Amazon Linux 2023

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2023 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2023-2023-155 Related CVEs: CVE-2022-31622 CVE-2022-31623 CVE-2022-32091 CVE-2022-38791 CVE-2022-47015 CVE-2021-2372 CVE-2021-2389 CVE-2021-35604  +12 more Upstream summary: MariaDB v10.7 was discovered to contain an use-after-poison in in __interceptor_memset at /libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc. (CVE-2022-32091) In […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2023 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2023-2023-153 Related CVEs: CVE-2022-48303 CVE-2023-39804 Upstream summary: GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2023 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2023-2023-105 Related CVEs: CVE-2022-42920 Upstream summary: Apache Commons BCEL has a number of APIs that would normally only allow changing specific class characteristics. However, due to an out-of-bounds writing issue, […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2023 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2023-2023-063 Related CVEs: CVE-2022-24407 Upstream summary: A flaw was found in the SQL plugin shipped with Cyrus SASL. Failure to properly escape the SQL input allows a remote attacker to […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2023 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2023-2023-126 Related CVEs: CVE-2022-3787 CVE-2022-41973 CVE-2022-41974 Upstream summary: A vulnerability was found in the device-mapper-multipath. The device-mapper-multipath allows local users to obtain root access, exploited alone or in conjunction with […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2023 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2023-2023-047 Related CVEs: CVE-2022-1705 CVE-2022-1962 CVE-2022-1996 CVE-2022-24675 CVE-2022-27191 CVE-2022-28131 CVE-2022-28327 CVE-2022-29526  +7 more Upstream summary: 2023-05-11: CVE-2022-1996 has changed status to NOT AFFECTED for this package and has been removed […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2023 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2023-2023-043 Related CVEs: CVE-2022-1271 Upstream summary: An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2023 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2023-2023-107 Related CVEs: CVE-2022-44617 CVE-2022-46285 CVE-2022-4883 CVE-2026-4367 CVE-2023-43786 CVE-2023-43787 CVE-2023-43789 CVE-2023-43788 Upstream summary: A flaw was found in libXpm. When processing a file with width of 0 and a very […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2023 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2023-2023-088 Related CVEs: CVE-2022-3515 Upstream summary: A vulnerability was found in the Libksba library due to an integer overflow within the CRL parser. The vulnerability can be exploited remotely for […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2023 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2023-2023-118 Related CVEs: CVE-2022-3560 Upstream summary: A flaw was found in pesign. The pesign package provides a systemd service used to start the pesign daemon. This service unit runs a […]