AWS Security ChangesHomeSearch

AWS res high security documentation change

Service: res · 2025-07-19 · Security-related high

File: res/archive/release-minus-4/ug/res-troubleshooting-known-issues.md

Summary

Updated list of known issues, including fixes for AD group name regex failures, IAM permission boundary misconfigurations, invalid bastion host keys, LDAP injection vulnerabilities (CVE-2024-XXXX), and other operational bugs. Removed outdated issues and added detailed mitigation steps for security-related patches.

Security assessment

The changes document concrete security fixes: 1) LDAP injection vulnerability (CVE-2024-XXXX) requiring regex pattern updates to prevent query manipulation (high severity). 2) IAM permission boundaries not being attached to VDI roles, risking privilege escalation (medium severity). 3) Invalid private keys for bastion host access, which could enable unauthorized access if improperly formatted (low severity). These updates provide mitigation steps for security-critical issues.

Diff