Amazon Linux 2 Security Advisory: ALAS2LIVEPATCH-2025-232
Advisory Released Date: 2025-05-29
Advisory Updated Date: 2025-05-29
Severity:
Important
Issue Overview:
In the Linux kernel, the following vulnerability has been resolved:
geneve: Fix use-after-free in geneve_find_dev(). (CVE-2025-21858)
In the Linux kernel, the following vulnerability has been resolved:
vlan: enforce underlying device type (CVE-2025-21920)
Affected Packages:
kernel-livepatch-4.14.355-276.618
Issue Correction:
Run yum update kernel-livepatch-4.14.355-276.618 to update your system.
New Packages:
src:
kernel-livepatch-4.14.355-276.618-1.0-7.amzn2.src
x86_64:
kernel-livepatch-4.14.355-276.618-1.0-7.amzn2.x86_64