Amazon Linux 2023 Security Advisory: ALAS2023-2025-1052
Advisory Released Date: 2025-07-10
Advisory Updated Date: 2025-07-10
FAQs regarding Amazon Linux ALAS/CVE Severity
In the Linux kernel, the following vulnerability has been resolved:
sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (CVE-2025-38000)
In the Linux kernel, the following vulnerability has been resolved:
can: bcm: add missing rcu read protection for procfs content (CVE-2025-38003)
In the Linux kernel, the following vulnerability has been resolved:
can: bcm: add locking for bcm_op runtime updates (CVE-2025-38004)
In the Linux kernel, the following vulnerability has been resolved:
vxlan: Annotate FDB data races (CVE-2025-38037)
In the Linux kernel, the following vulnerability has been resolved:
cpufreq: amd-pstate: Remove unnecessary driver_lock in set_boost (CVE-2025-38038)
In the Linux kernel, the following vulnerability has been resolved:
net/mlx5e: Avoid WARN_ON when configuring MQPRIO with HTB offload enabled (CVE-2025-38039)
In the Linux kernel, the following vulnerability has been resolved:
serial: mctrl_gpio: split disable_ms into sync and no_sync APIs (CVE-2025-38040)
In the Linux kernel, the following vulnerability has been resolved:
virtio_ring: Fix data race by tagging event_triggered as racy for KCSAN (CVE-2025-38048)
In the Linux kernel, the following vulnerability has been resolved:
smb: client: Fix use-after-free in cifs_fill_dirent (CVE-2025-38051)
In the Linux kernel, the following vulnerability has been resolved:
perf/x86/intel: Fix segfault with PEBS-via-PT with sample_freq (CVE-2025-38055)
In the Linux kernel, the following vulnerability has been resolved:
__legitimize_mnt(): check for MNT_SYNC_UMOUNT should be under mount_lock (CVE-2025-38058)
In the Linux kernel, the following vulnerability has been resolved:
bpf: copy_verifier_state() should copy 'loop_entry' field (CVE-2025-38060)
In the Linux kernel, the following vulnerability has been resolved:
genirq/msi: Store the IOMMU IOVA directly in msi_desc instead of iommu_cookie (CVE-2025-38062)
In the Linux kernel, the following vulnerability has been resolved:
dm: fix unconditional IO throttle caused by REQ_PREFLUSH (CVE-2025-38063)
In the Linux kernel, the following vulnerability has been resolved:
dm cache: prevent BUG_ON by blocking retries on failed device resumes (CVE-2025-38066)
In the Linux kernel, the following vulnerability has been resolved:
x86/mm: Check return value from memblock_phys_alloc_range() (CVE-2025-38071)
In the Linux kernel, the following vulnerability has been resolved:
libnvdimm/labels: Fix divide error in nd_label_data_init() (CVE-2025-38072)
In the Linux kernel, the following vulnerability has been resolved:
block: fix race between set_blocksize and read paths (CVE-2025-38073)
In the Linux kernel, the following vulnerability has been resolved:
scsi: target: iscsi: Fix timeout on deleted connection (CVE-2025-38075)
In the Linux kernel, the following vulnerability has been resolved:
crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079)
Affected Packages:
kernel6.12
Issue Correction:
Run dnf update kernel6.12 --releasever 2023.7.20250623 to update your system.
aarch64:
python3-perf6.12-6.12.31-35.92.amzn2023.aarch64
perf6.12-debuginfo-6.12.31-35.92.amzn2023.aarch64
kernel-tools-devel-6.12.31-35.92.amzn2023.aarch64
kernel-libbpf-static-6.12.31-35.92.amzn2023.aarch64
kernel-tools-6.12.31-35.92.amzn2023.aarch64
bpftool-debuginfo-6.12.31-35.92.amzn2023.aarch64
kernel6.12-modules-extra-6.12.31-35.92.amzn2023.aarch64
perf6.12-6.12.31-35.92.amzn2023.aarch64
kernel-libbpf-debuginfo-6.12.31-35.92.amzn2023.aarch64
python3-perf6.12-debuginfo-6.12.31-35.92.amzn2023.aarch64
bpftool-6.12.31-35.92.amzn2023.aarch64
kernel-modules-extra-common-6.12.31-35.92.amzn2023.aarch64
kernel-libbpf-6.12.31-35.92.amzn2023.aarch64
kernel-tools-debuginfo-6.12.31-35.92.amzn2023.aarch64
kernel-libbpf-devel-6.12.31-35.92.amzn2023.aarch64
kernel6.12-debuginfo-6.12.31-35.92.amzn2023.aarch64
kernel-livepatch-6.12.31-35.92-1.0-0.amzn2023.aarch64
kernel-headers-6.12.31-35.92.amzn2023.aarch64
kernel6.12-6.12.31-35.92.amzn2023.aarch64
kernel6.12-debuginfo-common-aarch64-6.12.31-35.92.amzn2023.aarch64
kernel-devel-6.12.31-35.92.amzn2023.aarch64
src:
kernel6.12-6.12.31-35.92.amzn2023.src
x86_64:
kernel-livepatch-6.12.31-35.92-1.0-0.amzn2023.x86_64
kernel-libbpf-debuginfo-6.12.31-35.92.amzn2023.x86_64
kernel6.12-modules-extra-6.12.31-35.92.amzn2023.x86_64
kernel-tools-6.12.31-35.92.amzn2023.x86_64
kernel-tools-debuginfo-6.12.31-35.92.amzn2023.x86_64
bpftool-6.12.31-35.92.amzn2023.x86_64
kernel-libbpf-6.12.31-35.92.amzn2023.x86_64
bpftool-debuginfo-6.12.31-35.92.amzn2023.x86_64
kernel-libbpf-devel-6.12.31-35.92.amzn2023.x86_64
perf6.12-debuginfo-6.12.31-35.92.amzn2023.x86_64
kernel-libbpf-static-6.12.31-35.92.amzn2023.x86_64
kernel-tools-devel-6.12.31-35.92.amzn2023.x86_64
kernel-modules-extra-common-6.12.31-35.92.amzn2023.x86_64
python3-perf6.12-6.12.31-35.92.amzn2023.x86_64
python3-perf6.12-debuginfo-6.12.31-35.92.amzn2023.x86_64
perf6.12-6.12.31-35.92.amzn2023.x86_64
kernel-headers-6.12.31-35.92.amzn2023.x86_64
kernel6.12-debuginfo-6.12.31-35.92.amzn2023.x86_64
kernel6.12-6.12.31-35.92.amzn2023.x86_64
kernel6.12-debuginfo-common-x86_64-6.12.31-35.92.amzn2023.x86_64
kernel-devel-6.12.31-35.92.amzn2023.x86_64