发布于3月6日3月6日 Members Amazon Linux AMI: CVE-2023-0458: Security patch for kernel (ALAS-2023-1701) Severity 4 CVSS (AV:L/AC:M/Au:S/C:C/I:N/A:N) Published 03/17/2023 Created 05/05/2023 Added 05/02/2023 Modified 01/28/2025 Description A speculative pointer dereference problem exists in the Linux Kernel on the do_prlimit() function. The resource argument value is controlled and is used in pointer arithmetic for the 'rlim' variable and can be used to leak the contents. We recommend upgrading past version 6.1.8 or commit 739790605705ddcf18f21782b9c99ad7d53a8c11 Solution(s) amazon-linux-upgrade-kernel References ALAS-2023-1701 CVE-2023-0458
