Amazon Linux 2023 Security Advisory: ALAS2023-2025-1013
Advisory Released Date: 2025-06-10
Advisory Updated Date: 2025-06-10
Severity:
Important
Issue Overview:
SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted. (CVE-2025-22869)
Affected Packages:
amazon-ssm-agent
Issue Correction:
Run dnf update amazon-ssm-agent --releasever 2023.7.20250609 to update your system.
New Packages:
aarch64:
amazon-ssm-agent-3.3.2299.0-1.amzn2023.aarch64
src:
amazon-ssm-agent-3.3.2299.0-1.amzn2023.src
x86_64:
amazon-ssm-agent-3.3.2299.0-1.amzn2023.x86_64