Amazon Linux 2 Security Advisory: ALAS2LIVEPATCH-2025-233
Advisory Released Date: 2025-05-29
Advisory Updated Date: 2025-05-29
Severity:
Important
Issue Overview:
In the Linux kernel, the following vulnerability has been resolved:
geneve: Fix use-after-free in geneve_find_dev(). (CVE-2025-21858)
In the Linux kernel, the following vulnerability has been resolved:
vlan: enforce underlying device type (CVE-2025-21920)
Affected Packages:
kernel-livepatch-4.14.355-275.603
Issue Correction:
Run yum update kernel-livepatch-4.14.355-275.603 to update your system.
New Packages:
src:
kernel-livepatch-4.14.355-275.603-1.0-8.amzn2.src
x86_64:
kernel-livepatch-4.14.355-275.603-1.0-8.amzn2.x86_64