ALAS2LIVEPATCH-2025-228

References: CVE-2024-47757  CVE-2024-49882  CVE-2024-50036  CVE-2024-50264  CVE-2024-50301  CVE-2024-56650  CVE-2025-21796 
FAQs regarding Amazon Linux ALAS/CVE Severity

Issue Overview:

In the Linux kernel, the following vulnerability has been resolved:

nilfs2: fix potential oob read in nilfs_btree_check_delete() (CVE-2024-47757)

In the Linux kernel, the following vulnerability has been resolved:

ext4: fix double brelse() the buffer of the extents path (CVE-2024-49882)

In the Linux kernel, the following vulnerability has been resolved:

net: do not delay dst_entries_add() in dst_release() (CVE-2024-50036)

In the Linux kernel, the following vulnerability has been resolved:

vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (CVE-2024-50264)

In the Linux kernel, the following vulnerability has been resolved:

security/keys: fix slab-out-of-bounds in key_task_permission (CVE-2024-50301)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: x_tables: fix LED ID check in led_tg_check() (CVE-2024-56650)

In the Linux kernel, the following vulnerability has been resolved:

nfsd: clear acl_access/acl_default after releasing them (CVE-2025-21796)

Issue Correction:
Run yum update kernel-livepatch-4.14.355-275.603 to update your system.

New Packages:

src:
    kernel-livepatch-4.14.355-275.603-1.0-7.amzn2.src

x86_64:
    kernel-livepatch-4.14.355-275.603-1.0-7.amzn2.x86_64