<!doctype html>
<html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
        <title>ALAS-2018-939</title>
        <link rel='icon' type='image/x-icon' href='../static/favicon.ico' />
<link rel="stylesheet" href="../static/bootstrap.min.css" type='text/css' media='print, projection, screen' >
<link rel='stylesheet' href='../static/blue_style.css' type='text/css' media='print, projection, screen' />
<link rel='stylesheet' href='../static/fontawesome.css' type='text/css' media='print, projection, screen' />
<link rel='stylesheet' href='../static/style.css' type='text/css' media='print, projection, screen' />
<script type='text/javascript' src='../static/jquery.min.js'></script>
<script type='text/javascript' src='../static/jquery.tablesorter.min.js'></script>
<script type="text/javascript" src="../static/index.js"></script>

<!--Add constant cookie banner on this page-->
<script type = 'text/javascript'>
    var shortbread = AWSCShortbread();
    shortbread.checkForCookieConsent();
    function customize() {
        shortbread.customizeCookies();
    }
</script>

<style>
    a{text-decoration: none; color: #0073BB}
    a:visited{color: #0073BB}
    .Site {
        display: flex;
        display: -webkit-flex; /* Safari */
        min-height: 100vh;
        flex-direction: column;
    }
    .Site-content {
        flex: 1;
    }
</style>
    </head>
    <body class="Site">
        <main class="Site-content">
            <div class="container">
                <nav class="navbar navbar-fixed-top navbar-inverse" style="background-color: #000000" id="bs-navbar">
    <a style="font-size: 20px; color: #FF9900" class="navbar-brand" href="/"><b>Amazon Linux Security Center</b></a>
    <ul class="nav navbar-nav navbar-right" style="color: #ff9900">
    <li style="background-color: #333333;"> <a style="color: #FFFFFF" href="/">Amazon Linux</a> </li><li style="background-color: #FF9900;"> <a style="color: #000000" href="/alas2.html">Amazon Linux 2</a> </li><li style="background-color: #333333;"> <a style="color: #FFFFFF" href="/alas2022.html">Amazon Linux 2022</a> </li><li style="background-color: #333333;"> <a style="color: #FFFFFF" href="/announcements.html">Announcements</a> </li>
    </ul>
</nav>
            </div>
            <div style='min-height: 523px; margin-top:80px;' class='nine columns content-with-nav' role='main'>
                <section>
                    <div class='title'>
                        <h1 id=''>ALAS-2018-939</h1>
                    </div>

                    <div class='text'>
                        <hr class='mid-pad'>
                        <span class='alas-info'>

                            <b>Amazon Linux 2 Security Advisory:</b> ALAS-2018-939

                        </span><br />
                        <span class='alas-info'><b>Advisory Release Date:</b> 2018-01-11 21:05 Pacific</span><br />
                        <span class='alas-info'><b>Advisory Updated Date:</b> 2018-01-16 01:28 Pacific</span><br />

                        <div id='severity' class='alas-info'>
                            <b>Severity:</b>
                            <span class='date'>
                                <span class='bulletin-type'>
                                    <i class='fas fa-exclamation-triangle'></i>
                                </span>
                            </span>
                            Critical<br />
                        </div>

                        <div id='references'>
                            <b>References:</b>
                            <a href='/cve/html/CVE-2017-5715.html' target='_blank'>CVE-2017-5715&nbsp;<i class="fas fa-external-link-alt"></i></a>
                            <a href='/cve/html/CVE-2017-5754.html' target='_blank'>CVE-2017-5754&nbsp;<i class="fas fa-external-link-alt"></i></a>
                            <br />
                        </div>

                        <hr class='mid-pad'>
                        <div id='issue_overview'>
                            <b>Issue Overview:</b>
                            <p>An updated kernel release for Amazon Linux has been made available which prevents speculative execution of indirect branches within the kernel. This release incorporates latest stable open source Linux security improvements to address CVE-2017-5715 within the kernel and builds upon previously incorporated Kernel Page Table Isolation (KPTI) that addressed CVE-2017-5754. Customers must upgrade to the latest Amazon Linux kernel or AMI to effectively mitigate the impact of both CVE-2017-5754 and CVE-2017-5715 on MMU privilege separation (kernel mode vs. user mode) within their instance. <br /> <br />Customers with existing Amazon Linux AMI instances should run the following command to ensure they receive the updated package:<br /> <br />&lt;i&gt;sudo yum update kernel&lt;/i&gt;<br /> <br />As is standard per any update of the Linux kernel, after the yum update is complete, a reboot is required for updates to take effect.</p><p>Please refer to https://aws.amazon.com/security/security-bulletins/AWS-2018-013/ for additional information regarding CVE-2017-5754.</p><p>Updated on 2018-01-06: Additional KPTI improvements.<br />Updated on 2018-01-09: Updated details<br />Updated on 2018-01-13: Additional fixes for CVE-2017-5715</p>
                        </div>

                        <div id='affected_packages' class='alas-info'>
                            <br />
                            <b>Affected Packages:</b>
                            <br />
                            <p>kernel</p>
                        </div>

                        <div id='issue_correction'>
                            <br />
                            <b>Issue Correction:</b>
                            <br />Run <i>yum update kernel</i> to update your system. You will need to reboot your system in order for the new kernel to be running. </div>
                        <br />
                        <div id='new_packages'>
                            <b>New Packages:</b><pre>noarch:<br />&nbsp;&nbsp;&nbsp; kernel-doc-4.9.76-38.79.amzn2.noarch<br /><br />src:<br />&nbsp;&nbsp;&nbsp; kernel-4.9.76-38.79.amzn2.src<br /><br />x86_64:<br />&nbsp;&nbsp;&nbsp; kernel-4.9.76-38.79.amzn2.x86_64<br />&nbsp;&nbsp;&nbsp; kernel-headers-4.9.76-38.79.amzn2.x86_64<br />&nbsp;&nbsp;&nbsp; kernel-debuginfo-common-x86_64-4.9.76-38.79.amzn2.x86_64<br />&nbsp;&nbsp;&nbsp; perf-4.9.76-38.79.amzn2.x86_64<br />&nbsp;&nbsp;&nbsp; perf-debuginfo-4.9.76-38.79.amzn2.x86_64<br />&nbsp;&nbsp;&nbsp; python-perf-4.9.76-38.79.amzn2.x86_64<br />&nbsp;&nbsp;&nbsp; python-perf-debuginfo-4.9.76-38.79.amzn2.x86_64<br />&nbsp;&nbsp;&nbsp; kernel-tools-4.9.76-38.79.amzn2.x86_64<br />&nbsp;&nbsp;&nbsp; kernel-tools-devel-4.9.76-38.79.amzn2.x86_64<br />&nbsp;&nbsp;&nbsp; kernel-tools-debuginfo-4.9.76-38.79.amzn2.x86_64<br />&nbsp;&nbsp;&nbsp; kernel-devel-4.9.76-38.79.amzn2.x86_64<br />&nbsp;&nbsp;&nbsp; kernel-debuginfo-4.9.76-38.79.amzn2.x86_64<br /><br /></pre></div>
                    </div>
                    <div style="flex:1; margin-bottom: 40px;" class="links-container">
                        <h3 class="section-heading">Additional References</h3>
                        <p>
                            Red Hat:&nbsp;<a style="margin-bottom: 40px;" href="https://access.redhat.com/security/cve/CVE-2017-5715" target="_blank" rel="noopener noreferrer">CVE-2017-5715</a>,
                            <a style="margin-bottom: 40px;" href="https://access.redhat.com/security/cve/CVE-2017-5754" target="_blank" rel="noopener noreferrer">CVE-2017-5754</a></p>
                        <p>
                            Mitre:&nbsp;<a style="margin-bottom: 40px;" href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5715" target="_blank" rel="noopener noreferrer">CVE-2017-5715</a>,
                            <a style="margin-bottom: 40px;" href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5754" target="_blank" rel="noopener noreferrer">CVE-2017-5754</a></p>
                    </div>
                </section>
            </div>
        </main>
        <footer style="padding-left: 30px; padding-right: 30px;"><p style="color: #687078">
      CVE description copyright &#169 2021
      <a href="https://cve.mitre.org/about/termsofuse.html" target="_blank" rel="noopener noreferrer">The MITRE Corporation</a>
    </p>
    <p style="color: #687078">
      CVE description copyright &#169 2021 Red Hat, Inc. Per
      <a href="https://access.redhat.com/security/data" target="_blank" rel="noopener noreferrer">https://access.redhat.com/security/data</a>,
      RedHat's CVE report is licensed under
      <a href="https://creativecommons.org/licenses/by/4.0/" target="_blank" rel="noopener noreferrer">CC BY 4.0</a>.
    </p>
</footer>
        <footer style="padding-left: 30px; padding-right: 30px;"><p>
        <a href="https://aws.amazon.com/privacy/" target="_blank" rel="noopener noreferrer">Privacy</a> |
        <a href="https://aws.amazon.com/terms/" target="_blank" rel="noopener noreferrer">Site terms</a> |
        <a href="#" onclick="customize()">Cookie preferences</a> |
        <span style="color: #687078">&#169 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.</span>
    </p>
</footer>
    </body>
</html>
