Amazon Linux 2 Security Advisory: ALAS2KERNEL-5.10-2025-098
Advisory Released Date: 2025-07-30
Advisory Updated Date: 2025-07-30
FAQs regarding Amazon Linux ALAS/CVE Severity
In the Linux kernel, the following vulnerability has been resolved:
netfilter: flowtable: fix stuck flows on cleanup due to pending work (CVE-2022-50000)
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nft_socket: fix sk refcount leaks (CVE-2024-46855)
In the Linux kernel, the following vulnerability has been resolved:
mm: hugetlb: independent PMD page table shared count (CVE-2024-57883)
In the Linux kernel, the following vulnerability has been resolved:
net_sched: sch_sfq: don't allow 1 packet limit (CVE-2024-57996)
In the Linux kernel, the following vulnerability has been resolved:
mm/huge_memory: fix dereferencing invalid pmd migration entry (CVE-2025-37958)
In the Linux kernel, the following vulnerability has been resolved:
arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users (CVE-2025-37963)
In the Linux kernel, the following vulnerability has been resolved:
mm/hugetlb: unshare page tables during VMA split, not before (CVE-2025-38084)
In the Linux kernel, the following vulnerability has been resolved:
RDMA/mlx5: Fix error flow upon firmware failure for RQ destruction (CVE-2025-38161)
Affected Packages:
kernel
Note:
This advisory is applicable to Amazon Linux 2 - Kernel-5.10 Extra. Visit this page to learn more about Amazon Linux 2 (AL2) Extras and this FAQ section for the difference between AL2 Core and AL2 Extras advisories.
Issue Correction:
Run yum update kernel to update your system.
System reboot is required in order to complete this update.
aarch64:
kernel-5.10.239-236.958.amzn2.aarch64
kernel-headers-5.10.239-236.958.amzn2.aarch64
kernel-debuginfo-common-aarch64-5.10.239-236.958.amzn2.aarch64
perf-5.10.239-236.958.amzn2.aarch64
perf-debuginfo-5.10.239-236.958.amzn2.aarch64
python-perf-5.10.239-236.958.amzn2.aarch64
python-perf-debuginfo-5.10.239-236.958.amzn2.aarch64
kernel-tools-5.10.239-236.958.amzn2.aarch64
kernel-tools-devel-5.10.239-236.958.amzn2.aarch64
kernel-tools-debuginfo-5.10.239-236.958.amzn2.aarch64
bpftool-5.10.239-236.958.amzn2.aarch64
bpftool-debuginfo-5.10.239-236.958.amzn2.aarch64
kernel-devel-5.10.239-236.958.amzn2.aarch64
kernel-debuginfo-5.10.239-236.958.amzn2.aarch64
kernel-livepatch-5.10.239-236.958-1.0-0.amzn2.aarch64
i686:
kernel-headers-5.10.239-236.958.amzn2.i686
src:
kernel-5.10.239-236.958.amzn2.src
x86_64:
kernel-5.10.239-236.958.amzn2.x86_64
kernel-headers-5.10.239-236.958.amzn2.x86_64
kernel-debuginfo-common-x86_64-5.10.239-236.958.amzn2.x86_64
perf-5.10.239-236.958.amzn2.x86_64
perf-debuginfo-5.10.239-236.958.amzn2.x86_64
python-perf-5.10.239-236.958.amzn2.x86_64
python-perf-debuginfo-5.10.239-236.958.amzn2.x86_64
kernel-tools-5.10.239-236.958.amzn2.x86_64
kernel-tools-devel-5.10.239-236.958.amzn2.x86_64
kernel-tools-debuginfo-5.10.239-236.958.amzn2.x86_64
bpftool-5.10.239-236.958.amzn2.x86_64
bpftool-debuginfo-5.10.239-236.958.amzn2.x86_64
kernel-devel-5.10.239-236.958.amzn2.x86_64
kernel-debuginfo-5.10.239-236.958.amzn2.x86_64
kernel-livepatch-5.10.239-236.958-1.0-0.amzn2.x86_64