vulnerability

Amazon Linux AMI: CVE-2018-7995: Security patch for kernel (ALAS-2018-1023)

Severity
5
CVSS
(AV:L/AC:M/Au:N/C:N/I:N/A:C)
Published
Mar 9, 2018
Added
Jan 25, 2019
Modified
Oct 14, 2022

Description

** DISPUTED ** Race condition in the store_int_with_restart() function in arch/x86/kernel/cpu/mcheck/mce.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (panic) by leveraging root access to write to the check_interval file in a /sys/devices/system/machinecheck/machinecheck directory. NOTE: a third party has indicated that this report is not security relevant.

Solution

amazon-linux-upgrade-kernel
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.