Amazon Linux 2 Security Advisory: ALAS2-2025-3092
Advisory Released Date: 2025-12-08
Advisory Updated Date: 2025-12-08
Severity:
Important
Issue Overview:
Improper handling of insufficient entropy in the AMD CPUs could allow a local attacker to influence the values returned by the RDSEED instruction, potentially resulting in the consumption of insufficiently random values. (CVE-2025-62626)
Affected Packages:
linux-firmware
Note:
This advisory is applicable to Amazon Linux 2 (AL2) Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories.
Issue Correction:
Run yum update linux-firmware or yum update --advisory ALAS2-2025-3092 to update your system.
System reboot is required in order to complete this update.
New Packages:
noarch:
linux-firmware-20200421-85.git78c0348.amzn2.noarch
amd-ucode-firmware-20200421-85.git78c0348.amzn2.noarch
iwl100-firmware-39.31.5.1-85.amzn2.noarch
iwl105-firmware-18.168.6.1-85.amzn2.noarch
iwl135-firmware-18.168.6.1-85.amzn2.noarch
iwl1000-firmware-39.31.5.1-85.amzn2.noarch
iwl2000-firmware-18.168.6.1-85.amzn2.noarch
iwl2030-firmware-18.168.6.1-85.amzn2.noarch
iwl3160-firmware-25.30.13.0-85.amzn2.noarch
iwl3945-firmware-15.32.2.9-85.amzn2.noarch
iwl4965-firmware-228.61.2.24-85.amzn2.noarch
iwl5000-firmware-8.83.5.1_1-85.amzn2.noarch
iwl5150-firmware-8.24.2.2-85.amzn2.noarch
iwl6000-firmware-9.221.4.1-85.amzn2.noarch
iwl6000g2a-firmware-18.168.6.1-85.amzn2.noarch
iwl6000g2b-firmware-18.168.6.1-85.amzn2.noarch
iwl6050-firmware-41.28.5.1-85.amzn2.noarch
iwl7260-firmware-25.30.13.0-85.amzn2.noarch
src:
linux-firmware-20200421-85.git78c0348.amzn2.src