ALAS2023-2025-1297

Amazon Linux 2023 Security Advisory: ALAS2023-2025-1297
Advisory Released Date: 2025-12-08
Advisory Updated Date: 2025-12-08

Severity: Important

References: CVE-2025-40019 CVE-2025-40040 CVE-2025-40042 CVE-2025-40099 CVE-2025-40100 CVE-2025-40103 CVE-2025-40104 CVE-2025-40105 CVE-2025-40111 CVE-2025-40167 CVE-2025-40173 CVE-2025-40176 CVE-2025-40178 CVE-2025-40179 CVE-2025-40183 CVE-2025-40187 CVE-2025-40190 CVE-2025-40194 CVE-2025-40197 CVE-2025-40198 CVE-2025-40200 CVE-2025-40201 CVE-2025-40204 CVE-2025-40205 CVE-2025-40207
FAQs regarding Amazon Linux ALAS/CVE Severity

Issue Overview:

In the Linux kernel, the following vulnerability has been resolved:

crypto: essiv - Check ssize for decryption and in-place encryption (CVE-2025-40019)

In the Linux kernel, the following vulnerability has been resolved:

mm/ksm: fix flag-dropping behavior in ksm_madvise (CVE-2025-40040)

In the Linux kernel, the following vulnerability has been resolved:

tracing: Fix race condition in kprobe initialization causing NULL pointer dereference (CVE-2025-40042)

In the Linux kernel, the following vulnerability has been resolved:

cifs: parse_dfs_referrals: prevent oob on malformed input (CVE-2025-40099)

In the Linux kernel, the following vulnerability has been resolved:

btrfs: do not assert we found block group item when creating free space tree (CVE-2025-40100)

In the Linux kernel, the following vulnerability has been resolved:

smb: client: Fix refcount leak for cifs_sb_tlink (CVE-2025-40103)

In the Linux kernel, the following vulnerability has been resolved:

ixgbevf: fix mailbox API compatibility by negotiating supported features (CVE-2025-40104)

In the Linux kernel, the following vulnerability has been resolved:

vfs: Don't leak disconnected dentries on umount (CVE-2025-40105)

In the Linux kernel, the following vulnerability has been resolved:

drm/vmwgfx: Fix Use-after-free in validation (CVE-2025-40111)

In the Linux kernel, the following vulnerability has been resolved:

ext4: detect invalid INLINE_DATA + EXTENTS flag combination (CVE-2025-40167)

In the Linux kernel, the following vulnerability has been resolved:

net/ip6_tunnel: Prevent perpetual tunnel growth (CVE-2025-40173)

In the Linux kernel, the following vulnerability has been resolved:

tls: wait for pending async decryptions if tls_strp_msg_hold fails (CVE-2025-40176)

In the Linux kernel, the following vulnerability has been resolved:

pid: Add a judgment for ns null in pid_nr_ns (CVE-2025-40178)

In the Linux kernel, the following vulnerability has been resolved:

ext4: verify orphan file size is not too big (CVE-2025-40179)

In the Linux kernel, the following vulnerability has been resolved:

bpf: Fix metadata_dst leak __bpf_redirect_neigh_v{4,6} (CVE-2025-40183)

In the Linux kernel, the following vulnerability has been resolved:

net/sctp: fix a null dereference in sctp_disposition sctp_sf_do_5_1D_ce() (CVE-2025-40187)

In the Linux kernel, the following vulnerability has been resolved:

ext4: guard against EA inode refcount underflow in xattr update (CVE-2025-40190)

In the Linux kernel, the following vulnerability has been resolved:

cpufreq: intel_pstate: Fix object lifecycle issue in update_qos_request() (CVE-2025-40194)

In the Linux kernel, the following vulnerability has been resolved:

media: mc: Clear minor number before put device (CVE-2025-40197)

In the Linux kernel, the following vulnerability has been resolved:

ext4: avoid potential buffer over-read in parse_apply_sb_mount_options() (CVE-2025-40198)

In the Linux kernel, the following vulnerability has been resolved:

Squashfs: reject negative file sizes in squashfs_read_inode() (CVE-2025-40200)

In the Linux kernel, the following vulnerability has been resolved:

kernel/sys.c: fix the racy usage of task_lock(tsk->group_leader) in sys_prlimit64() paths (CVE-2025-40201)

In the Linux kernel, the following vulnerability has been resolved:

sctp: Fix MAC comparison to be constant-time (CVE-2025-40204)

In the Linux kernel, the following vulnerability has been resolved:

btrfs: avoid potential out-of-bounds in btrfs_encode_fh() (CVE-2025-40205)

In the Linux kernel, the following vulnerability has been resolved:

media: v4l2-subdev: Fix alloc failure check in v4l2_subdev_call_state_try() (CVE-2025-40207)

Affected Packages:

kernel

Issue Correction:
Run dnf update kernel --releasever 2023.9.20251208 or dnf update --advisory ALAS2023-2025-1297 --releasever 2023.9.20251208 to update your system.
More information on how to update your system can be found on this page: Amazon Linux 2023 documentation

New Packages:

aarch64:
    kernel-libbpf-devel-6.1.158-178.288.amzn2023.aarch64
    perf-debuginfo-6.1.158-178.288.amzn2023.aarch64
    python3-perf-6.1.158-178.288.amzn2023.aarch64
    kernel-tools-6.1.158-178.288.amzn2023.aarch64
    bpftool-6.1.158-178.288.amzn2023.aarch64
    kernel-libbpf-static-6.1.158-178.288.amzn2023.aarch64
    kernel-tools-debuginfo-6.1.158-178.288.amzn2023.aarch64
    kernel-modules-extra-6.1.158-178.288.amzn2023.aarch64
    kernel-livepatch-6.1.158-178.288-1.0-0.amzn2023.aarch64
    python3-perf-debuginfo-6.1.158-178.288.amzn2023.aarch64
    bpftool-debuginfo-6.1.158-178.288.amzn2023.aarch64
    kernel-libbpf-debuginfo-6.1.158-178.288.amzn2023.aarch64
    kernel-headers-6.1.158-178.288.amzn2023.aarch64
    kernel-modules-extra-common-6.1.158-178.288.amzn2023.aarch64
    kernel-tools-devel-6.1.158-178.288.amzn2023.aarch64
    kernel-6.1.158-178.288.amzn2023.aarch64
    kernel-libbpf-6.1.158-178.288.amzn2023.aarch64
    kernel-debuginfo-6.1.158-178.288.amzn2023.aarch64
    perf-6.1.158-178.288.amzn2023.aarch64
    kernel-debuginfo-common-aarch64-6.1.158-178.288.amzn2023.aarch64
    kernel-devel-6.1.158-178.288.amzn2023.aarch64

src:
    kernel-6.1.158-178.288.amzn2023.src

x86_64:
    bpftool-6.1.158-178.288.amzn2023.x86_64
    python3-perf-debuginfo-6.1.158-178.288.amzn2023.x86_64
    kernel-libbpf-debuginfo-6.1.158-178.288.amzn2023.x86_64
    perf-6.1.158-178.288.amzn2023.x86_64
    kernel-libbpf-static-6.1.158-178.288.amzn2023.x86_64
    kernel-modules-extra-common-6.1.158-178.288.amzn2023.x86_64
    kernel-modules-extra-6.1.158-178.288.amzn2023.x86_64
    kernel-tools-6.1.158-178.288.amzn2023.x86_64
    kernel-libbpf-6.1.158-178.288.amzn2023.x86_64
    kernel-libbpf-devel-6.1.158-178.288.amzn2023.x86_64
    kernel-headers-6.1.158-178.288.amzn2023.x86_64
    kernel-tools-debuginfo-6.1.158-178.288.amzn2023.x86_64
    python3-perf-6.1.158-178.288.amzn2023.x86_64
    bpftool-debuginfo-6.1.158-178.288.amzn2023.x86_64
    kernel-livepatch-6.1.158-178.288-1.0-0.amzn2023.x86_64
    kernel-tools-devel-6.1.158-178.288.amzn2023.x86_64
    perf-debuginfo-6.1.158-178.288.amzn2023.x86_64
    kernel-debuginfo-6.1.158-178.288.amzn2023.x86_64
    kernel-6.1.158-178.288.amzn2023.x86_64
    kernel-debuginfo-common-x86_64-6.1.158-178.288.amzn2023.x86_64
    kernel-devel-6.1.158-178.288.amzn2023.x86_64

Additional References

Release Notes: Amazon Linux 2023 Release Notes

Red Hat: CVE-2025-40019, CVE-2025-40040, CVE-2025-40042, CVE-2025-40099, CVE-2025-40100, CVE-2025-40103, CVE-2025-40104, CVE-2025-40105, CVE-2025-40111, CVE-2025-40167, CVE-2025-40173, CVE-2025-40176, CVE-2025-40178, CVE-2025-40179, CVE-2025-40183, CVE-2025-40187, CVE-2025-40190, CVE-2025-40194, CVE-2025-40197, CVE-2025-40198, CVE-2025-40200, CVE-2025-40201, CVE-2025-40204, CVE-2025-40205, CVE-2025-40207

Mitre: CVE-2025-40019, CVE-2025-40040, CVE-2025-40042, CVE-2025-40099, CVE-2025-40100, CVE-2025-40103, CVE-2025-40104, CVE-2025-40105, CVE-2025-40111, CVE-2025-40167, CVE-2025-40173, CVE-2025-40176, CVE-2025-40178, CVE-2025-40179, CVE-2025-40183, CVE-2025-40187, CVE-2025-40190, CVE-2025-40194, CVE-2025-40197, CVE-2025-40198, CVE-2025-40200, CVE-2025-40201, CVE-2025-40204, CVE-2025-40205, CVE-2025-40207