ALAS2KERNEL-5.4-2025-109

Amazon Linux 2 Security Advisory: ALAS2KERNEL-5.4-2025-109
Advisory Released Date: 2025-09-16
Advisory Updated Date: 2025-09-16
Severity: Important
Issue Overview:

In the Linux kernel, the following vulnerability has been resolved:

cifs: Fix UAF in cifs_demultiplex_thread() (CVE-2023-52572)

In the Linux kernel, the following vulnerability has been resolved:

nfs: fix UAF in direct writes (CVE-2024-26958)

In the Linux kernel, the following vulnerability has been resolved:

net_sched: sch_sfq: don't allow 1 packet limit (CVE-2024-57996)

In the Linux kernel, the following vulnerability has been resolved:

codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() (CVE-2025-37798)

In the Linux kernel, the following vulnerability has been resolved:

dma-buf: insert memory barrier before updating num_fences (CVE-2025-38095)

In the Linux kernel, the following vulnerability has been resolved:

sch_hfsc: make hfsc_qlen_notify() idempotent (CVE-2025-38177)

In the Linux kernel, the following vulnerability has been resolved:

net_sched: sch_sfq: reject invalid perturb period (CVE-2025-38193)

In the Linux kernel, the following vulnerability has been resolved:

virtio-net: ensure the received length does not exceed allocated size (CVE-2025-38375)

In the Linux kernel, the following vulnerability has been resolved:

usb: net: sierra: check for no status endpoint (CVE-2025-38474)

In the Linux kernel, the following vulnerability has been resolved:

net/sched: sch_qfq: Fix race condition on qfq_aggregate (CVE-2025-38477)

In the Linux kernel, the following vulnerability has been resolved:

HID: core: do not bypass hid_hw_raw_request (CVE-2025-38494)

In the Linux kernel, the following vulnerability has been resolved:

HID: core: ensure the allocated report buffer can contain the reserved report ID (CVE-2025-38495)

In the Linux kernel, the following vulnerability has been resolved:

clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (CVE-2025-38499)

In the Linux kernel, the following vulnerability has been resolved:

net/sched: Restrict conditions for adding duplicating netems to qdisc tree (CVE-2025-38553)

In the Linux kernel, the following vulnerability has been resolved:

ipv6: reject malicious packets in ipv6_gso_segment() (CVE-2025-38572)

In the Linux kernel, the following vulnerability has been resolved:

net/packet: fix a race in packet_set_ring() and packet_notifier() (CVE-2025-38617)

In the Linux kernel, the following vulnerability has been resolved:

vsock: Do not allow binding to VMADDR_PORT_ANY (CVE-2025-38618)

In the Linux kernel, the following vulnerability has been resolved:

net: drop UFO packets in udp_rcv_segment() (CVE-2025-38622)

In the Linux kernel, the following vulnerability has been resolved:

hfsplus: remove mutex_lock check in hfsplus_free_extents (CVE-2025-38650)

In the Linux kernel, the following vulnerability has been resolved:

regulator: core: fix NULL dereference on unbind due to stale coupling data (CVE-2025-38668)

In the Linux kernel, the following vulnerability has been resolved:

scsi: lpfc: Check for hdwq null ptr when cleaning up lpfc_vport structure (CVE-2025-38695)


Affected Packages:

kernel


Note:

This advisory is applicable to Amazon Linux 2 - Kernel-5.4 Extra. Visit this page to learn more about Amazon Linux 2 (AL2) Extras and this FAQ section for the difference between AL2 Core and AL2 Extras advisories.


Issue Correction:
Run yum update kernel or yum update --advisory ALAS2KERNEL-5.4-2025-109 to update your system.
System reboot is required in order to complete this update.

New Packages:
aarch64:
    kernel-5.4.298-218.429.amzn2.aarch64
    kernel-headers-5.4.298-218.429.amzn2.aarch64
    kernel-debuginfo-common-aarch64-5.4.298-218.429.amzn2.aarch64
    perf-5.4.298-218.429.amzn2.aarch64
    perf-debuginfo-5.4.298-218.429.amzn2.aarch64
    python-perf-5.4.298-218.429.amzn2.aarch64
    python-perf-debuginfo-5.4.298-218.429.amzn2.aarch64
    kernel-tools-5.4.298-218.429.amzn2.aarch64
    kernel-tools-devel-5.4.298-218.429.amzn2.aarch64
    kernel-tools-debuginfo-5.4.298-218.429.amzn2.aarch64
    bpftool-5.4.298-218.429.amzn2.aarch64
    bpftool-debuginfo-5.4.298-218.429.amzn2.aarch64
    kernel-devel-5.4.298-218.429.amzn2.aarch64
    kernel-debuginfo-5.4.298-218.429.amzn2.aarch64

i686:
    kernel-headers-5.4.298-218.429.amzn2.i686

src:
    kernel-5.4.298-218.429.amzn2.src

x86_64:
    kernel-5.4.298-218.429.amzn2.x86_64
    kernel-headers-5.4.298-218.429.amzn2.x86_64
    kernel-debuginfo-common-x86_64-5.4.298-218.429.amzn2.x86_64
    perf-5.4.298-218.429.amzn2.x86_64
    perf-debuginfo-5.4.298-218.429.amzn2.x86_64
    python-perf-5.4.298-218.429.amzn2.x86_64
    python-perf-debuginfo-5.4.298-218.429.amzn2.x86_64
    kernel-tools-5.4.298-218.429.amzn2.x86_64
    kernel-tools-devel-5.4.298-218.429.amzn2.x86_64
    kernel-tools-debuginfo-5.4.298-218.429.amzn2.x86_64
    bpftool-5.4.298-218.429.amzn2.x86_64
    bpftool-debuginfo-5.4.298-218.429.amzn2.x86_64
    kernel-devel-5.4.298-218.429.amzn2.x86_64
    kernel-debuginfo-5.4.298-218.429.amzn2.x86_64

Additional References

Release Notes:  Amazon Linux 2 Release Notes

Red Hat: CVE-2023-52572, CVE-2024-26958, CVE-2024-57996, CVE-2025-37798, CVE-2025-38095, CVE-2025-38177, CVE-2025-38193, CVE-2025-38375, CVE-2025-38474, CVE-2025-38477, CVE-2025-38494, CVE-2025-38495, CVE-2025-38499, CVE-2025-38553, CVE-2025-38572, CVE-2025-38617, CVE-2025-38618, CVE-2025-38622, CVE-2025-38650, CVE-2025-38668, CVE-2025-38695

Mitre: CVE-2023-52572, CVE-2024-26958, CVE-2024-57996, CVE-2025-37798, CVE-2025-38095, CVE-2025-38177, CVE-2025-38193, CVE-2025-38375, CVE-2025-38474, CVE-2025-38477, CVE-2025-38494, CVE-2025-38495, CVE-2025-38499, CVE-2025-38553, CVE-2025-38572, CVE-2025-38617, CVE-2025-38618, CVE-2025-38622, CVE-2025-38650, CVE-2025-38668, CVE-2025-38695