vulnerability

Amazon Linux AMI: CVE-2020-16119: Security patch for kernel (ALAS-2021-1539)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:L/AC:L/Au:N/C:P/I:P/A:P)	Oct 14, 2020	Oct 5, 2021	Oct 5, 2021

Severity

CVSS

(AV:L/AC:L/Au:N/C:P/I:P/A:P)

Published

Oct 14, 2020

Added

Oct 5, 2021

Modified

Oct 5, 2021

Description

Use-after-free vulnerability in the Linux kernel exploitable by a local attacker due to reuse of a DCCP socket with an attached dccps_hc_tx_ccid object as a listener after being released. Fixed in Ubuntu Linux kernel 5.4.0-51.56, 5.3.0-68.63, 4.15.0-121.123, 4.4.0-193.224, 3.13.0.182.191 and 3.2.0-149.196.

Solution

amazon-linux-upgrade-kernel

References

AMAZON-ALAS-2021-1539
UBUNTU-USN-4576-1
UBUNTU-USN-4577-1
UBUNTU-USN-4578-1
UBUNTU-USN-4579-1
UBUNTU-USN-4580-1
NVD-CVE-2020-16119

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today