vulnerability

Amazon Linux 2023: CVE-2023-52640: Important priority package update for kernel

Try Surface Command
Back to search
Severity
6
CVSS
(AV:L/AC:L/Au:S/C:C/I:N/A:C)
Published
Apr 3, 2024
Added
Feb 17, 2025
Modified
Jul 9, 2025

Description

In the Linux kernel, the following vulnerability has been resolved:
fs/ntfs3: Fix oob in ntfs_listxattr
The length of name cannot exceed the space occupied by ea.
A vulnerability was found in the ntfs3 function in ntfs_list_ea() in the Linux kernel, where a missing check on the length of an attribute name could exceed the expected size of the extended attribute structure and cause an out-of-bounds error. This issue could result in memory corruption, data leakage, crashes, and arbitrary code execution.

Solutions

amazon-linux-2023-upgrade-bpftoolamazon-linux-2023-upgrade-bpftool-debuginfoamazon-linux-2023-upgrade-kernelamazon-linux-2023-upgrade-kernel-debuginfoamazon-linux-2023-upgrade-kernel-debuginfo-common-aarch64amazon-linux-2023-upgrade-kernel-debuginfo-common-x86-64amazon-linux-2023-upgrade-kernel-develamazon-linux-2023-upgrade-kernel-headersamazon-linux-2023-upgrade-kernel-libbpfamazon-linux-2023-upgrade-kernel-libbpf-develamazon-linux-2023-upgrade-kernel-libbpf-staticamazon-linux-2023-upgrade-kernel-livepatch-6-1-82-99-168amazon-linux-2023-upgrade-kernel-modules-extraamazon-linux-2023-upgrade-kernel-modules-extra-commonamazon-linux-2023-upgrade-kernel-toolsamazon-linux-2023-upgrade-kernel-tools-debuginfoamazon-linux-2023-upgrade-kernel-tools-develamazon-linux-2023-upgrade-perfamazon-linux-2023-upgrade-perf-debuginfoamazon-linux-2023-upgrade-python3-perfamazon-linux-2023-upgrade-python3-perf-debuginfo

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today