Amazon Linux 2023

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2023 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2023-2024-621 Related CVEs: CVE-2024-3652 CVE-2024-2357 Upstream summary: The Libreswan Project was notified of an issue causing libreswan to restart when using IKEv1 without specifying an esp= line. When the peer […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2023 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2023-2024-614 Related CVEs: CVE-2024-21506 CVE-2024-5629 Upstream summary: Versions of the package pymongo before 4.6.3 are vulnerable to Out-of-bounds Read in the bson module. Using the crafted payload the attacker could […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2023 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2023-2024-579 Related CVEs: CVE-2024-2002 CVE-2024-31745 CVE-2022-39170 Upstream summary: In a multiply-corrupted DWARF object libdwarf may try to dealloc(free) an allocation twice. Results are unpredictable and various. This has been a […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2023 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2023-2024-580 Related CVEs: CVE-2023-5992 CVE-2024-1454 CVE-2023-40660 CVE-2023-40661 CVE-2023-4535 CVE-2023-2977 CVE-2024-45615 CVE-2024-45616  +6 more Upstream summary: A vulnerability was found in OpenSC where PKCS#1 encryption padding removal is not implemented as […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2023 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2023-2024-573 Related CVEs: CVE-2017-7500 CVE-2017-7501 CVE-2021-35937 CVE-2021-35938 CVE-2021-35939 Upstream summary: A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to bypass the checks […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2023 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2023-2024-540 Related CVEs: CVE-2024-24806 Upstream summary: libuv is a multi-platform support library with a focus on asynchronous I/O. The `uv_getaddrinfo` function in `src/unix/getaddrinfo.c` (and its windows counterpart `src/win/getaddrinfo.c`), truncates hostnames […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2023 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2023-2024-527 Related CVEs: CVE-2023-46045 Upstream summary: buffer overflow via a crafted config6a file NOTE: Crosses no security boundary, config files are under local control NOTE: https://gitlab.com/graphviz/graphviz/-/issues/2441 NOTE: Introduced by: https://gitlab.com/graphviz/graphviz/-/commit/cf95714837f06f684929b54659523c2c9b1fc19f […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2023 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2023-2024-533 Related CVEs: CVE-2021-45985 CVE-2022-33099 Upstream summary: In Lua 5.4.3, an erroneous finalizer called during a tail call leads to a heap-based buffer over-read. (CVE-2021-45985) An issue in the component […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2023 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2023-2024-535 Related CVEs: CVE-2021-38165 Upstream summary: Lynx through 2.8.9 mishandles the userinfo subcomponent of a URI, which allows remote attackers to discover cleartext credentials because they may appear in SNI […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2023 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2023-2024-509 Related CVEs: CVE-2023-7008 CVE-2021-3997 CVE-2022-4415 CVE-2022-45873 Upstream summary: systemd-resolved accepts records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles (or the upstream DNS resolver) to manipulate […]