Amazon Web Services Latest Security Bulletins

Publication Date: 2025/01/15 10:30AM PST Description: AWS identified two issues in specific versions of native clients for Amazon WorkSpaces, Amazon AppStream 2.0, and Amazon DCV. We have proactively communicated with customers regarding the end of support for these impacted versions. CVE-2025-0500: This issue applies to specific versions of native clients for Amazon WorkSpaces (when running Amazon DCV protocol), Amazon AppStream 2.0, and Amazon DCV, listed below. If leveraged, this issue could allow a bad actor to perform a man-in-the-middle attack, allowing them to access remote WorkSpaces, AppStream, or DCV sessions. We recommend customers upgrade to the versions with the fix to address this issue. Affected versions: Amazon WorkSpaces Windows client 5.20.0 or earlier, macOS client 5.20.0 or earlier, and Linux client 2024.1 or earlier. Amazon AppStream 2.0 Windows client 1.1.1326 or earlier. Amazon DCV Windows client 2023.1.8993 or earlier, macOS client 2023.1.6203 or earlier, and Linux client 2023.1.6203 or earlier for all supported Linux distributions. Resolution: This issue was fixed in specific versions of the Amazon WorkSpaces, Amazon AppStream 2.0, and Amazon DCV clients listed below. Upgrading to these or later versions remediates the issue. Versions with the fix: Amazon WorkSpaces Windows client 5.21.0 or later, macOS client 5.21.0 or later, and Linux client 2024.2 or later. Amazon AppStream 2.0 Windows client 1.1.1332 or later. Amazon DCV Windows client 2023.1.9127 or later, macOS client 2023.1.6703 or later, and Linux client 2023.1.6703 or later for all supported Linux distributions. CVE-2025-0501: The issue applies to specific versions of native clients for Amazon WorkSpaces (when running Amazon PCoIP protocol), listed below. If leveraged, this issue could allow a bad actor to perform a man-in-the-middle attack, allowing them to access remote WorkSpaces sessions. We recommend customers upgrade to the versions with the fix to address this issue. Affected versions: Amazon WorkSpaces Windows client 5.22.0 or earlier, macOS client 5.22.0 or earlier, Linux client 2024.5 or earlier, and Android client 5.0.0 or earlier. Resolution: This issue was fixed in specific versions of the Amazon WorkSpaces clients listed below. Upgrading to these or later versions remediates the issue. Versions with the fix: Amazon WorkSpaces Windows client 5.22.1 or later, macOS client 5.22.1 or later, Linux client 2024.6 or later, and Android client 5.0.1 or later. References: CVE-2025-0500 CVE-2025-0501 Please email aws-security@amazon.com with any security questions or concerns.

Publication Date: 2024/12/24 10:00AM PST AWS has identified the following issues within the Amazon Redshift JDBC Driver, Amazon Redshift Python Connector, and Amazon Redshift ODBC Driver. On December 23, 2024, we released a fix and recommend customers upgrade to the latest version to address these issues. The Amazon Redshift JDBC Driver, version 2.1.0.31, is affected by CVE-2024-12744, a SQL injection issue when utilizing the getSchemas, getTables, or getColumns Metadata APIs. This issue has been addressed in driver version 2.1.0.32. We recommend customers upgrade to the driver version 2.1.0.32 or revert to driver version 2.1.0.30. The Amazon Redshift Python Connector, version 2.1.4, is affected by CVE-2024-12745, a SQL injection issue when utilizing the get_schemas, get_tables, or get_columns Metadata APIs. This issue has been addressed in driver version 2.1.5. We recommend customers upgrade to the driver version 2.1.5 or revert to driver version 2.1.3. The Amazon Redshift ODBC Driver, version v2.1.5.0 (Windows or Linux), is affected by CVE-2024-12746, a SQL injection issue when utilizing the SQLTables or SQLColumns Metadata APIs. This issue has been addressed in driver version 2.1.6.0. We recommend customers upgrade to the driver version 2.1.6.0 or revert to driver version 2.1.4.0. Affected versions: Amazon Redshift JDBC Driver, version 2.1.0.31; Amazon Redshift Python Connector, version 2.1.4; Amazon Redshift ODBC Driver, version v2.1.5.0.   Resolution: Users of the Amazon Redshift JDBC Driver should upgrade to the driver version 2.1.0.32 or revert to driver version 2.1.0.30. Users of the Amazon Redshift Python Connector are recommended to upgrade to the driver version 2.1.5 or revert to driver version 2.1.3. Users of the Amazon Redshift ODBC Driver are recommended to upgrade to the driver version 2.1.6.0 or revert to driver version 2.1.4.0.   References: CVE-2024-12744 GitHub Security Advisory CVE-2024-12745 GitHub Security Advisory CVE-2024-12746 GitHub Security Advisory Please email aws-security@amazon.com with any security questions or concerns.

Publication Date: 2024/12/11 2:00PM PST AWS is aware of CVE-2022-1471 in SnakeYaml software, included in DynamoDB local jar and Docker distributions from version 1.21 and version 2.0. If leveraged, this issue could allow an actor to perform remote code execution using the SnakeYaml’s Constructor(), as the software does not restrict the types that can be instantiated during deserialization. AWS has found no evidence that this issue has been leveraged, however, customers should still take action. On November 6, 2024, we released a fix for this issue. Customers should upgrade DynamoDB local to the latest version: v1.25.1 and above, or 2.5.3 and above. Please email aws-security@amazon.com with any security questions or concerns.

Publication Date: 2024/11/8 4:00 PM PDT Data.all is an open source development framework to help customers build a data marketplace on AWS. We have identified the following issues within data.all version 1.0.0 through 2.6.0. On November 8, 2024, we released a fix and recommend customers upgrade to version 2.6.1 or later and ensure any forked or derivative code are patched to incorporate the new fixes. CVE-2024-52311 relates to an issue where data.all does not invalidate authentication token upon user logout. CVE-2024-52312 relates to an issue where data.all authenticated users can perform restricted operations against DataSets and Environments. CVE-2024-52313 relates to an issue where data.all authenticated users can obtain incorrect object level authorizations. CVE-2024-52314 relates to an issue where data.all admin user may access potentially sensitive data stored by producers via logs. CVE-2024-10953 relates to an issue where data.all authenticated users can perform mutating update operations on persisted notification records. References: CVE-2024-52311 GitHub Security Advisory CVE-2024-52312 GitHub Security Advisory CVE-2024-52313 GitHub Security Advisory CVE-2024-52314 GitHub Security Advisory CVE-2024-10953 GitHub Security Advisory   Please email aws-security@amazon.com with any security questions or concerns.

Publication Date: 2024/10/21 4:00 PM PDT The AWS ALB Route Directive Adapter For Istio repo provides an OIDC authentication mechanism that was integrated into the open source Kubeflow project. The adapter uses JWT for authentication, but lacks proper signer and issuer validation. In deployments of ALB that ignore security best practices, where ALB targets are directly exposed to internet traffic, an actor can provide a JWT signed by an untrusted entity in order to spoof OIDC-federated sessions and successfully bypass authentication. Affected versions: v1.0, v1.1 Resolution The repository/package has been deprecated, is End of Life, and is no longer actively supported. Workarounds As a security best practice, ensure that your ELB targets (e.g. EC2 Instances, Fargate Tasks etc.) do not have public IP addresses. Ensure any forked or derivative code validate that the signer attribute in the JWT match the ARN of the Application Load Balancer that the service is configured to use. References ALB Documentation specifically “To ensure security, you must verify the signature before doing any authorization based on the claims and validate that the signer field in the JWT header contains the expected Application Load Balancer ARN.” Python example GitHub Security Advisory CVE-2024-8901 We would like to thank Miggo Security for collaborating on this issue through the coordinated disclosure process. Please email aws-security@amazon.com with any security questions or concerns.

Publication Date: 2024/10/21 4:00 PM PDT Description: The Amazon.ApplicationLoadBalancer.Identity.AspNetCore repo contains Middleware that can be used in conjunction with the Application Load Balancer (ALB) OpenId Connect integration and can be used in any ASP.NET Core deployment scenario, including AWS Fargate, Amazon Elastic Kubernetes Service (Amazon EKS), Amazon Elastic Container Service (Amazon ECS), Amazon Elastic Compute Cloud (Amazon EC2), and AWS Lambda. In the JWT handling code, it performs signature validation but fails to validate the JWT issuer and signer identity. The signer omission, if combined with a scenario where the infrastructure owner allows internet traffic to the ALB targets (not a recommended configuration), can allow for JWT signing by an untrusted entity and an actor may be able to mimic valid OIDC-federated sessions to the ALB targets. Affected versions: all versions Resolution The repository/package has been deprecated, is End of Life, and is no longer actively supported. Workarounds As a security best practice, ensure that your ELB targets (e.g. EC2 Instances, Fargate Tasks etc.) do not have public IP addresses. Ensure any forked or derivative code validate that the signer attribute in the JWT match the ARN of the Application Load Balancer that the service is configured to use. References ALB Documentation specifically “To ensure security, you must verify the signature before doing any authorization based on the claims and validate that the signer field in the JWT header contains the expected Application Load Balancer ARN.” Python example GitHub Security Advisory CVE-2024-10125 We would like to thank Miggo Security for collaborating on this issue through the coordinated disclosure process. Please email aws-security@amazon.com with any security questions or concerns.

Publication Date: 2024/10/01 6:35 PM PDT AWS is aware of CVE-2024-0132 and CVE-2024-0133, issues affecting the NVIDIA container toolkit 1.16. At this time, the following services require customer action. If we become aware of additional impact, we will update this bulletin. Amazon Elastic Container Service (Amazon ECS) Amazon ECS has released updated ECS GPU-optimized Amazon Machine Images (AMIs) with the patched NVIDIA container toolkit v1.16.2. We recommend that ECS customers update to these AMIs (or the latest available). Additional information on the ECS-optimized AMI is available at in our “Amazon ECS-optimized Linux AMIs” developer guide. Amazon Elastic Kubernetes Service (Amazon EKS) Amazon EKS has released updated EKS GPU-optimized Amazon Machine Images (AMIs) version v20240928 with the patched NVIDIA container toolkit v1.16.2. Customers using Managed node groups can upgrade their node groups by referring to the EKS documentation. Customers using Karpenter can update their nodes by following the documentation on drift or AMI selection. Customers using self-managing worker nodes can replace existing nodes by referring to the EKS documentation. Bottlerocket Amazon has released Bottlerocket 1.24.0, which includes the patched NVIDIA container toolkit v1.16.2, and recommend customers using Bottlerocket apply this update or a newer version. Further information will be posted in the Bottlerocket Security Advisories and the Bottlerocket Release Notes. If you have any questions or comments about this advisory, we ask that you contact AWS/Amazon Security via our vulnerability reporting page or directly via email to aws-security@amazon.com.

Publication Date: 2024/07/16 3:30 PM PDT AWS is aware of CVE-2024-30164 and CVE-2024-30165 in AWS Client VPN. These issues could potentially allow an actor with access to an end user’s device to escalate to root privilege and execute arbitrary commands on that device. We addressed these issues on all platforms. Customers using AWS Client VPN should upgrade to version 3.11.1 or higher for Windows, 3.9.2 or higher for MacOS, and 3.12.1 or higher for Linux. For additional information on configuring AWS Client VPN to meet your security and compliance requirements, please refer to our “Security in AWS Client VPN” user guide. We would like to thank Robinhood for collaborating on this issue through the coordinated vulnerability disclosure process. Security-related questions or concerns can be brought to our attention via aws-security@amazon.com.

Publication Date: 2024/07/18 2:50 PM PDT AWS is aware of the issues described in CVE-2024-35198 and CVE-2024-35199 in PyTorch TorchServe versions 0.3.0 to 0.10.0. Customers using PyTorch inference Deep Learning Containers (DLC) through Amazon SageMaker are not affected. CVE-2024-35198 does not prevent a model from being downloaded into the model store if the URL contains characters such as “..” when TorchServe model registration API is called. Customers using PyTorch inference Deep Learning Containers (DLC) through Amazon SageMaker and Amazon Elastic Kubernetes Service (Amazon EKS) are not affected by this issue. CVE-2024-35199 does not bind two gRPC ports 7070 and 7071 to localhost by default. These two interfaces are bound to all interfaces when TorchServe is natively launched without Docker container. Customers using PyTorch inference Deep Learning Containers (DLC) are not affected by this issue. TorchServe version v0.11.0 resolves these two issues. Customers can use the following new image tags to pull DLCs that ship with patched TorchServe version 0.11.0. Alternatively, customers can upgrade to the latest version of TorchServe. PyTorch 2.2 https://github.com/aws/deep-learning-containers/releases/tag/v1.10-pt-ec2-2.2.0-inf-py310 https://github.com/aws/deep-learning-containers/releases/tag/v1.10-pt-sagemaker-2.2.0-inf-py310 https://github.com/aws/deep-learning-containers/releases/tag/v1.6-pt-graviton-ec2-2.2.1-inf-cpu-py310 https://github.com/aws/deep-learning-containers/releases/tag/v1.6-pt-graviton-sagemaker-2.2.1-inf-cpu-py310 PyTorch 2.1 https://github.com/aws/deep-learning-containers/releases/tag/v1.7-pt-ec2-2.1.0-inf-py310 https://github.com/aws/deep-learning-containers/releases/tag/v1.8-pt-sagemaker-2.1.0-inf-py310 https://github.com/aws/deep-learning-containers/releases/tag/v1.5-pt-graviton-ec2-2.1.0-inf-cpu-py310 https://github.com/aws/deep-learning-containers/releases/tag/v1.5-pt-graviton-sagemaker-2.1.0-inf-cpu-py310 PyTorch 1.13 https://github.com/aws/deep-learning-containers/releases/tag/v1.21-pt-sagemaker-1.13.1-inf-cpu-py39 https://github.com/aws/deep-learning-containers/releases/tag/v1.19-pt-ec2-1.13.1-inf-py39 The full DLC image URI details can be found at: https://github.com/aws/deep-learning-containers/blob/master/available_images.md#available-deep-learning-containers-images. We would like to thank Kroll Cyber Risk for collaborating on this issue through the coordinated vulnerability disclosure process. If you have any questions or comments about this advisory, we ask that you contact AWS/Amazon Security via our vulnerability reporting page or directly via email to aws-security@amazon.com. Please do not create a public GitHub issue.