Amazon Linux 2023: CVE-2024-46777: Medium priority package update for kernel (Multiple Advisories)

Amazon Linux 2023: CVE-2024-46777: Medium priority package update for kernel (Multiple Advisories)

Severity

5

CVSS

(AV:L/AC:L/Au:S/C:N/I:N/A:C)

Published

09/18/2024

Created

02/14/2025

Added

02/14/2025

Modified

02/14/2025

Description

In the Linux kernel, the following vulnerability has been resolved: udf: Avoid excessive partition lengths Avoid mounting filesystems where the partition would overflow the 32-bits used for block number. Also refuse to mount filesystems where the partition length is so large we cannot safely index bits in a block bitmap.

Solution(s)

• amazon-linux-2023-upgrade-bpftool
• amazon-linux-2023-upgrade-bpftool-debuginfo
• amazon-linux-2023-upgrade-kernel
• amazon-linux-2023-upgrade-kernel-debuginfo
• amazon-linux-2023-upgrade-kernel-debuginfo-common-aarch64
• amazon-linux-2023-upgrade-kernel-debuginfo-common-x86-64
• amazon-linux-2023-upgrade-kernel-devel
• amazon-linux-2023-upgrade-kernel-headers
• amazon-linux-2023-upgrade-kernel-libbpf
• amazon-linux-2023-upgrade-kernel-libbpf-devel
• amazon-linux-2023-upgrade-kernel-libbpf-static
• amazon-linux-2023-upgrade-kernel-livepatch-6-1-111-120-187
• amazon-linux-2023-upgrade-kernel-modules-extra
• amazon-linux-2023-upgrade-kernel-modules-extra-common
• amazon-linux-2023-upgrade-kernel-tools
• amazon-linux-2023-upgrade-kernel-tools-debuginfo
• amazon-linux-2023-upgrade-kernel-tools-devel
• amazon-linux-2023-upgrade-perf
• amazon-linux-2023-upgrade-perf-debuginfo
• amazon-linux-2023-upgrade-python3-perf
• amazon-linux-2023-upgrade-python3-perf-debuginfo

References

• https://attackerkb.com/topics/cve-2024-46777
• CVE - 2024-46777
• https://alas.aws.amazon.com/AL2023/ALAS-2024-724.html
• https://alas.aws.amazon.com/AL2023/ALAS-2024-744.html