ALAS2023-2025-1137

Amazon Linux 2023 Security Advisory: ALAS2023-2025-1137
Advisory Released Date: 2025-08-18
Advisory Updated Date: 2025-08-18
Severity: Medium
Issue Overview:

There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above. (CVE-2025-6965)


Affected Packages:

nodejs22


Issue Correction:
Run dnf update nodejs22 --releasever 2023.8.20250818 or dnf update --advisory ALAS2023-2025-1137 --releasever 2023.8.20250818 to update your system.
More information on how to update your system can be found on this page: Amazon Linux 2023 documentation

New Packages:
aarch64:
    nodejs22-libs-debuginfo-22.18.0-1.amzn2023.0.1.aarch64
    nodejs22-debuginfo-22.18.0-1.amzn2023.0.1.aarch64
    nodejs22-full-i18n-22.18.0-1.amzn2023.0.1.aarch64
    v8-12.4-devel-12.4.254.21-1.22.18.0.1.amzn2023.0.1.aarch64
    nodejs22-devel-22.18.0-1.amzn2023.0.1.aarch64
    nodejs22-22.18.0-1.amzn2023.0.1.aarch64
    nodejs22-libs-22.18.0-1.amzn2023.0.1.aarch64
    nodejs22-npm-10.9.3-1.22.18.0.1.amzn2023.0.1.aarch64
    nodejs22-debugsource-22.18.0-1.amzn2023.0.1.aarch64

noarch:
    nodejs22-docs-22.18.0-1.amzn2023.0.1.noarch

src:
    nodejs22-22.18.0-1.amzn2023.0.1.src

x86_64:
    nodejs22-full-i18n-22.18.0-1.amzn2023.0.1.x86_64
    nodejs22-libs-debuginfo-22.18.0-1.amzn2023.0.1.x86_64
    nodejs22-debuginfo-22.18.0-1.amzn2023.0.1.x86_64
    v8-12.4-devel-12.4.254.21-1.22.18.0.1.amzn2023.0.1.x86_64
    nodejs22-22.18.0-1.amzn2023.0.1.x86_64
    nodejs22-devel-22.18.0-1.amzn2023.0.1.x86_64
    nodejs22-libs-22.18.0-1.amzn2023.0.1.x86_64
    nodejs22-npm-10.9.3-1.22.18.0.1.amzn2023.0.1.x86_64
    nodejs22-debugsource-22.18.0-1.amzn2023.0.1.x86_64

Additional References

Release Notes:  Amazon Linux 2023 Release Notes

Red Hat: CVE-2025-6965

Mitre: CVE-2025-6965