Amazon Linux AMI 2: CVE-2023-28772: Security patch for kernel (Multiple Advisories)

Amazon Linux AMI 2: CVE-2023-28772: Security patch for kernel (Multiple Advisories)

Severity

7

CVSS

(AV:L/AC:L/Au:M/C:C/I:C/A:C)

Published

03/23/2023

Created

07/14/2023

Added

07/14/2023

Modified

01/28/2025

Description

An issue was discovered in the Linux kernel before 5.13.3. lib/seq_buf.c has a seq_buf_putmem_hex buffer overflow.

Solution(s)

• amazon-linux-ami-2-upgrade-bpftool
• amazon-linux-ami-2-upgrade-bpftool-debuginfo
• amazon-linux-ami-2-upgrade-kernel
• amazon-linux-ami-2-upgrade-kernel-debuginfo
• amazon-linux-ami-2-upgrade-kernel-debuginfo-common-aarch64
• amazon-linux-ami-2-upgrade-kernel-debuginfo-common-x86_64
• amazon-linux-ami-2-upgrade-kernel-devel
• amazon-linux-ami-2-upgrade-kernel-headers
• amazon-linux-ami-2-upgrade-kernel-livepatch-4-14-241-184-433
• amazon-linux-ami-2-upgrade-kernel-livepatch-5-10-59-52-142
• amazon-linux-ami-2-upgrade-kernel-tools
• amazon-linux-ami-2-upgrade-kernel-tools-debuginfo
• amazon-linux-ami-2-upgrade-kernel-tools-devel
• amazon-linux-ami-2-upgrade-perf
• amazon-linux-ami-2-upgrade-perf-debuginfo
• amazon-linux-ami-2-upgrade-python-perf
• amazon-linux-ami-2-upgrade-python-perf-debuginfo

References

• https://attackerkb.com/topics/cve-2023-28772
• AL2/ALAS-2021-1696
• AL2/ALASKERNEL-5.10-2022-004
• AL2/ALASKERNEL-5.4-2022-006
• CVE - 2023-28772