ALAS-2024-1946

Amazon Linux 1 (EOL) Security Advisory: ALAS-2024-1946
Advisory Released Date: 2024-09-17
Advisory Updated Date: 2024-09-17

Severity: Important

References: CVE-2023-49141
FAQs regarding Amazon Linux ALAS/CVE Severity

Issue Overview:

Improper isolation in some Intel(R) Processors stream cache mechanism may allow an authenticated user to potentially enable escalation of privilege via local access. (CVE-2023-49141)

Affected Packages:

microcode_ctl

Issue Correction:
Run yum update microcode_ctl to update your system.

New Packages:

i686:
    microcode_ctl-debuginfo-2.1-47.43.amzn1.i686
    microcode_ctl-2.1-47.43.amzn1.i686

src:
    microcode_ctl-2.1-47.43.amzn1.src

x86_64:
    microcode_ctl-debuginfo-2.1-47.43.amzn1.x86_64
    microcode_ctl-2.1-47.43.amzn1.x86_64

Additional References

Red Hat: CVE-2023-49141

Mitre: CVE-2023-49141