Amazon Linux 2

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2024-2685 Related CVEs: CVE-2023-39128 CVE-2023-39129 CVE-2023-39130 Upstream summary: GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a stack overflow via the function ada_decode at /gdb/ada-lang.c. (CVE-2023-39128) GNU gdb (GDB) 13.0.50.20220805-git […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2024-2551 Related CVEs: CVE-2024-2314 Upstream summary: If kernel headers need to be extracted, bcc will attempt to load them from a temporary directory. An unprivileged attacker could use this to […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2024-2552 Related CVEs: CVE-2024-2313 Upstream summary: If kernel headers need to be extracted, bpftrace will attempt to load them from a temporary directory. An unprivileged attacker could use this to […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2024-2488 Related CVEs: CVE-2020-36774 Upstream summary: plugins/gtk+/glade-gtk-box.c in GNOME Glade before 3.38.1 and 3.39.x before 3.40.0 mishandles widget rebuilding for GladeGtkBox, leading to a denial of service (application crash). (CVE-2020-36774) […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2024-2423 Related CVEs: CVE-2023-46316 Upstream summary: In buc Traceroute 2.0.12 through 2.1.2 before 2.1.3, the wrapper scripts do not properly parse command lines. (CVE-2023-46316) Table of contents Symptom & Impact […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2024-2405 Related CVEs: CVE-2022-31081 Upstream summary: HTTP::Daemon is a simple http server class written in perl. Versions prior to 6.15 are subject to a vulnerability which could potentially be exploited […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2023-2357 Related CVEs: CVE-2023-4156 Upstream summary: A heap out-of-bounds read flaw was found in builtin.c in the gawk package which may result in a crash of the software. (CVE-2023-4156) Table […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2023-2369 Related CVEs: CVE-2021-43618 Upstream summary: A flaw was found in gmp. An integer overflow vulnerability could allow an attacker to input an integer value leading to a crash. The […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2023-2333 Related CVEs: CVE-2018-15173 Upstream summary: Nmap through 7.70, when the -sV option is used, allows remote attackers to cause a denial of service (stack consumption and application crash) via […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2023-2247 Related CVEs: CVE-2023-4641 Upstream summary: A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second […]