vulnerability

Amazon Linux AMI: CVE-2017-0553: Security patch for libnl3 (ALAS-2017-876)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
8	(AV:N/AC:H/Au:N/C:C/I:C/A:C)	2017-04-07	2017-09-01	2020-03-02

Severity

CVSS

(AV:N/AC:H/Au:N/C:C/I:C/A:C)

Published

2017-04-07

Added

2017-09-01

Modified

2020-03-02

Description

An elevation of privilege vulnerability in libnl could enable a local malicious application to execute arbitrary code within the context of the Wi-Fi service. This issue is rated as Moderate because it first requires compromising a privileged process and is mitigated by current platform configurations. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-32342065. NOTE: this issue also exists in the upstream libnl before 3.3.0 library.

Solution

amazon-linux-upgrade-libnl3

References

AMAZON-ALAS-2017-876
UBUNTU-USN-3311-1
UBUNTU-USN-3311-2
NVD-CVE-2017-0553
DEBIAN-DLA-891-1
DEBIAN-DLA-892-1

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today