<p>Upgrade <code>Amazon-Linux:2</code> <code>kernel-debuginfo</code> to version 0:4.14.291-218.527.amzn2 or higher.<br>This issue was patched in <code>ALAS2-2022-1838</code>.</p>

Information Exposure Affecting kernel-debuginfo package, versions <0:4.14.291-218.527.amzn2

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Snyk ID SNYK-AMZN2-KERNELDEBUGINFO-3042732
published 12 Oct 2022

Report a new vulnerability Found a mistake?

Introduced: 12 Oct 2022

CVE-2022-28693 Open this link in a new tab CWE-200 Open this link in a new tab

How to fix?

Upgrade Amazon-Linux:2 kernel-debuginfo to version 0:4.14.291-218.527.amzn2 or higher.
This issue was patched in ALAS2-2022-1838.

NVD Description

This vulnerability has not been analyzed by NVD yet.

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28693

CVSS Scores

version 3.1

Attack Vector (AV)

Local
Attack Complexity (AC)

High
Privileges Required (PR)

Low
User Interaction (UI)

None

Scope (S)

Unchanged

Confidentiality (C)

High
Integrity (I)

None
Availability (A)

None

Information Exposure Affecting kernel-debuginfo package, versions <0:4.14.291-218.527.amzn2

Severity

Based on Amazon Linux security rating

Introduced: 12 Oct 2022

How to fix?

NVD Description

References

CVSS Scores

Red Hat

SUSE