Amazon Linux 2

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2024-2704 Related CVEs: CVE-2024-52615 CVE-2024-52616 CVE-2023-38473 CVE-2023-38472 CVE-2021-3468 CVE-2023-38469 CVE-2023-38470 CVE-2023-38471  +3 more Upstream summary: avahi: Avahi Wide-Area DNS Uses Constant Source Port (CVE-2024-52615) avahi: Avahi Wide-Area DNS Predictable Transaction […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2024-2714 Related CVEs: CVE-2024-36472 CVE-2019-3820 Upstream summary: In GNOME Shell through 45.7, a portal helper can be launched automatically (without user confirmation) based on network responses provided by an adversary […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2024-2713 Related CVEs: CVE-2024-39134 CVE-2020-18770 CVE-2018-17828 CVE-2018-16548 CVE-2018-6541 CVE-2018-7725 CVE-2018-7726 CVE-2018-7727 Upstream summary: A Stack Buffer Overflow vulnerability in zziplibv 0.13.77 allows attackers to cause a denial of service via […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2024-2700 Related CVEs: CVE-2024-28168 Upstream summary: Improper Restriction of XML External Entity Reference ('XXE') vulnerability in Apache XML Graphics FOP. This issue affects Apache XML Graphics FOP: 2.9. Users are […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2024-2699 Related CVEs: CVE-2024-3651 Upstream summary: python-idna: potential DoS via resource consumption via specially crafted inputs to idna.encode() (CVE-2024-3651) Table of contents Symptom & Impact Environment & Reproduction Root Cause […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2024-2688 Related CVEs: CVE-2020-27545 Upstream summary: A flaw was found in libdwarf. A possible memory leak allows an attacker to input a specially crafted file, leading to a crash. The […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2024-2657 Related CVEs: CVE-2024-45770 CVE-2019-3695 CVE-2019-3696 Upstream summary: A vulnerability was found in Performance Co-Pilot (PCP). This flaw can only be exploited if an attacker has access to a compromised […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2024-2680 Related CVEs: CVE-2024-3651 Upstream summary: python-idna: potential DoS via resource consumption via specially crafted inputs to idna.encode() (CVE-2024-3651) Table of contents Symptom & Impact Environment & Reproduction Root Cause […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2024-2651 Related CVEs: CVE-2024-42934 Upstream summary: openipmi: missing check on the authorization type on incoming LAN messages in IPMI simulator (CVE-2024-42934) Table of contents Symptom & Impact Environment & Reproduction […]