Amazon Linux 2 Security Advisory: ALAS-2025-2826
Advisory Release Date: 2025-04-09 19:45 Pacific
Advisory Updated Date: 2025-04-16 12:29 Pacific
FAQs regarding Amazon Linux ALAS/CVE Severity
In the Linux kernel, the following vulnerability has been resolved:
block, bfq: don't move oom_bfqq (CVE-2022-49179)
In the Linux kernel, the following vulnerability has been resolved:
macsec: fix UAF bug for real_dev (CVE-2022-49390)
In the Linux kernel, the following vulnerability has been resolved:
block: Fix handling of offline queues in blk_mq_alloc_request_hctx() (CVE-2022-49720)
In the Linux kernel, the following vulnerability has been resolved:
ext4: aovid use-after-free in ext4_ext_insert_extent() (CVE-2024-49883)
In the Linux kernel, the following vulnerability has been resolved:
slip: make slhc_remember() more robust against malicious packets (CVE-2024-50033)
In the Linux kernel, the following vulnerability has been resolved:
net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT (CVE-2024-53057)
In the Linux kernel, the following vulnerability has been resolved:
hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer (CVE-2024-53103)
In the Linux kernel, the following vulnerability has been resolved:
netfilter: x_tables: fix LED ID check in led_tg_check() (CVE-2024-56650)
In the Linux kernel, the following vulnerability has been resolved:
net: defer final 'struct net' free in netns dismantle (CVE-2024-56658)
In the Linux kernel, the following vulnerability has been resolved:
pps: Fix a use-after-free (CVE-2024-57979)
In the Linux kernel, the following vulnerability has been resolved:
nbd: don't allow reconnect after disconnect (CVE-2025-21731)
In the Linux kernel, the following vulnerability has been resolved:
btrfs: fix use-after-free when attempting to join an aborted transaction (CVE-2025-21753)
In the Linux kernel, the following vulnerability has been resolved:
ndisc: extend RCU protection in ndisc_send_skb() (CVE-2025-21760)
In the Linux kernel, the following vulnerability has been resolved:
arp: use RCU protection in arp_xmit() (CVE-2025-21762)
In the Linux kernel, the following vulnerability has been resolved:
ndisc: use RCU protection in ndisc_alloc_skb() (CVE-2025-21764)
Affected Packages:
kernel
Note:
This advisory is applicable to Amazon Linux 2 (AL2) Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories.
Issue Correction:
Run yum update kernel to update your system.
System reboot is required in order to complete this update.
aarch64:
kernel-4.14.355-276.618.amzn2.aarch64
kernel-headers-4.14.355-276.618.amzn2.aarch64
kernel-debuginfo-common-aarch64-4.14.355-276.618.amzn2.aarch64
perf-4.14.355-276.618.amzn2.aarch64
perf-debuginfo-4.14.355-276.618.amzn2.aarch64
python-perf-4.14.355-276.618.amzn2.aarch64
python-perf-debuginfo-4.14.355-276.618.amzn2.aarch64
kernel-tools-4.14.355-276.618.amzn2.aarch64
kernel-tools-devel-4.14.355-276.618.amzn2.aarch64
kernel-tools-debuginfo-4.14.355-276.618.amzn2.aarch64
kernel-devel-4.14.355-276.618.amzn2.aarch64
kernel-debuginfo-4.14.355-276.618.amzn2.aarch64
i686:
kernel-headers-4.14.355-276.618.amzn2.i686
src:
kernel-4.14.355-276.618.amzn2.src
x86_64:
kernel-4.14.355-276.618.amzn2.x86_64
kernel-headers-4.14.355-276.618.amzn2.x86_64
kernel-debuginfo-common-x86_64-4.14.355-276.618.amzn2.x86_64
perf-4.14.355-276.618.amzn2.x86_64
perf-debuginfo-4.14.355-276.618.amzn2.x86_64
python-perf-4.14.355-276.618.amzn2.x86_64
python-perf-debuginfo-4.14.355-276.618.amzn2.x86_64
kernel-tools-4.14.355-276.618.amzn2.x86_64
kernel-tools-devel-4.14.355-276.618.amzn2.x86_64
kernel-tools-debuginfo-4.14.355-276.618.amzn2.x86_64
kernel-devel-4.14.355-276.618.amzn2.x86_64
kernel-debuginfo-4.14.355-276.618.amzn2.x86_64
kernel-livepatch-4.14.355-276.618-1.0-0.amzn2.x86_64