vulnerability

Amazon Linux AMI: CVE-2016-10229: Security patch for kernel (ALAS-2017-832)

Severity
10
CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Published
Apr 4, 2017
Added
May 31, 2017
Modified
Oct 14, 2022

Description

udp.c in the Linux kernel before 4.5 allows remote attackers to execute arbitrary code via UDP traffic that triggers an unsafe second checksum calculation during execution of a recv system call with the MSG_PEEK flag.

Solution

amazon-linux-upgrade-kernel
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.