ALAS2KERNEL-5.15-2022-011


Amazon Linux 2 Security Advisory: ALAS2KERNEL-5.15-2022-011
Advisory Released Date: 2022-12-08
Advisory Updated Date: 2025-06-27
Severity: Important

Issue Overview:

A vulnerability classified as problematic has been found in Linux Kernel. This affects the function fib_nh_match of the file net/ipv4/fib_semantics.c of the component IPv4 Handler. The manipulation leads to out-of-bounds read. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-210357 was assigned to this vulnerability. (CVE-2022-3435)

A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6_renew_options of the component IPv6 Handler. The manipulation leads to memory leak. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211021 was assigned to this vulnerability. (CVE-2022-3524)

A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function unix_sock_destructor/unix_release_sock of the file net/unix/af_unix.c of the component BPF. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211043. (CVE-2022-3543)

A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211087. (CVE-2022-3564)

A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function l2cap_recv_acldata of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. VDB-211918 is the identifier assigned to this vulnerability. (CVE-2022-3619)

A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function follow_page_pte of the file mm/gup.c of the component BPF. The manipulation leads to race condition. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211921 was assigned to this vulnerability. (CVE-2022-3623)

In the Linux kernel, the following vulnerability has been resolved:

btrfs: zoned: initialize device's zone info for seeding (CVE-2022-49831)

In the Linux kernel, the following vulnerability has been resolved:

udf: Fix a slab-out-of-bounds write bug in udf_find_entry() (CVE-2022-49846)

In the Linux kernel, the following vulnerability has been resolved:

btrfs: fix match incorrectly in dev_args_match_device (CVE-2022-49849)

In the Linux kernel, the following vulnerability has been resolved:

net: macvlan: fix memory leaks of macvlan_common_newlink (CVE-2022-49853)

In the Linux kernel, the following vulnerability has been resolved:

ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network (CVE-2022-49865)

In the Linux kernel, the following vulnerability has been resolved:

capabilities: fix undefined behavior in bit shift for CAP_TO_MASK (CVE-2022-49870)

In the Linux kernel, the following vulnerability has been resolved:

net: tun: Fix memory leaks of napi_get_frags (CVE-2022-49871)

In the Linux kernel, the following vulnerability has been resolved:

bpf: Fix wrong reg type conversion in release_reference() (CVE-2022-49873)

In the Linux kernel, the following vulnerability has been resolved:

HID: hyperv: fix possible memory leak in mousevsc_probe() (CVE-2022-49874)

In the Linux kernel, the following vulnerability has been resolved:

bpftool: Fix NULL pointer dereference when pin {PROG, MAP, LINK} without FILE (CVE-2022-49875)

In the Linux kernel, the following vulnerability has been resolved:

bpf, verifier: Fix memory leak in array reallocation for stack state (CVE-2022-49878)

In the Linux kernel, the following vulnerability has been resolved:

ext4: fix BUG_ON() when directory entry has invalid rec_len (CVE-2022-49879)

In the Linux kernel, the following vulnerability has been resolved:

ext4: fix warning in 'ext4_da_release_space' (CVE-2022-49880)

In the Linux kernel, the following vulnerability has been resolved:

ACPI: APEI: Fix integer overflow in ghes_estatus_pool_init() (CVE-2022-49885)

In the Linux kernel, the following vulnerability has been resolved:

arm64: entry: avoid kprobe recursion (CVE-2022-49888)

In the Linux kernel, the following vulnerability has been resolved:

capabilities: fix potential memleak on error path from vfs_getxattr_alloc() (CVE-2022-49890)

In the Linux kernel, the following vulnerability has been resolved:

ftrace: Fix use-after-free for dynamic ftrace_ops (CVE-2022-49892)

In the Linux kernel, the following vulnerability has been resolved:

btrfs: fix tree mod log mishandling of reallocated nodes (CVE-2022-49898)

In the Linux kernel, the following vulnerability has been resolved:

fscrypt: stop using keyrings subsystem for fscrypt_master_key (CVE-2022-49899)

In the Linux kernel, the following vulnerability has been resolved:

block: Fix possible memory leak for rq_wb on add_disk failure (CVE-2022-49902)

In the Linux kernel, the following vulnerability has been resolved:

ipv6: fix WARNING in ip6_route_net_exit_late() (CVE-2022-49903)

In the Linux kernel, the following vulnerability has been resolved:

net/smc: Fix possible leaked pernet namespace in smc_init() (CVE-2022-49905)

In the Linux kernel, the following vulnerability has been resolved:

net: mdio: fix undefined behavior in bit shift for __mdiobus_register (CVE-2022-49907)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: ipset: enforce documented limit to prevent allocating huge memory (CVE-2022-49911)

In the Linux kernel, the following vulnerability has been resolved:

btrfs: fix ulist leaks in error paths of qgroup self tests (CVE-2022-49912)

In the Linux kernel, the following vulnerability has been resolved:

btrfs: fix inode list leak during backref walking at find_parent_nodes() (CVE-2022-49913)

In the Linux kernel, the following vulnerability has been resolved:

btrfs: fix inode list leak during backref walking at resolve_indirect_refs() (CVE-2022-49914)

In the Linux kernel, the following vulnerability has been resolved:

mISDN: fix possible memory leak in mISDN_register_device() (CVE-2022-49915)

In the Linux kernel, the following vulnerability has been resolved:

ipvs: fix WARNING in ip_vs_app_net_cleanup() (CVE-2022-49917)

In the Linux kernel, the following vulnerability has been resolved:

ipvs: fix WARNING in __ip_vs_cleanup_batch() (CVE-2022-49918)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nf_tables: release flow rule object from commit path (CVE-2022-49919)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nf_tables: netlink notifier might race to release objects (CVE-2022-49920)

In the Linux kernel, the following vulnerability has been resolved:

net: sched: Fix use after free in red_enqueue() (CVE-2022-49921)

In the Linux kernel, the following vulnerability has been resolved:

RDMA/core: Fix null-ptr-deref in ib_core_cleanup() (CVE-2022-49925)

In the Linux kernel, the following vulnerability has been resolved:

nfs4: Fix kmemleak when allocate slot failed (CVE-2022-49927)

In the Linux kernel, the following vulnerability has been resolved:

SUNRPC: Fix null-ptr-deref when xps sysfs alloc failed (CVE-2022-49928)

A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. (CVE-2023-0590)

An out-of-bounds memory access flaw was found in the Linux kernel's TUN/TAP device driver functionality in how a user generates a malicious (too big) networking packet when napi frags is enabled. This flaw allows a local user to crash or potentially escalate their privileges on the system. (CVE-2023-3812)


Affected Packages:

kernel


Note:

This advisory is applicable to Amazon Linux 2 - Kernel-5.15 Extra. Visit this page to learn more about Amazon Linux 2 (AL2) Extras and this FAQ section for the difference between AL2 Core and AL2 Extras advisories.


Issue Correction:
Run yum update kernel to update your system.

New Packages:
aarch64:
    kernel-5.15.79-51.138.amzn2.aarch64
    kernel-headers-5.15.79-51.138.amzn2.aarch64
    kernel-debuginfo-common-aarch64-5.15.79-51.138.amzn2.aarch64
    perf-5.15.79-51.138.amzn2.aarch64
    perf-debuginfo-5.15.79-51.138.amzn2.aarch64
    python-perf-5.15.79-51.138.amzn2.aarch64
    python-perf-debuginfo-5.15.79-51.138.amzn2.aarch64
    kernel-tools-5.15.79-51.138.amzn2.aarch64
    kernel-tools-devel-5.15.79-51.138.amzn2.aarch64
    kernel-tools-debuginfo-5.15.79-51.138.amzn2.aarch64
    bpftool-5.15.79-51.138.amzn2.aarch64
    bpftool-debuginfo-5.15.79-51.138.amzn2.aarch64
    kernel-devel-5.15.79-51.138.amzn2.aarch64
    kernel-debuginfo-5.15.79-51.138.amzn2.aarch64
    kernel-livepatch-5.15.79-51.138-1.0-0.amzn2.aarch64

i686:
    kernel-headers-5.15.79-51.138.amzn2.i686

src:
    kernel-5.15.79-51.138.amzn2.src

x86_64:
    kernel-5.15.79-51.138.amzn2.x86_64
    kernel-headers-5.15.79-51.138.amzn2.x86_64
    kernel-debuginfo-common-x86_64-5.15.79-51.138.amzn2.x86_64
    perf-5.15.79-51.138.amzn2.x86_64
    perf-debuginfo-5.15.79-51.138.amzn2.x86_64
    python-perf-5.15.79-51.138.amzn2.x86_64
    python-perf-debuginfo-5.15.79-51.138.amzn2.x86_64
    kernel-tools-5.15.79-51.138.amzn2.x86_64
    kernel-tools-devel-5.15.79-51.138.amzn2.x86_64
    kernel-tools-debuginfo-5.15.79-51.138.amzn2.x86_64
    bpftool-5.15.79-51.138.amzn2.x86_64
    bpftool-debuginfo-5.15.79-51.138.amzn2.x86_64
    kernel-devel-5.15.79-51.138.amzn2.x86_64
    kernel-debuginfo-5.15.79-51.138.amzn2.x86_64
    kernel-livepatch-5.15.79-51.138-1.0-0.amzn2.x86_64

Changelog:

2025-06-27: CVE-2022-49921 was added to this advisory.

2025-06-19: CVE-2022-49920 was added to this advisory.

2025-06-19: CVE-2022-49915 was added to this advisory.

2025-06-19: CVE-2022-49913 was added to this advisory.

2025-06-19: CVE-2022-49870 was added to this advisory.

2025-06-19: CVE-2022-49907 was added to this advisory.

2025-06-19: CVE-2022-49879 was added to this advisory.

2025-06-19: CVE-2022-49831 was added to this advisory.

2025-06-19: CVE-2022-49865 was added to this advisory.

2025-06-19: CVE-2022-49899 was added to this advisory.

2025-06-19: CVE-2022-49918 was added to this advisory.

2025-06-19: CVE-2022-49880 was added to this advisory.

2025-06-19: CVE-2022-49853 was added to this advisory.

2025-06-19: CVE-2022-49928 was added to this advisory.

2025-06-19: CVE-2022-49875 was added to this advisory.

2025-06-19: CVE-2022-49912 was added to this advisory.

2025-06-19: CVE-2022-49885 was added to this advisory.

2025-06-19: CVE-2022-49917 was added to this advisory.

2025-06-19: CVE-2022-49871 was added to this advisory.

2025-06-19: CVE-2022-49927 was added to this advisory.

2025-06-19: CVE-2022-49849 was added to this advisory.

2025-06-19: CVE-2022-49878 was added to this advisory.

2025-06-19: CVE-2022-49925 was added to this advisory.

2025-06-19: CVE-2022-49911 was added to this advisory.

2025-06-19: CVE-2022-49905 was added to this advisory.

2025-06-19: CVE-2022-49903 was added to this advisory.

2025-06-19: CVE-2022-49846 was added to this advisory.

2025-06-19: CVE-2022-49914 was added to this advisory.

2025-06-19: CVE-2022-49919 was added to this advisory.

2025-06-19: CVE-2022-49874 was added to this advisory.

2025-06-19: CVE-2022-49892 was added to this advisory.

2025-06-19: CVE-2022-49898 was added to this advisory.

2025-06-19: CVE-2022-49902 was added to this advisory.

2025-06-19: CVE-2022-49873 was added to this advisory.

2025-06-19: CVE-2022-49890 was added to this advisory.

2025-06-09: CVE-2022-49888 was added to this advisory.