Amazon Linux 2 Security Advisory: ALAS2LIVEPATCH-2025-204
Advisory Released Date: 2025-03-06
Advisory Updated Date: 2025-03-06
Severity:
Important
Issue Overview:
In the Linux kernel, the following vulnerability has been resolved:
tipc: guard against string buffer overrun (CVE-2024-49995)
In the Linux kernel, the following vulnerability has been resolved:
dm cache: fix out-of-bounds access to the dirty bitset when resizing (CVE-2024-50279)
Affected Packages:
kernel-livepatch-4.14.355-275.570
Issue Correction:
Run yum update kernel-livepatch-4.14.355-275.570 to update your system.
New Packages:
src:
kernel-livepatch-4.14.355-275.570-1.0-1.amzn2.src
x86_64:
kernel-livepatch-4.14.355-275.570-1.0-1.amzn2.x86_64