corruption and degrades to read-only, __block_write_begin_int(), which is called to prepare block writes, may fail the BUG_ON check for accesses exceeding the folio/page size, triggering a kernel bug. This was found to be because the "checked" flag of a page/folio was not cleared when it was discarded by nilfs2's own routine, which causes the sanity check of directory entries to be skipped when the directory page/folio is reloaded. So, fix that. This was necessary when the use of nilfs2's own page discard routine was applied to more than just metadata files.

Solution(s)

  • amazon-linux-ami-2-upgrade-bpftool
  • amazon-linux-ami-2-upgrade-bpftool-debuginfo
  • amazon-linux-ami-2-upgrade-kernel
  • amazon-linux-ami-2-upgrade-kernel-debuginfo
  • amazon-linux-ami-2-upgrade-kernel-debuginfo-common-aarch64
  • amazon-linux-ami-2-upgrade-kernel-debuginfo-common-x86_64
  • amazon-linux-ami-2-upgrade-kernel-devel
  • amazon-linux-ami-2-upgrade-kernel-headers
  • amazon-linux-ami-2-upgrade-kernel-livepatch-4-14-355-275-582
  • amazon-linux-ami-2-upgrade-kernel-livepatch-5-10-227-219-884
  • amazon-linux-ami-2-upgrade-kernel-livepatch-5-10-228-219-884
  • amazon-linux-ami-2-upgrade-kernel-livepatch-5-10-230-223-885
  • amazon-linux-ami-2-upgrade-kernel-tools
  • amazon-linux-ami-2-upgrade-kernel-tools-debuginfo
  • amazon-linux-ami-2-upgrade-kernel-tools-devel
  • amazon-linux-ami-2-upgrade-perf
  • amazon-linux-ami-2-upgrade-perf-debuginfo
  • amazon-linux-ami-2-upgrade-python-perf
  • amazon-linux-ami-2-upgrade-python-perf-debuginfo

References

insightVM

Advanced vulnerability management analytics and reporting.
Key Features
  • Lightweight Endpoint Agent
  • Live Dashboards
  • Real Risk Prioritization
  • IT-Integrated Remediation Projects
  • Cloud, Virtual, and Container Assessment
  • Integrated Threat Feeds
  • Easy-to-Use RESTful API
  • Automation-Assisted Patching
  • Automated Containment
Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;