Amazon Linux 2023 Security Advisory: ALAS-2025-823
Advisory Release Date: 2025-01-30 03:53 Pacific
Advisory Updated Date: 2025-02-26 19:34 Pacific
FAQs regarding Amazon Linux ALAS/CVE Severity
In the Linux kernel, the following vulnerability has been resolved:
gpiolib: cdev: Fix use after free in lineinfo_changed_notify (CVE-2024-36899)
In the Linux kernel, the following vulnerability has been resolved:
bpf: Fix overloading of MEM_UNINIT's meaning (CVE-2024-50164)
In the Linux kernel, the following vulnerability has been resolved:
fs/ntfs3: Add rough attr alloc_size check (CVE-2024-50246)
In the Linux kernel, the following vulnerability has been resolved:
scsi: sg: Fix slab-use-after-free read in sg_release() (CVE-2024-56631)
In the Linux kernel, the following vulnerability has been resolved:
block, bfq: fix waker_bfqq UAF after bfq_split_bfqq() (CVE-2025-21631)
In the Linux kernel, the following vulnerability has been resolved:
net_sched: cls_flow: validate TCA_FLOW_RSHIFT attribute (CVE-2025-21653)
In the Linux kernel, the following vulnerability has been resolved:
io_uring/eventfd: ensure io_eventfd_signal() defers another RCU period (CVE-2025-21655)
In the Linux kernel, the following vulnerability has been resolved:
zram: fix potential UAF of zram table (CVE-2025-21671)
Affected Packages:
kernel
Issue Correction:
Run dnf update kernel --releasever 2023.6.20250203 to update your system.
System reboot is required in order to complete this update.
aarch64:
kernel-tools-6.1.127-135.201.amzn2023.aarch64
perf-6.1.127-135.201.amzn2023.aarch64
bpftool-6.1.127-135.201.amzn2023.aarch64
python3-perf-debuginfo-6.1.127-135.201.amzn2023.aarch64
perf-debuginfo-6.1.127-135.201.amzn2023.aarch64
python3-perf-6.1.127-135.201.amzn2023.aarch64
kernel-tools-devel-6.1.127-135.201.amzn2023.aarch64
bpftool-debuginfo-6.1.127-135.201.amzn2023.aarch64
kernel-libbpf-devel-6.1.127-135.201.amzn2023.aarch64
kernel-headers-6.1.127-135.201.amzn2023.aarch64
kernel-libbpf-6.1.127-135.201.amzn2023.aarch64
kernel-modules-extra-common-6.1.127-135.201.amzn2023.aarch64
kernel-modules-extra-6.1.127-135.201.amzn2023.aarch64
kernel-libbpf-static-6.1.127-135.201.amzn2023.aarch64
kernel-livepatch-6.1.127-135.201-1.0-0.amzn2023.aarch64
kernel-6.1.127-135.201.amzn2023.aarch64
kernel-tools-debuginfo-6.1.127-135.201.amzn2023.aarch64
kernel-debuginfo-6.1.127-135.201.amzn2023.aarch64
kernel-debuginfo-common-aarch64-6.1.127-135.201.amzn2023.aarch64
kernel-devel-6.1.127-135.201.amzn2023.aarch64
src:
kernel-6.1.127-135.201.amzn2023.src
x86_64:
kernel-tools-devel-6.1.127-135.201.amzn2023.x86_64
kernel-tools-6.1.127-135.201.amzn2023.x86_64
bpftool-6.1.127-135.201.amzn2023.x86_64
kernel-libbpf-static-6.1.127-135.201.amzn2023.x86_64
kernel-modules-extra-6.1.127-135.201.amzn2023.x86_64
bpftool-debuginfo-6.1.127-135.201.amzn2023.x86_64
python3-perf-debuginfo-6.1.127-135.201.amzn2023.x86_64
kernel-libbpf-6.1.127-135.201.amzn2023.x86_64
kernel-headers-6.1.127-135.201.amzn2023.x86_64
python3-perf-6.1.127-135.201.amzn2023.x86_64
kernel-modules-extra-common-6.1.127-135.201.amzn2023.x86_64
perf-6.1.127-135.201.amzn2023.x86_64
perf-debuginfo-6.1.127-135.201.amzn2023.x86_64
kernel-tools-debuginfo-6.1.127-135.201.amzn2023.x86_64
kernel-libbpf-devel-6.1.127-135.201.amzn2023.x86_64
kernel-livepatch-6.1.127-135.201-1.0-0.amzn2023.x86_64
kernel-debuginfo-6.1.127-135.201.amzn2023.x86_64
kernel-6.1.127-135.201.amzn2023.x86_64
kernel-debuginfo-common-x86_64-6.1.127-135.201.amzn2023.x86_64
kernel-devel-6.1.127-135.201.amzn2023.x86_64