Amazon Linux 2 Security Advisory: ALAS2KERNEL-5.15-2026-099
Advisory Released Date: 2026-03-19
Advisory Updated Date: 2026-03-19
FAQs regarding Amazon Linux ALAS/CVE Severity
In the Linux kernel, the following vulnerability has been resolved:
drm/ttm: fix undefined behavior in bit shift for TTM_TT_FLAG_PRIV_POPULATED (CVE-2022-50390)
In the Linux kernel, the following vulnerability has been resolved:
blk-cgroup: Reinit blkg_iostat_set after clearing in blkcg_reset_stats() (CVE-2023-53421)
In the Linux kernel, the following vulnerability has been resolved:
ext4: fix memory leaks in ext4_fname_{setup_filename,prepare_lookup} (CVE-2023-53662)
In the Linux kernel, the following vulnerability has been resolved:
bpf: Reject narrower access to pointer ctx fields (CVE-2025-38591)
In the Linux kernel, the following vulnerability has been resolved:
team: Move team device type change at the end of team_port_add (CVE-2025-68340)
In the Linux kernel, the following vulnerability has been resolved:
btrfs: fix racy bitfield write in btrfs_clear_space_info_full() (CVE-2025-68358)
In the Linux kernel, the following vulnerability has been resolved:
fs/ntfs3: Initialize allocated memory before use (CVE-2025-68365)
In the Linux kernel, the following vulnerability has been resolved:
bpf: Do not let BPF test infra emit invalid GSO types to stack (CVE-2025-68725)
In the Linux kernel, the following vulnerability has been resolved:
iommu: disable SVA when CONFIG_X86 is set (CVE-2025-71089)
In the Linux kernel, the following vulnerability has been resolved:
btrfs: fix deadlock in wait_current_trans() due to ignored transaction type (CVE-2025-71194)
In the Linux kernel, the following vulnerability has been resolved:
net/sched: sch_qfq: do not free existing class in qfq_change_class() (CVE-2026-22999)
In the Linux kernel, the following vulnerability has been resolved:
macvlan: fix possible UAF in macvlan_forward_source() (CVE-2026-23001)
In the Linux kernel, the following vulnerability has been resolved:
ip6_tunnel: use skb_vlan_inet_prepare() in __ip6_tnl_rcv() (CVE-2026-23003)
In the Linux kernel, the following vulnerability has been resolved:
ipv4: ip_gre: make ipgre_header() robust (CVE-2026-23011)
In the Linux kernel, the following vulnerability has been resolved:
pnfs/flexfiles: Fix memory leak in nfs4_ff_alloc_deviceid_node() (CVE-2026-23038)
In the Linux kernel, the following vulnerability has been resolved:
crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec (CVE-2026-23060)
In the Linux kernel, the following vulnerability has been resolved:
regmap: Fix race condition in hwspinlock irqsave routine (CVE-2026-23071)
In the Linux kernel, the following vulnerability has been resolved:
net/sched: Enforce that teql can only be used as root qdisc (CVE-2026-23074)
In the Linux kernel, the following vulnerability has been resolved:
fou: Don't allow 0 for FOU_ATTR_IPPROTO. (CVE-2026-23083)
In the Linux kernel, the following vulnerability has been resolved:
irqchip/gic-v3-its: Avoid truncating memory addresses (CVE-2026-23085)
In the Linux kernel, the following vulnerability has been resolved:
gue: Fix skb memleak with inner IP protocol 0. (CVE-2026-23095)
In the Linux kernel, the following vulnerability has been resolved:
migrate: correct lock ordering for hugetlb file folios (CVE-2026-23097)
In the Linux kernel, the following vulnerability has been resolved:
bonding: limit BOND_MODE_8023AD to Ethernet devices (CVE-2026-23099)
In the Linux kernel, the following vulnerability has been resolved:
ipvlan: Make the addrs_lock be per port (CVE-2026-23103)
In the Linux kernel, the following vulnerability has been resolved:
net/sched: qfq: Use cl_is_active to determine whether class is active in qfq_rm_from_ag (CVE-2026-23105)
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (CVE-2026-23111)
In the Linux kernel, the following vulnerability has been resolved:
bonding: provide a net pointer to __skb_flow_dissect() (CVE-2026-23119)
In the Linux kernel, the following vulnerability has been resolved:
ipv6: annotate data-race in ndisc_router_discovery() (CVE-2026-23124)
In the Linux kernel, the following vulnerability has been resolved:
sctp: move SCTP_CMD_ASSOC_SHKEY right after SCTP_CMD_PEER_INIT (CVE-2026-23125)
In the Linux kernel, the following vulnerability has been resolved:
ext4: fix iloc.bh leak in ext4_xattr_inode_update_ref (CVE-2026-23145)
In the Linux kernel, the following vulnerability has been resolved:
mptcp: fix race in mptcp_pm_nl_flush_addrs_doit() (CVE-2026-23169)
In the Linux kernel, the following vulnerability has been resolved:
KVM: Don't clobber irqfd routing type when deassigning irqfd (CVE-2026-23198)
In the Linux kernel, the following vulnerability has been resolved:
macvlan: fix error recovery in macvlan_common_newlink() (CVE-2026-23209)
In the Linux kernel, the following vulnerability has been resolved: bus: fsl-mc: fix use-after-free in driver_override_show() The driver_override_show() function reads the driver_override string without holding the device_lock. However, driver_override_store() uses driver_set_override(), which modifies and frees the string while holding the device_lock. This can result in a concurrent use-after-free if the string is freed by the store function while being read by the show function. Fix this by holding the device_lock around the read operation. (CVE-2026-23221)
Affected Packages:
kernel
Note:
This advisory is applicable to Amazon Linux 2 - Kernel-5.15 Extra. Visit this page to learn more about Amazon Linux 2 (AL2) Extras and this FAQ section for the difference between AL2 Core and AL2 Extras advisories.
Issue Correction:
Run yum update kernel or yum update --advisory ALAS2KERNEL-5.15-2026-099 to update your system.
System reboot is required in order to complete this update.
aarch64:
kernel-5.15.202-141.223.amzn2.aarch64
kernel-headers-5.15.202-141.223.amzn2.aarch64
kernel-debuginfo-common-aarch64-5.15.202-141.223.amzn2.aarch64
perf-5.15.202-141.223.amzn2.aarch64
perf-debuginfo-5.15.202-141.223.amzn2.aarch64
python-perf-5.15.202-141.223.amzn2.aarch64
python-perf-debuginfo-5.15.202-141.223.amzn2.aarch64
kernel-tools-5.15.202-141.223.amzn2.aarch64
kernel-tools-devel-5.15.202-141.223.amzn2.aarch64
kernel-tools-debuginfo-5.15.202-141.223.amzn2.aarch64
bpftool-5.15.202-141.223.amzn2.aarch64
bpftool-debuginfo-5.15.202-141.223.amzn2.aarch64
kernel-devel-5.15.202-141.223.amzn2.aarch64
kernel-debuginfo-5.15.202-141.223.amzn2.aarch64
kernel-livepatch-5.15.202-141.223-1.0-0.amzn2.aarch64
i686:
kernel-headers-5.15.202-141.223.amzn2.i686
src:
kernel-5.15.202-141.223.amzn2.src
x86_64:
kernel-5.15.202-141.223.amzn2.x86_64
kernel-headers-5.15.202-141.223.amzn2.x86_64
kernel-debuginfo-common-x86_64-5.15.202-141.223.amzn2.x86_64
perf-5.15.202-141.223.amzn2.x86_64
perf-debuginfo-5.15.202-141.223.amzn2.x86_64
python-perf-5.15.202-141.223.amzn2.x86_64
python-perf-debuginfo-5.15.202-141.223.amzn2.x86_64
kernel-tools-5.15.202-141.223.amzn2.x86_64
kernel-tools-devel-5.15.202-141.223.amzn2.x86_64
kernel-tools-debuginfo-5.15.202-141.223.amzn2.x86_64
bpftool-5.15.202-141.223.amzn2.x86_64
bpftool-debuginfo-5.15.202-141.223.amzn2.x86_64
kernel-devel-5.15.202-141.223.amzn2.x86_64
kernel-debuginfo-5.15.202-141.223.amzn2.x86_64
kernel-livepatch-5.15.202-141.223-1.0-0.amzn2.x86_64