Linux 2.6 Kernel Vulnerability in Certain EC2 AMIs
November 05, 2009
Update: This vulnerability is fixed in the latest version of Amazon Linux. The current Amazon Linux AMI IDs can be found here: http://aws.amazon.com/amazon-linux-ami/. For more information on security advisories specific to Amazon Linux, please visit the Amazon Linux AMI Security Center: http://aws.amazon.com/amazon-linux-ami/security-bulletins/.
A local privilege escalation vulnerability has been reported for most versions of the Linux 2.6 kernel. We are investigating and will update this bulletin with next steps.