Important: kernel

Issue Overview:

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nftables: exthdr: fix 4-byte stack OOB write

If priv->len is a multiple of 4, then dst[len / 4] can write past
the destination array which leads to stack corruption.

This construct is necessary to clean the remainder of the register
in case ->len is NOT a multiple of the register size, so make it
conditional just like nft_payload.c does.

The bug was added in 4.1 cycle and then copied/inherited when
tcp/sctp and ip option support was added.

Bug reported by Zero Day Initiative project (ZDI-CAN-21950,
ZDI-CAN-21951, ZDI-CAN-21961). (CVE-2023-52628)

Affected Packages:

kernel

Note:

This advisory is applicable to Amazon Linux 2 (AL2) Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories.

Issue Correction:
Run yum update kernel to update your system.

New Packages:

aarch64:  
    kernel-4.14.343-261.564.amzn2.aarch64  
    kernel-headers-4.14.343-261.564.amzn2.aarch64  
    kernel-debuginfo-common-aarch64-4.14.343-261.564.amzn2.aarch64  
    perf-4.14.343-261.564.amzn2.aarch64  
    perf-debuginfo-4.14.343-261.564.amzn2.aarch64  
    python-perf-4.14.343-261.564.amzn2.aarch64  
    python-perf-debuginfo-4.14.343-261.564.amzn2.aarch64  
    kernel-tools-4.14.343-261.564.amzn2.aarch64  
    kernel-tools-devel-4.14.343-261.564.amzn2.aarch64  
    kernel-tools-debuginfo-4.14.343-261.564.amzn2.aarch64  
    kernel-devel-4.14.343-261.564.amzn2.aarch64  
    kernel-debuginfo-4.14.343-261.564.amzn2.aarch64  
  
i686:  
    kernel-headers-4.14.343-261.564.amzn2.i686  
  
src:  
    kernel-4.14.343-261.564.amzn2.src  
  
x86_64:  
    kernel-4.14.343-261.564.amzn2.x86_64  
    kernel-headers-4.14.343-261.564.amzn2.x86_64  
    kernel-debuginfo-common-x86_64-4.14.343-261.564.amzn2.x86_64  
    perf-4.14.343-261.564.amzn2.x86_64  
    perf-debuginfo-4.14.343-261.564.amzn2.x86_64  
    python-perf-4.14.343-261.564.amzn2.x86_64  
    python-perf-debuginfo-4.14.343-261.564.amzn2.x86_64  
    kernel-tools-4.14.343-261.564.amzn2.x86_64  
    kernel-tools-devel-4.14.343-261.564.amzn2.x86_64  
    kernel-tools-debuginfo-4.14.343-261.564.amzn2.x86_64  
    kernel-devel-4.14.343-261.564.amzn2.x86_64  
    kernel-debuginfo-4.14.343-261.564.amzn2.x86_64  
    kernel-livepatch-4.14.343-261.564-1.0-0.amzn2.x86_64  

Additional References

Red Hat: CVE-2023-52628

Mitre: CVE-2023-52628