Read our latest security bulletins here.
  1. Issue with PyTorch TorchServe - CVE-2024-35198, CVE-2024-35199

    Publication Date: 2024/07/18 2:50 PM PDT

    AWS is aware of the issues described in CVE-2024-35198 and CVE-2024-35199 in PyTorch TorchServe versions 0.3.0 to 0.10.0. Customers using PyTorch inference Deep Learning Containers (DLC) through Amazon SageMaker are not affected.

    CVE-2024-35198 does not prevent a model from being downloaded into the model store if the URL contains characters such as ".." when TorchServe model registration API is called. Customers using PyTorch inference Deep Learning Containers (DLC) through Amazon SageMaker and Amazon Elastic Kubernetes Service (Amazon EKS) are not affected by this issue.

    CVE-2024-35199 does not bind two gRPC ports 7070 and 7071 to localhost by default. These two interfaces are bound to all interfaces when TorchServe is natively launched without Docker container. Customers using PyTorch inference Deep Learning Containers (DLC) are not affected by this issue.

    TorchServe version v0.11.0 resolves these two issues.

    Customers can use the following new image tags to pull DLCs that ship with patched TorchServe version 0.11.0. Alternatively, customers can upgrade to the latest version of TorchServe.

    PyTorch 2.2

    PyTorch 2.1

    PyTorch 1.13

    The full DLC image URI details can be found at: https://github.com/aws/deep-learning-containers/blob/master/available_images.md#available-deep-learning-containers-images.

    We would like to thank Kroll Cyber Risk for collaborating on this issue through the coordinated vulnerability disclosure process.

    If you have any questions or comments about this advisory, we ask that you contact AWS/Amazon Security via our vulnerability reporting page or directly via email to aws-security@amazon.com. Please do not create a public GitHub issue.

  2. Issue with AWS Client VPN - CVE-2024-30164, CVE-2024-30165

    Publication Date: 2024/07/16 3:30 PM PDT

    AWS is aware of CVE-2024-30164 and CVE-2024-30165 in AWS Client VPN. These issues could potentially allow an actor with access to an end user's device to escalate to root privilege and execute arbitrary commands on that device. We addressed these issues on all platforms. Customers using AWS Client VPN should upgrade to version 3.11.1 or higher for Windows, 3.9.2 or higher for MacOS, and 3.12.1 or higher for Linux.

    For additional information on configuring AWS Client VPN to meet your security and compliance requirements, please refer to our "Security in AWS Client VPN" user guide.

    We would like to thank Robinhood for collaborating on this issue through the coordinated vulnerability disclosure process.

    Security-related questions or concerns can be brought to our attention via aws-security@amazon.com.

  3. Issue With IAM Supporting Multiple MFA Devices

    Initial Publication Date: 04/25/2023 10:00AM EST

    A security researcher recently reported an issue with AWS’s recently-released (November 16th, 2022) support for multiple multi-factor authentication (MFA) devices for IAM user principals. The reported issue could have potentially arisen only when the following three conditions were met: (1) An IAM user had possession of long-term access key (AK)/secret key (SK) credentials, (2) that IAM user had the privilege to add an MFA to their own identity without using an MFA, and (3) that IAM user’s overall access privileges beyond console sign-in had been configured by an administrator to be greater after adding the MFA. Under those narrow conditions, possession of AK/SK alone was equivalent to possession of AK/SK and a previously configured MFA.

    While IAM users with the ability to add or delete an MFA device associated with their own identity have always been able to do so solely with AK/SK credentials, an issue arose when the new feature was combined with the self-management by IAM users of their own MFA devices, with restricted access prior to an MFA being added by the user. This self-management pattern was documented here, and that page included a sample IAM policy for implementing the pattern. The combination of the new multi-MFA feature created an inconsistency with that approach. Given the new feature, a user with only AK/SK credentials could add an additional MFA without using a previously-configured MFA, thus allowing possession of AK/SK alone without a previously configured MFA to potentially gain broader access than expected by customers using the sample policy.

    This issue did not affect AWS Management Console-based access, since an existing MFA is always required at sign-in. Nor did it affect federated principals, who manage MFA through their identity provider.

    As of April 21, 2023, the identified issue has been remediated by requiring that IAM users who already have one or more MFAs and who use AK/SK credentials to manage their own MFA devices to first use sts:GetSessionToken and an existing MFA to obtain MFA-enabled temporary credentials to sign their CLI commands or API requests prior to enabling or disabling MFA devices for themselves. We have directly notified a very small number of customers via their Personal Health Dashboard who had previously associated an additional MFA device using a mechanism other than the AWS Management Console. We recommended that those notified customers confirm the correctness of their MFA configurations. No further customer action is required.

    We would like to thank researchers at MWR Cybersec for identifying and responsibly disclosing this issue to AWS. Security-related questions or concerns can be brought to our attention via aws-security@amazon.com.

  4. CVE-2024-28056

    Publication Date: 2024/04/15 07:00 AM PST

    AWS is aware of CVE-2024-28056, which affects Amplify CLI versions prior to 12.10.1 and Amplify Studio, which uses Amplify CLI. We released a fix to Amplify CLI on January 10, 2024 that also fixed Amplify Studio, and recommend customers upgrade to Amplify CLI 12.10.1 or higher to address this issue. We have proactively communicated with the customers using affected versions.

    AWS has taken two additional steps to protect customers using Amplify from unintentional misconfigurations. First, AWS added a mitigation to the AWS Security Token Service (STS) where attempts to make a cross-account role assumption with a trust policy referencing Amazon Cognito as the trusted principal, without conditions to scope down access to specific Amazon Cognito Identity Pools using the aud claim, will fail. As a result, cross-account access will no longer be possible with policies created by earlier unpatched versions of Amplify. Second, AWS added a mitigation to the AWS Identity and Access Management (IAM) control plane such that any attempt to create a role trust policy that references Amazon Cognito as the trusted principal, without adding conditions restricting access, will fail.  

    We would like to thank Datadog for responsibly disclosing this issue to AWS.

    Please email aws-security@amazon.com with any security questions or concerns.

  5. CVE-2024-3094

    Publication Date: 2024/03/29 12:30 PM PST
    CVE Identifier: CVE-2024-3094

    AWS is aware of CVE-2024-3094, which affects versions 5.6.0 and 5.6.1 of the xz-utils package. This issue may attempt to introduce security issues in openssh through the use of liblzma within some operating system environments. Amazon Linux customers are not affected by this issue, and no action is required. AWS infrastructure and services do not utilize the affected software and are not impacted. Users of Bottlerocket are not affected.

    Customers using other operating systems are advised to refer to information provided by the OS vendor to address any concerns originating from this reported issue.

    Security-related questions or concerns can be brought to our attention via aws-security@amazon.com.