Amazon Linux 2 Security Advisory: ALAS2KERNEL-5.4-2023-047
Advisory Released Date: 2023-06-28
Advisory Updated Date: 2026-02-11
FAQs regarding Amazon Linux ALAS/CVE Severity
A flaw was found in the x86 KVM subsystem in kvm_steal_time_set_preempted in arch/x86/kvm/x86.c in the Linux kernel. Unprivileged guest users can compromise the guest kernel because TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED situations. (CVE-2022-39189)
In the Linux kernel, the following vulnerability has been resolved:
btrfs: unset reloc control if transaction commit fails in prepare_to_relocate() (CVE-2022-50067)
There is a potential deadlock in the eBPF subsystem in the Linux kernel.
The default sysctl configuration "kernel.unprivileged_bpf_disabled" on Amazon Linux does not allow unprivileged users to use eBPF. (CVE-2023-0160)
A denial of service problem was found, due to a possible recursive locking scenario, resulting in a deadlock in table_clear in drivers/md/dm-ioctl.c in the Linux Kernel Device Mapper-Multipathing sub-component. (CVE-2023-2269)
A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation.
The out-of-bounds write is caused by missing skb->cb initialization in the ipvlan network driver. The vulnerability is reachable if CONFIG_IPVLAN is enabled.
We recommend upgrading past commit 90cbed5247439a966b645b34eb0a2e037836ea8e. (CVE-2023-3090)
A use after free vulnerability was found in prepare_to_relocate in fs/btrfs/relocation.c in btrfs in the Linux Kernel. This possible flaw can be triggered by calling btrfs_ioctl_balance() before calling btrfs_ioctl_defrag(). (CVE-2023-3111)
A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker to crash the system at device disconnect, possibly leading to a kernel information leak. (CVE-2023-3141)
An out of bounds (OOB) memory access flaw was found in the Linux kernel in relay_file_read_start_pos in kernel/relay.c in the relayfs. This flaw could allow a local attacker to crash the system or leak kernel internal information. (CVE-2023-3268)
An issue was discovered in the Linux kernel before 6.3.3. There is an out-of-bounds read in crc16 in lib/crc16.c when called from fs/ext4/super.c because ext4_group_desc_csum does not properly check an offset. (CVE-2023-34256)
A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. In this flaw an attacker with local user access may lead to a system crash or a leak of internal kernel information. (CVE-2023-3567)
An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. This may result in denial of service or privilege escalation. (CVE-2023-35788)
In the Linux kernel, the following vulnerability has been resolved:
serial: 8250: Reinit port->pm on port specific driver unbind (CVE-2023-53176)
In the Linux kernel, the following vulnerability has been resolved:
ACPICA: Avoid undefined behavior: applying zero offset to null pointer (CVE-2023-53182)
In the Linux kernel, the following vulnerability has been resolved:
ext4: add bounds checking in get_max_inline_xattr_value_size() (CVE-2023-53285)
In the Linux kernel, the following vulnerability has been resolved:
md/raid10: fix leak of 'r10bio->remaining' for recovery (CVE-2023-53299)
In the Linux kernel, the following vulnerability has been resolved:
ext4: fix WARNING in mb_find_extent (CVE-2023-53317)
In the Linux kernel, the following vulnerability has been resolved:
nilfs2: do not write dirty data after degenerating to read-only (CVE-2023-53337)
In the Linux kernel, the following vulnerability has been resolved:
net: add vlan_get_protocol_and_depth() helper (CVE-2023-53433)
In the Linux kernel, the following vulnerability has been resolved:
ext4: remove a BUG_ON in ext4_mb_release_group_pa() (CVE-2023-53450)
In the Linux kernel, the following vulnerability has been resolved:
lib: cpu_rmap: Avoid use after free on rmap->obj array entries (CVE-2023-53484)
In the Linux kernel, the following vulnerability has been resolved:
tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp. (CVE-2023-53489)
In the Linux kernel, the following vulnerability has been resolved:
spi: qup: Don't skip cleanup in remove's error path (CVE-2023-53567)
In the Linux kernel, the following vulnerability has been resolved:
ext2: Check block size validity during mount (CVE-2023-53569)
In the Linux kernel, the following vulnerability has been resolved:
ring-buffer: Sync IRQ works before buffer destruction (CVE-2023-53587)
In the Linux kernel, the following vulnerability has been resolved:
dm integrity: call kmem_cache_destroy() in dm_integrity_init() error path (CVE-2023-53604)
In the Linux kernel, the following vulnerability has been resolved:
net: cdc_ncm: Deal with too low values of dwNtbOutMaxSize (CVE-2023-53667)
In the Linux kernel, the following vulnerability has been resolved:
fs: hfsplus: remove WARN_ON() from hfsplus_cat_{read,write}_inode() (CVE-2023-53683)
In the Linux kernel, the following vulnerability has been resolved:
ext4: fix use-after-free read in ext4_find_extent for bigalloc + inline (CVE-2023-53692)
In the Linux kernel, the following vulnerability has been resolved:
ipv6: Fix out-of-bounds access in ipv6_find_tlv() (CVE-2023-53705)
In the Linux kernel, the following vulnerability has been resolved:
serial: arc_uart: fix of_iomap leak in `arc_serial_probe` (CVE-2023-53719)
In the Linux kernel, the following vulnerability has been resolved:
vc_screen: reload load of struct vc_data pointer in vcs_write() to avoid UAF (CVE-2023-53747)
In the Linux kernel, the following vulnerability has been resolved:
scsi: lpfc: Fix ioremap issues in lpfc_sli4_pci_mem_setup() (CVE-2023-53754)
In the Linux kernel, the following vulnerability has been resolved:
USB: usbtmc: Fix direction for 0-length ioctl control messages (CVE-2023-53761)
In the Linux kernel, the following vulnerability has been resolved:
dm flakey: fix a crash with invalid table line (CVE-2023-53786)
In the Linux kernel, the following vulnerability has been resolved:
nilfs2: fix use-after-free bug of nilfs_root in nilfs_evict_inode() (CVE-2023-53804)
In the Linux kernel, the following vulnerability has been resolved:
md/raid10: fix null-ptr-deref in raid10_sync_request (CVE-2023-53832)
In the Linux kernel, the following vulnerability has been resolved:
nilfs2: fix infinite loop in nilfs_mdt_get_block() (CVE-2023-53845)
In the Linux kernel, the following vulnerability has been resolved:
netlink: annotate accesses to nlk->cb_running (CVE-2023-53853)
In the Linux kernel, the following vulnerability has been resolved:
udplite: Fix NULL pointer dereference in __sk_mem_raise_allocated(). (CVE-2023-54004)
In the Linux kernel, the following vulnerability has been resolved:
vmci_host: fix a race condition in vmci_host_poll() causing GPF (CVE-2023-54007)
In the Linux kernel, the following vulnerability has been resolved:
net: fix stack overflow when LRO is disabled for virtual interfaces (CVE-2023-54012)
In the Linux kernel, the following vulnerability has been resolved:
net/mlx5: Devcom, fix error flow in mlx5_devcom_register_device (CVE-2023-54015)
In the Linux kernel, the following vulnerability has been resolved:
ext4: set goal start correctly in ext4_mb_normalize_request (CVE-2023-54021)
In the Linux kernel, the following vulnerability has been resolved:
spmi: Add a check for remove callback when removing a SPMI driver (CVE-2023-54044)
In the Linux kernel, the following vulnerability has been resolved:
kheaders: Use array declaration instead of char (CVE-2023-54056)
In the Linux kernel, the following vulnerability has been resolved:
ext4: fix invalid free tracking in ext4_xattr_move_to_block() (CVE-2023-54062)
In the Linux kernel, the following vulnerability has been resolved:
scsi: lpfc: Prevent lpfc_debugfs_lockstat_write() buffer overflow (CVE-2023-54102)
In the Linux kernel, the following vulnerability has been resolved:
net: nsh: Use correct mac_offset to unwind gso skb in nsh_gso_segment() (CVE-2023-54114)
In the Linux kernel, the following vulnerability has been resolved:
inotify: Avoid reporting event with invalid wd (CVE-2023-54119)
In the Linux kernel, the following vulnerability has been resolved:
md/raid10: fix memleak for 'conf->bio_split' (CVE-2023-54123)
In the Linux kernel, the following vulnerability has been resolved:
btrfs: don't free qgroup space unless specified (CVE-2023-54158)
In the Linux kernel, the following vulnerability has been resolved:
firmware: arm_sdei: Fix sleep from invalid context BUG (CVE-2023-54160)
In the Linux kernel, the following vulnerability has been resolved:
RDMA/mlx4: Prevent shift wrapping in set_user_sq_size() (CVE-2023-54168)
In the Linux kernel, the following vulnerability has been resolved:
scsi: target: iscsit: Free cmds before session free (CVE-2023-54184)
In the Linux kernel, the following vulnerability has been resolved:
net/sched: cls_api: remove block_cb from driver_list before freeing (CVE-2023-54193)
In the Linux kernel, the following vulnerability has been resolved:
USB: sisusbvga: Add endpoint checks (CVE-2023-54213)
In the Linux kernel, the following vulnerability has been resolved:
net: Fix load-tearing on sk->sk_stamp in sock_recv_cmsgs(). (CVE-2023-54218)
In the Linux kernel, the following vulnerability has been resolved:
af_unix: Fix data races around sk->sk_shutdown. (CVE-2023-54226)
In the Linux kernel, the following vulnerability has been resolved:
ACPI: EC: Fix oops when removing custom query handlers (CVE-2023-54244)
In the Linux kernel, the following vulnerability has been resolved:
debugobjects: Don't wake up kswapd from fill_pool() (CVE-2023-54268)
In the Linux kernel, the following vulnerability has been resolved:
md/raid10: fix memleak of md thread (CVE-2023-54294)
In the Linux kernel, the following vulnerability has been resolved:
ext4: fix deadlock when converting an inline directory in nojournal mode (CVE-2023-54311)
A use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 in the Linux kernel. This flaw allows a local user to cause an information leak problem while freeing the old quota file names before a potential failure, leading to a use-after-free. (CVE-2024-0775)
Affected Packages:
kernel
Note:
This advisory is applicable to Amazon Linux 2 - Kernel-5.4 Extra. Visit this page to learn more about Amazon Linux 2 (AL2) Extras and this FAQ section for the difference between AL2 Core and AL2 Extras advisories.
Issue Correction:
Run yum update kernel or yum update --advisory ALAS2KERNEL-5.4-2023-047 to update your system.
aarch64:
kernel-5.4.247-161.349.amzn2.aarch64
kernel-headers-5.4.247-161.349.amzn2.aarch64
kernel-debuginfo-common-aarch64-5.4.247-161.349.amzn2.aarch64
perf-5.4.247-161.349.amzn2.aarch64
perf-debuginfo-5.4.247-161.349.amzn2.aarch64
python-perf-5.4.247-161.349.amzn2.aarch64
python-perf-debuginfo-5.4.247-161.349.amzn2.aarch64
kernel-tools-5.4.247-161.349.amzn2.aarch64
kernel-tools-devel-5.4.247-161.349.amzn2.aarch64
kernel-tools-debuginfo-5.4.247-161.349.amzn2.aarch64
bpftool-5.4.247-161.349.amzn2.aarch64
bpftool-debuginfo-5.4.247-161.349.amzn2.aarch64
kernel-devel-5.4.247-161.349.amzn2.aarch64
kernel-debuginfo-5.4.247-161.349.amzn2.aarch64
i686:
kernel-headers-5.4.247-161.349.amzn2.i686
src:
kernel-5.4.247-161.349.amzn2.src
x86_64:
kernel-5.4.247-161.349.amzn2.x86_64
kernel-headers-5.4.247-161.349.amzn2.x86_64
kernel-debuginfo-common-x86_64-5.4.247-161.349.amzn2.x86_64
perf-5.4.247-161.349.amzn2.x86_64
perf-debuginfo-5.4.247-161.349.amzn2.x86_64
python-perf-5.4.247-161.349.amzn2.x86_64
python-perf-debuginfo-5.4.247-161.349.amzn2.x86_64
kernel-tools-5.4.247-161.349.amzn2.x86_64
kernel-tools-devel-5.4.247-161.349.amzn2.x86_64
kernel-tools-debuginfo-5.4.247-161.349.amzn2.x86_64
bpftool-5.4.247-161.349.amzn2.x86_64
bpftool-debuginfo-5.4.247-161.349.amzn2.x86_64
kernel-devel-5.4.247-161.349.amzn2.x86_64
kernel-debuginfo-5.4.247-161.349.amzn2.x86_64
2026-02-11: CVE-2023-54158 was added to this advisory.
2026-02-08: CVE-2023-54218 was added to this advisory.
2026-02-08: CVE-2023-54268 was added to this advisory.
2026-02-08: CVE-2023-54012 was added to this advisory.
2026-02-08: CVE-2023-54114 was added to this advisory.
2026-02-08: CVE-2023-54213 was added to this advisory.
2026-02-08: CVE-2023-54226 was added to this advisory.
2026-02-08: CVE-2023-54294 was added to this advisory.
2026-02-08: CVE-2023-54168 was added to this advisory.
2026-02-08: CVE-2023-54244 was added to this advisory.
2026-02-08: CVE-2023-54015 was added to this advisory.
2026-02-08: CVE-2023-54007 was added to this advisory.
2026-02-08: CVE-2023-54056 was added to this advisory.
2026-02-08: CVE-2023-54102 was added to this advisory.
2026-02-08: CVE-2023-54193 was added to this advisory.
2026-02-08: CVE-2023-54311 was added to this advisory.
2026-02-08: CVE-2023-54021 was added to this advisory.
2026-02-08: CVE-2023-54184 was added to this advisory.
2026-02-08: CVE-2023-54044 was added to this advisory.
2026-02-08: CVE-2023-54004 was added to this advisory.
2026-02-08: CVE-2023-54119 was added to this advisory.
2026-02-08: CVE-2023-54160 was added to this advisory.
2026-02-08: CVE-2023-54062 was added to this advisory.
2026-02-08: CVE-2023-54123 was added to this advisory.
2025-12-19: CVE-2023-53832 was added to this advisory.
2025-12-19: CVE-2023-53804 was added to this advisory.
2025-12-19: CVE-2023-53761 was added to this advisory.
2025-12-19: CVE-2023-53754 was added to this advisory.
2025-12-19: CVE-2023-53786 was added to this advisory.
2025-12-19: CVE-2023-53853 was added to this advisory.
2025-12-19: CVE-2023-53747 was added to this advisory.
2025-12-19: CVE-2023-53845 was added to this advisory.
2025-10-30: CVE-2023-53692 was added to this advisory.
2025-10-30: CVE-2023-53705 was added to this advisory.
2025-10-30: CVE-2023-53719 was added to this advisory.
2025-10-18: CVE-2023-53604 was added to this advisory.
2025-10-18: CVE-2023-53587 was added to this advisory.
2025-10-18: CVE-2023-53489 was added to this advisory.
2025-10-18: CVE-2023-53683 was added to this advisory.
2025-10-18: CVE-2023-53567 was added to this advisory.
2025-10-18: CVE-2023-53569 was added to this advisory.
2025-10-18: CVE-2023-53667 was added to this advisory.
2025-10-08: CVE-2023-53484 was added to this advisory.
2025-10-08: CVE-2023-53450 was added to this advisory.
2025-10-02: CVE-2023-53337 was added to this advisory.
2025-10-02: CVE-2023-53433 was added to this advisory.
2025-10-02: CVE-2023-53176 was added to this advisory.
2025-10-02: CVE-2023-53182 was added to this advisory.
2025-09-22: CVE-2023-53317 was added to this advisory.
2025-09-22: CVE-2023-53299 was added to this advisory.
2025-09-22: CVE-2023-53285 was added to this advisory.
2025-07-29: CVE-2022-50067 was added to this advisory.
2024-07-03: CVE-2023-0160 was added to this advisory.
2024-02-01: CVE-2024-0775 was added to this advisory.
2023-09-27: CVE-2023-3567 was added to this advisory.