ALAS2KERNEL-5.4-2025-099

Amazon Linux 2 Security Advisory: ALAS2KERNEL-5.4-2025-099
Advisory Released Date: 2025-04-16
Advisory Updated Date: 2025-05-21
Severity: Important
Issue Overview:

A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS. A local user could use this flaw to crash the system. (CVE-2021-20321)

A flaw was found in the Linux kernel. A memory leak in the ccp-ops crypto driver can allow attackers to cause a denial of service. This vulnerability is similar with the older CVE-2019-18808. The highest threat from this vulnerability is to system availability. (CVE-2021-3744)

A memory leak flaw was found in the Linux kernel's ccp_run_aes_gcm_cmd() function that allows an attacker to cause a denial of service. The vulnerability is similar to the older CVE-2019-18808. The highest threat from this vulnerability is to system availability. (CVE-2021-3764)

An out-of-bounds (OOB) memory write flaw was found in prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the bpf in the Linux kernel. In this flaw, the multiplication to calculate the size could lead to an integer overflow which could allow a local attacker, with a special user privilege, to gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information. (CVE-2021-41864)

In the Linux kernel, the following vulnerability has been resolved:

binder: make sure fd closes complete (CVE-2021-47360)

In the Linux kernel, the following vulnerability has been resolved:

irqchip/gic-v3-its: Fix potential VPE leak on error (CVE-2021-47373)

In the Linux kernel, the following vulnerability has been resolved:

blktrace: Fix uaf in blk_trace access after removing by sysfs (CVE-2021-47375)

In the Linux kernel, the following vulnerability has been resolved:

bpf: Add oversize check before call kvcalloc() (CVE-2021-47376)

In the Linux kernel, the following vulnerability has been resolved:

blk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd (CVE-2021-47379)

In the Linux kernel, the following vulnerability has been resolved:

tty: Fix out-of-bound vmalloc access in imageblit (CVE-2021-47383)

In the Linux kernel, the following vulnerability has been resolved:

hwmon: (w83793) Fix NULL pointer dereference by removing unnecessary structure field (CVE-2021-47384)

In the Linux kernel, the following vulnerability has been resolved:

hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary structure field (CVE-2021-47385)

In the Linux kernel, the following vulnerability has been resolved:

hwmon: (w83791d) Fix NULL pointer dereference by removing unnecessary structure field (CVE-2021-47386)

In the Linux kernel, the following vulnerability has been resolved:

cpufreq: schedutil: Use kobject release() method to free sugov_tunables (CVE-2021-47387)

In the Linux kernel, the following vulnerability has been resolved:

sctp: break out if skb_header_pointer returns NULL in sctp_rcv_ootb (CVE-2021-47397)

In the Linux kernel, the following vulnerability has been resolved:

net: sched: flower: protect fl_walk() with rcu (CVE-2021-47402)

In the Linux kernel, the following vulnerability has been resolved:

HID: betop: fix slab-out-of-bounds Write in betop_probe (CVE-2021-47404)

In the Linux kernel, the following vulnerability has been resolved:

HID: usbhid: free raw_report buffers in usbhid_stop (CVE-2021-47405)

In the Linux kernel, the following vulnerability has been resolved:

phy: mdio: fix memory leak (CVE-2021-47416)

In the Linux kernel, the following vulnerability has been resolved:

net_sched: fix NULL deref in fifo_set_limit() (CVE-2021-47418)

In the Linux kernel, the following vulnerability has been resolved:

i40e: Fix freeing of uninitialized misc IRQ vector (CVE-2021-47424)

In the Linux kernel, the following vulnerability has been resolved:

i2c: acpi: fix resource leak in reconfiguration device addition (CVE-2021-47425)

In the Linux kernel, the following vulnerability has been resolved:

xhci: Fix command ring pointer corruption while aborting a command (CVE-2021-47434)

In the Linux kernel, the following vulnerability has been resolved:

can: j1939: j1939_netdev_start(): fix UAF for rx_kref of j1939_priv (CVE-2021-47459)

In the Linux kernel, the following vulnerability has been resolved:

ocfs2: fix data corruption after conversion from inline format (CVE-2021-47460)

In the Linux kernel, the following vulnerability has been resolved:

audit: fix possible null-pointer dereference in audit_filter_rules (CVE-2021-47464)

In the Linux kernel, the following vulnerability has been resolved:

mm, slub: fix potential memoryleak in kmem_cache_open() (CVE-2021-47466)

In the Linux kernel, the following vulnerability has been resolved:

nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells (CVE-2021-47497)


Affected Packages:

kernel


Note:

This advisory is applicable to Amazon Linux 2 - Kernel-5.4 Extra. Visit this page to learn more about Amazon Linux 2 (AL2) Extras and this FAQ section for the difference between AL2 Core and AL2 Extras advisories.


Issue Correction:
Run yum update kernel to update your system.

New Packages:
aarch64:
    kernel-5.4.156-83.273.amzn2.aarch64
    kernel-headers-5.4.156-83.273.amzn2.aarch64
    kernel-debuginfo-common-aarch64-5.4.156-83.273.amzn2.aarch64
    perf-5.4.156-83.273.amzn2.aarch64
    perf-debuginfo-5.4.156-83.273.amzn2.aarch64
    python-perf-5.4.156-83.273.amzn2.aarch64
    python-perf-debuginfo-5.4.156-83.273.amzn2.aarch64
    kernel-tools-5.4.156-83.273.amzn2.aarch64
    kernel-tools-devel-5.4.156-83.273.amzn2.aarch64
    kernel-tools-debuginfo-5.4.156-83.273.amzn2.aarch64
    bpftool-5.4.156-83.273.amzn2.aarch64
    bpftool-debuginfo-5.4.156-83.273.amzn2.aarch64
    kernel-devel-5.4.156-83.273.amzn2.aarch64
    kernel-debuginfo-5.4.156-83.273.amzn2.aarch64

i686:
    kernel-headers-5.4.156-83.273.amzn2.i686

src:
    kernel-5.4.156-83.273.amzn2.src

x86_64:
    kernel-5.4.156-83.273.amzn2.x86_64
    kernel-headers-5.4.156-83.273.amzn2.x86_64
    kernel-debuginfo-common-x86_64-5.4.156-83.273.amzn2.x86_64
    perf-5.4.156-83.273.amzn2.x86_64
    perf-debuginfo-5.4.156-83.273.amzn2.x86_64
    python-perf-5.4.156-83.273.amzn2.x86_64
    python-perf-debuginfo-5.4.156-83.273.amzn2.x86_64
    kernel-tools-5.4.156-83.273.amzn2.x86_64
    kernel-tools-devel-5.4.156-83.273.amzn2.x86_64
    kernel-tools-debuginfo-5.4.156-83.273.amzn2.x86_64
    bpftool-5.4.156-83.273.amzn2.x86_64
    bpftool-debuginfo-5.4.156-83.273.amzn2.x86_64
    kernel-devel-5.4.156-83.273.amzn2.x86_64
    kernel-debuginfo-5.4.156-83.273.amzn2.x86_64

Additional References

Release Notes:  Amazon Linux 2 Release Notes

Red Hat: CVE-2021-20321, CVE-2021-3744, CVE-2021-3764, CVE-2021-41864, CVE-2021-47360, CVE-2021-47373, CVE-2021-47375, CVE-2021-47376, CVE-2021-47379, CVE-2021-47383, CVE-2021-47384, CVE-2021-47385, CVE-2021-47386, CVE-2021-47387, CVE-2021-47397, CVE-2021-47402, CVE-2021-47404, CVE-2021-47405, CVE-2021-47416, CVE-2021-47418, CVE-2021-47424, CVE-2021-47425, CVE-2021-47434, CVE-2021-47459, CVE-2021-47460, CVE-2021-47464, CVE-2021-47466, CVE-2021-47497

Mitre: CVE-2021-20321, CVE-2021-3744, CVE-2021-3764, CVE-2021-41864, CVE-2021-47360, CVE-2021-47373, CVE-2021-47375, CVE-2021-47376, CVE-2021-47379, CVE-2021-47383, CVE-2021-47384, CVE-2021-47385, CVE-2021-47386, CVE-2021-47387, CVE-2021-47397, CVE-2021-47402, CVE-2021-47404, CVE-2021-47405, CVE-2021-47416, CVE-2021-47418, CVE-2021-47424, CVE-2021-47425, CVE-2021-47434, CVE-2021-47459, CVE-2021-47460, CVE-2021-47464, CVE-2021-47466, CVE-2021-47497