Amazon Linux 2023: CVE-2024-46865: Important priority package update for kernel (Multiple Advisories)

Amazon Linux 2023: CVE-2024-46865: Important priority package update for kernel (Multiple Advisories)

Severity

5

CVSS

(AV:L/AC:L/Au:S/C:N/I:N/A:C)

Published

09/27/2024

Created

02/14/2025

Added

02/14/2025

Modified

02/14/2025

Description

In the Linux kernel, the following vulnerability has been resolved: fou: fix initialization of grc The grc must be initialize first. There can be a condition where if fou is NULL, goto out will be executed and grc would be used uninitialized.

Solution(s)

• amazon-linux-2023-upgrade-bpftool
• amazon-linux-2023-upgrade-bpftool-debuginfo
• amazon-linux-2023-upgrade-kernel
• amazon-linux-2023-upgrade-kernel-debuginfo
• amazon-linux-2023-upgrade-kernel-debuginfo-common-aarch64
• amazon-linux-2023-upgrade-kernel-debuginfo-common-x86-64
• amazon-linux-2023-upgrade-kernel-devel
• amazon-linux-2023-upgrade-kernel-headers
• amazon-linux-2023-upgrade-kernel-libbpf
• amazon-linux-2023-upgrade-kernel-libbpf-devel
• amazon-linux-2023-upgrade-kernel-libbpf-static
• amazon-linux-2023-upgrade-kernel-livepatch-6-1-111-120-187
• amazon-linux-2023-upgrade-kernel-modules-extra
• amazon-linux-2023-upgrade-kernel-modules-extra-common
• amazon-linux-2023-upgrade-kernel-tools
• amazon-linux-2023-upgrade-kernel-tools-debuginfo
• amazon-linux-2023-upgrade-kernel-tools-devel
• amazon-linux-2023-upgrade-perf
• amazon-linux-2023-upgrade-perf-debuginfo
• amazon-linux-2023-upgrade-python3-perf
• amazon-linux-2023-upgrade-python3-perf-debuginfo

References

• https://attackerkb.com/topics/cve-2024-46865
• CVE - 2024-46865
• https://alas.aws.amazon.com/AL2023/ALAS-2024-744.html
• https://alas.aws.amazon.com/AL2023/ALAS-2024-755.html