ALAS2KERNEL-5.4-2025-114

Amazon Linux 2 Security Advisory: ALAS2KERNEL-5.4-2025-114
Advisory Released Date: 2025-11-10
Advisory Updated Date: 2025-11-10
Severity: Important
Issue Overview:

In the Linux kernel, the following vulnerability has been resolved:

fs: dlm: fix invalid derefence of sb_lvbptr (CVE-2022-50516)

In the Linux kernel, the following vulnerability has been resolved:

scsi: target: target_core_configfs: Add length check to avoid buffer overflow (CVE-2025-39998)

In the Linux kernel, the following vulnerability has been resolved:

scsi: mvsas: Fix use-after-free bugs in mvs_work_queue (CVE-2025-40001)

In the Linux kernel, the following vulnerability has been resolved:

ipvs: Defer ip_vs_ftp unregister during netns cleanup (CVE-2025-40018)

In the Linux kernel, the following vulnerability has been resolved:

crypto: essiv - Check ssize for decryption and in-place encryption (CVE-2025-40019)

In the Linux kernel, the following vulnerability has been resolved:

KVM: x86: Don't (re)check L1 intercepts when completing userspace I/O (CVE-2025-40026)

In the Linux kernel, the following vulnerability has been resolved:

pinctrl: check the return value of pinmux_ops::get_function_name() (CVE-2025-40030)

In the Linux kernel, the following vulnerability has been resolved:

Input: uinput - zero-initialize uinput_ff_upload_compat to avoid info leak (CVE-2025-40035)

In the Linux kernel, the following vulnerability has been resolved:

tracing: Fix race condition in kprobe initialization causing NULL pointer dereference (CVE-2025-40042)

In the Linux kernel, the following vulnerability has been resolved:

fs: udf: fix OOB read in lengthAllocDescs handling (CVE-2025-40044)

In the Linux kernel, the following vulnerability has been resolved:

uio_hv_generic: Let userspace take care of interrupt mask (CVE-2025-40048)

In the Linux kernel, the following vulnerability has been resolved:

Squashfs: fix uninit-value in squashfs_get_parent (CVE-2025-40049)

In the Linux kernel, the following vulnerability has been resolved:

pps: fix warning in pps_register_cdev when register device fail (CVE-2025-40070)

In the Linux kernel, the following vulnerability has been resolved:

bpf: Explicitly check accesses to bpf_sock_addr (CVE-2025-40078)

In the Linux kernel, the following vulnerability has been resolved:

perf: arm_spe: Prevent overflow in PERF_IDX2OFF() (CVE-2025-40081)

In the Linux kernel, the following vulnerability has been resolved:

NFSD: Define a proc_layoutcommit for the FlexFiles layout type (CVE-2025-40087)

In the Linux kernel, the following vulnerability has been resolved:

hfsplus: fix slab-out-of-bounds read in hfsplus_strcasecmp() (CVE-2025-40088)

In the Linux kernel, the following vulnerability has been resolved:

vfs: Don't leak disconnected dentries on umount (CVE-2025-40105)

In the Linux kernel, the following vulnerability has been resolved:

scsi: mpt3sas: Fix crash in transport port remove by using ioc_info() (CVE-2025-40115)

In the Linux kernel, the following vulnerability has been resolved:

blk-mq: check kobject state_in_sysfs before deleting in blk_mq_unregister_hctx (CVE-2025-40125)

In the Linux kernel, the following vulnerability has been resolved:

dm: fix NULL pointer dereference in __dm_suspend() (CVE-2025-40134)

In the Linux kernel, the following vulnerability has been resolved:

net: usb: Remove disruptive netif_wake_queue in rtl8150_set_multicast (CVE-2025-40140)

In the Linux kernel, the following vulnerability has been resolved:

mm: hugetlb: avoid soft lockup when mprotect to large memory area (CVE-2025-40153)

In the Linux kernel, the following vulnerability has been resolved:

ext4: detect invalid INLINE_DATA + EXTENTS flag combination (CVE-2025-40167)

In the Linux kernel, the following vulnerability has been resolved:

net/ip6_tunnel: Prevent perpetual tunnel growth (CVE-2025-40173)

In the Linux kernel, the following vulnerability has been resolved:

pid: Add a judgment for ns null in pid_nr_ns (CVE-2025-40178)

In the Linux kernel, the following vulnerability has been resolved:

net/sctp: fix a null dereference in sctp_disposition sctp_sf_do_5_1D_ce() (CVE-2025-40187)

In the Linux kernel, the following vulnerability has been resolved:

ext4: guard against EA inode refcount underflow in xattr update (CVE-2025-40190)

In the Linux kernel, the following vulnerability has been resolved:

cpufreq: intel_pstate: Fix object lifecycle issue in update_qos_request() (CVE-2025-40194)

In the Linux kernel, the following vulnerability has been resolved:

ext4: avoid potential buffer over-read in parse_apply_sb_mount_options() (CVE-2025-40198)

In the Linux kernel, the following vulnerability has been resolved:

Squashfs: reject negative file sizes in squashfs_read_inode() (CVE-2025-40200)

In the Linux kernel, the following vulnerability has been resolved:

sctp: Fix MAC comparison to be constant-time (CVE-2025-40204)

In the Linux kernel, the following vulnerability has been resolved:

btrfs: avoid potential out-of-bounds in btrfs_encode_fh() (CVE-2025-40205)


Affected Packages:

kernel


Note:

This advisory is applicable to Amazon Linux 2 - Kernel-5.4 Extra. Visit this page to learn more about Amazon Linux 2 (AL2) Extras and this FAQ section for the difference between AL2 Core and AL2 Extras advisories.


Issue Correction:
Run yum update kernel or yum update --advisory ALAS2KERNEL-5.4-2025-114 to update your system.
System reboot is required in order to complete this update.

New Packages:
aarch64:
    kernel-5.4.301-221.445.amzn2.aarch64
    kernel-headers-5.4.301-221.445.amzn2.aarch64
    kernel-debuginfo-common-aarch64-5.4.301-221.445.amzn2.aarch64
    perf-5.4.301-221.445.amzn2.aarch64
    perf-debuginfo-5.4.301-221.445.amzn2.aarch64
    python-perf-5.4.301-221.445.amzn2.aarch64
    python-perf-debuginfo-5.4.301-221.445.amzn2.aarch64
    kernel-tools-5.4.301-221.445.amzn2.aarch64
    kernel-tools-devel-5.4.301-221.445.amzn2.aarch64
    kernel-tools-debuginfo-5.4.301-221.445.amzn2.aarch64
    bpftool-5.4.301-221.445.amzn2.aarch64
    bpftool-debuginfo-5.4.301-221.445.amzn2.aarch64
    kernel-devel-5.4.301-221.445.amzn2.aarch64
    kernel-debuginfo-5.4.301-221.445.amzn2.aarch64

i686:
    kernel-headers-5.4.301-221.445.amzn2.i686

src:
    kernel-5.4.301-221.445.amzn2.src

x86_64:
    kernel-5.4.301-221.445.amzn2.x86_64
    kernel-headers-5.4.301-221.445.amzn2.x86_64
    kernel-debuginfo-common-x86_64-5.4.301-221.445.amzn2.x86_64
    perf-5.4.301-221.445.amzn2.x86_64
    perf-debuginfo-5.4.301-221.445.amzn2.x86_64
    python-perf-5.4.301-221.445.amzn2.x86_64
    python-perf-debuginfo-5.4.301-221.445.amzn2.x86_64
    kernel-tools-5.4.301-221.445.amzn2.x86_64
    kernel-tools-devel-5.4.301-221.445.amzn2.x86_64
    kernel-tools-debuginfo-5.4.301-221.445.amzn2.x86_64
    bpftool-5.4.301-221.445.amzn2.x86_64
    bpftool-debuginfo-5.4.301-221.445.amzn2.x86_64
    kernel-devel-5.4.301-221.445.amzn2.x86_64
    kernel-debuginfo-5.4.301-221.445.amzn2.x86_64

Additional References

Release Notes:  Amazon Linux 2 Release Notes

Red Hat: CVE-2022-50516, CVE-2025-39998, CVE-2025-40001, CVE-2025-40018, CVE-2025-40019, CVE-2025-40026, CVE-2025-40030, CVE-2025-40035, CVE-2025-40042, CVE-2025-40044, CVE-2025-40048, CVE-2025-40049, CVE-2025-40070, CVE-2025-40078, CVE-2025-40081, CVE-2025-40087, CVE-2025-40088, CVE-2025-40105, CVE-2025-40115, CVE-2025-40125, CVE-2025-40134, CVE-2025-40140, CVE-2025-40153, CVE-2025-40167, CVE-2025-40173, CVE-2025-40178, CVE-2025-40187, CVE-2025-40190, CVE-2025-40194, CVE-2025-40198, CVE-2025-40200, CVE-2025-40204, CVE-2025-40205

Mitre: CVE-2022-50516, CVE-2025-39998, CVE-2025-40001, CVE-2025-40018, CVE-2025-40019, CVE-2025-40026, CVE-2025-40030, CVE-2025-40035, CVE-2025-40042, CVE-2025-40044, CVE-2025-40048, CVE-2025-40049, CVE-2025-40070, CVE-2025-40078, CVE-2025-40081, CVE-2025-40087, CVE-2025-40088, CVE-2025-40105, CVE-2025-40115, CVE-2025-40125, CVE-2025-40134, CVE-2025-40140, CVE-2025-40153, CVE-2025-40167, CVE-2025-40173, CVE-2025-40178, CVE-2025-40187, CVE-2025-40190, CVE-2025-40194, CVE-2025-40198, CVE-2025-40200, CVE-2025-40204, CVE-2025-40205