Amazon Linux 2023 Security Advisory: ALAS2023-2025-1144
Advisory Released Date: 2025-08-08
Advisory Updated Date: 2025-08-26
FAQs regarding Amazon Linux ALAS/CVE Severity
In the Linux kernel, the following vulnerability has been resolved:
xsk: Fix race condition in AF_XDP generic RX path (CVE-2025-37920)
In the Linux kernel, the following vulnerability has been resolved:
virtio: break and reset virtio devices on device_shutdown() (CVE-2025-38064)
In the Linux kernel, the following vulnerability has been resolved:
rseq: Fix segfault on registration when rseq_cs is non-zero (CVE-2025-38067)
In the Linux kernel, the following vulnerability has been resolved:
smb: client: fix potential deadlock when reconnecting channels (CVE-2025-38244)
In the Linux kernel, the following vulnerability has been resolved:
bridge: mcast: Fix use-after-free during router port configuration (CVE-2025-38248)
In the Linux kernel, the following vulnerability has been resolved:
fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (CVE-2025-38396)
Affected Packages:
kernel
Issue Correction:
Run dnf update kernel --releasever 2023.8.20250808 or dnf update --advisory ALAS2023-2025-1144 --releasever 2023.8.20250808 to update your system.
More information on how to update your system can be found on this page: Amazon Linux 2023 documentation
System reboot is required in order to complete this update.
aarch64:
kernel-libbpf-6.1.147-172.266.amzn2023.aarch64
kernel-modules-extra-common-6.1.147-172.266.amzn2023.aarch64
python3-perf-6.1.147-172.266.amzn2023.aarch64
perf-debuginfo-6.1.147-172.266.amzn2023.aarch64
kernel-libbpf-debuginfo-6.1.147-172.266.amzn2023.aarch64
kernel-tools-devel-6.1.147-172.266.amzn2023.aarch64
python3-perf-debuginfo-6.1.147-172.266.amzn2023.aarch64
kernel-libbpf-static-6.1.147-172.266.amzn2023.aarch64
kernel-livepatch-6.1.147-172.266-1.0-0.amzn2023.aarch64
bpftool-debuginfo-6.1.147-172.266.amzn2023.aarch64
bpftool-6.1.147-172.266.amzn2023.aarch64
kernel-tools-debuginfo-6.1.147-172.266.amzn2023.aarch64
perf-6.1.147-172.266.amzn2023.aarch64
kernel-libbpf-devel-6.1.147-172.266.amzn2023.aarch64
kernel-modules-extra-6.1.147-172.266.amzn2023.aarch64
kernel-tools-6.1.147-172.266.amzn2023.aarch64
kernel-debuginfo-6.1.147-172.266.amzn2023.aarch64
kernel-6.1.147-172.266.amzn2023.aarch64
kernel-headers-6.1.147-172.266.amzn2023.aarch64
kernel-debuginfo-common-aarch64-6.1.147-172.266.amzn2023.aarch64
kernel-devel-6.1.147-172.266.amzn2023.aarch64
src:
kernel-6.1.147-172.266.amzn2023.src
x86_64:
python3-perf-debuginfo-6.1.147-172.266.amzn2023.x86_64
kernel-tools-6.1.147-172.266.amzn2023.x86_64
kernel-modules-extra-common-6.1.147-172.266.amzn2023.x86_64
perf-6.1.147-172.266.amzn2023.x86_64
kernel-libbpf-6.1.147-172.266.amzn2023.x86_64
kernel-libbpf-devel-6.1.147-172.266.amzn2023.x86_64
kernel-tools-devel-6.1.147-172.266.amzn2023.x86_64
bpftool-6.1.147-172.266.amzn2023.x86_64
kernel-livepatch-6.1.147-172.266-1.0-0.amzn2023.x86_64
perf-debuginfo-6.1.147-172.266.amzn2023.x86_64
bpftool-debuginfo-6.1.147-172.266.amzn2023.x86_64
kernel-headers-6.1.147-172.266.amzn2023.x86_64
kernel-libbpf-static-6.1.147-172.266.amzn2023.x86_64
kernel-tools-debuginfo-6.1.147-172.266.amzn2023.x86_64
python3-perf-6.1.147-172.266.amzn2023.x86_64
kernel-libbpf-debuginfo-6.1.147-172.266.amzn2023.x86_64
kernel-modules-extra-6.1.147-172.266.amzn2023.x86_64
kernel-debuginfo-6.1.147-172.266.amzn2023.x86_64
kernel-6.1.147-172.266.amzn2023.x86_64
kernel-debuginfo-common-x86_64-6.1.147-172.266.amzn2023.x86_64
kernel-devel-6.1.147-172.266.amzn2023.x86_64
2025-08-26: CVE-2025-38396 was added to this advisory.
2025-08-26: CVE-2025-38244 was added to this advisory.
2025-08-26: CVE-2025-38248 was added to this advisory.