Amazon Linux 2 Security Advisory: ALAS2KERNEL-5.10-2024-071
Advisory Released Date: 2024-10-02
Advisory Updated Date: 2025-10-02
FAQs regarding Amazon Linux ALAS/CVE Severity
In the Linux kernel, the following vulnerability has been resolved:
drm/amdkfd: don't allow mapping the MMIO HDP page with large pages (CVE-2024-41011)
In the Linux kernel, the following vulnerability has been resolved:
ata: libata-core: Fix null pointer dereference on error (CVE-2024-41098)
In the Linux kernel, the following vulnerability has been resolved:
drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc (CVE-2024-42228)
In the Linux kernel, the following vulnerability has been resolved:
cgroup/cpuset: Prevent UAF in proc_cpuset_show() (CVE-2024-43853)
In the Linux kernel, the following vulnerability has been resolved:
fuse: Initialize beyond-EOF page contents before setting uptodate (CVE-2024-44947)
In the Linux kernel, the following vulnerability has been resolved:
bonding: fix xfrm real_dev null pointer dereference (CVE-2024-44989)
In the Linux kernel, the following vulnerability has been resolved:
bonding: fix null pointer deref in bond_ipsec_offload_ok (CVE-2024-44990)
In the Linux kernel, the following vulnerability has been resolved:
xhci: Fix Panther point NULL pointer deref at full-speed re-enumeration (CVE-2024-45006)
In the Linux kernel, the following vulnerability has been resolved:
Input: MT - limit max slots (CVE-2024-45008)
In the Linux kernel, the following vulnerability has been resolved:
netem: fix return value if duplicate enqueue fails (CVE-2024-45016)
In the Linux kernel, the following vulnerability has been resolved:
netfilter: flowtable: initialise extack before use (CVE-2024-45018)
In the Linux kernel, the following vulnerability has been resolved:
memcg_write_event_control(): fix a user-triggerable oops (CVE-2024-45021)
In the Linux kernel, the following vulnerability has been resolved:
ethtool: check device is present when getting link settings (CVE-2024-46679)
In the Linux kernel, the following vulnerability has been resolved:
soc: qcom: cmd-db: Map shared memory as WC, not WB (CVE-2024-46689)
In the Linux kernel, the following vulnerability has been resolved:
KVM: arm64: Make ICC_*SGI*_EL1 undef in the absence of a vGICv3 (CVE-2024-46707)
In the Linux kernel, the following vulnerability has been resolved:
fou: Fix null-ptr-deref in GRO. (CVE-2024-46763)
Affected Packages:
kernel
Note:
This advisory is applicable to Amazon Linux 2 - Kernel-5.10 Extra. Visit this page to learn more about Amazon Linux 2 (AL2) Extras and this FAQ section for the difference between AL2 Core and AL2 Extras advisories.
Issue Correction:
Run yum update kernel or yum update --advisory ALAS2KERNEL-5.10-2024-071 to update your system.
System reboot is required in order to complete this update.
aarch64:
kernel-5.10.225-213.878.amzn2.aarch64
kernel-headers-5.10.225-213.878.amzn2.aarch64
kernel-debuginfo-common-aarch64-5.10.225-213.878.amzn2.aarch64
perf-5.10.225-213.878.amzn2.aarch64
perf-debuginfo-5.10.225-213.878.amzn2.aarch64
python-perf-5.10.225-213.878.amzn2.aarch64
python-perf-debuginfo-5.10.225-213.878.amzn2.aarch64
kernel-tools-5.10.225-213.878.amzn2.aarch64
kernel-tools-devel-5.10.225-213.878.amzn2.aarch64
kernel-tools-debuginfo-5.10.225-213.878.amzn2.aarch64
bpftool-5.10.225-213.878.amzn2.aarch64
bpftool-debuginfo-5.10.225-213.878.amzn2.aarch64
kernel-devel-5.10.225-213.878.amzn2.aarch64
kernel-debuginfo-5.10.225-213.878.amzn2.aarch64
kernel-livepatch-5.10.225-213.878-1.0-0.amzn2.aarch64
i686:
kernel-headers-5.10.225-213.878.amzn2.i686
src:
kernel-5.10.225-213.878.amzn2.src
x86_64:
kernel-5.10.225-213.878.amzn2.x86_64
kernel-headers-5.10.225-213.878.amzn2.x86_64
kernel-debuginfo-common-x86_64-5.10.225-213.878.amzn2.x86_64
perf-5.10.225-213.878.amzn2.x86_64
perf-debuginfo-5.10.225-213.878.amzn2.x86_64
python-perf-5.10.225-213.878.amzn2.x86_64
python-perf-debuginfo-5.10.225-213.878.amzn2.x86_64
kernel-tools-5.10.225-213.878.amzn2.x86_64
kernel-tools-devel-5.10.225-213.878.amzn2.x86_64
kernel-tools-debuginfo-5.10.225-213.878.amzn2.x86_64
bpftool-5.10.225-213.878.amzn2.x86_64
bpftool-debuginfo-5.10.225-213.878.amzn2.x86_64
kernel-devel-5.10.225-213.878.amzn2.x86_64
kernel-debuginfo-5.10.225-213.878.amzn2.x86_64
kernel-livepatch-5.10.225-213.878-1.0-0.amzn2.x86_64
2025-10-02: CVE-2024-43853 was added to this advisory.
2025-10-02: CVE-2024-44947 was added to this advisory.
2025-10-02: CVE-2024-44989 was added to this advisory.
2025-10-02: CVE-2024-45021 was added to this advisory.
2025-10-02: CVE-2024-45006 was added to this advisory.
2025-10-02: CVE-2024-45008 was added to this advisory.
2025-10-02: CVE-2024-44990 was added to this advisory.
2025-10-02: CVE-2024-45018 was added to this advisory.
2025-07-29: CVE-2024-45016 was added to this advisory.
2024-11-08: CVE-2024-42228 was added to this advisory.
2024-11-08: CVE-2024-41098 was added to this advisory.
2024-11-08: CVE-2024-41011 was added to this advisory.