Amazon Linux 2023 Security Advisory: ALAS2023-2025-935
Advisory Released Date: 2025-04-14
Advisory Updated Date: 2025-06-19
FAQs regarding Amazon Linux ALAS/CVE Severity
In the Linux kernel, the following vulnerability has been resolved:
nfsd: fix legacy client tracking initialization (CVE-2024-58092)
In the Linux kernel, the following vulnerability has been resolved:
keys: Fix UAF in key_put() (CVE-2025-21893)
In the Linux kernel, the following vulnerability has been resolved:
net: gso: fix ownership in __udp_gso_segment (CVE-2025-21926)
In the Linux kernel, the following vulnerability has been resolved:
xsk: fix an integer overflow in xp_create_and_assign_umem() (CVE-2025-21997)
In the Linux kernel, the following vulnerability has been resolved:
proc: fix UAF in proc_get_inode() (CVE-2025-21999)
In the Linux kernel, the following vulnerability has been resolved:
mm/huge_memory: drop beyond-EOF folios with the right number of refs (CVE-2025-22000)
In the Linux kernel, the following vulnerability has been resolved:
netfs: Call `invalidate_cache` only if implemented (CVE-2025-22002)
In the Linux kernel, the following vulnerability has been resolved:
ipv6: Fix memleak of nhc_pcpu_rth_output in fib_check_nh_v6_gw(). (CVE-2025-22005)
In the Linux kernel, the following vulnerability has been resolved:
KVM: arm64: Unconditionally save+flush host FPSIMD/SVE/SME state (CVE-2025-22013)
In the Linux kernel, the following vulnerability has been resolved:
mm/migrate: fix shmem xarray update during migration (CVE-2025-22015)
In the Linux kernel, the following vulnerability has been resolved:
devlink: fix xa_alloc_cyclic() error handling (CVE-2025-22017)
In the Linux kernel, the following vulnerability has been resolved:
netfilter: socket: Lookup orig tuple for IPv6 SNAT (CVE-2025-22021)
In the Linux kernel, the following vulnerability has been resolved:
usb: xhci: Apply the link chain quirk on NEC isoc endpoints (CVE-2025-22022)
In the Linux kernel, the following vulnerability has been resolved:
usb: xhci: Don't skip on Stopped - Length Invalid (CVE-2025-22023)
Affected Packages:
kernel6.12
Issue Correction:
Run dnf update kernel6.12 --releasever 2023.7.20250414 to update your system.
aarch64:
bpftool-6.12.22-27.96.amzn2023.aarch64
kernel-livepatch-6.12.22-27.96-1.0-0.amzn2023.aarch64
kernel-libbpf-devel-6.12.22-27.96.amzn2023.aarch64
kernel-libbpf-6.12.22-27.96.amzn2023.aarch64
perf6.12-debuginfo-6.12.22-27.96.amzn2023.aarch64
kernel-libbpf-static-6.12.22-27.96.amzn2023.aarch64
perf6.12-6.12.22-27.96.amzn2023.aarch64
kernel-tools-6.12.22-27.96.amzn2023.aarch64
kernel-tools-devel-6.12.22-27.96.amzn2023.aarch64
bpftool-debuginfo-6.12.22-27.96.amzn2023.aarch64
kernel-headers-6.12.22-27.96.amzn2023.aarch64
python3-perf6.12-6.12.22-27.96.amzn2023.aarch64
kernel-libbpf-debuginfo-6.12.22-27.96.amzn2023.aarch64
kernel6.12-modules-extra-6.12.22-27.96.amzn2023.aarch64
kernel-tools-debuginfo-6.12.22-27.96.amzn2023.aarch64
python3-perf6.12-debuginfo-6.12.22-27.96.amzn2023.aarch64
kernel-modules-extra-common-6.12.22-27.96.amzn2023.aarch64
kernel6.12-6.12.22-27.96.amzn2023.aarch64
kernel6.12-debuginfo-6.12.22-27.96.amzn2023.aarch64
kernel6.12-debuginfo-common-aarch64-6.12.22-27.96.amzn2023.aarch64
kernel-devel-6.12.22-27.96.amzn2023.aarch64
src:
kernel6.12-6.12.22-27.96.amzn2023.src
x86_64:
perf6.12-debuginfo-6.12.22-27.96.amzn2023.x86_64
bpftool-debuginfo-6.12.22-27.96.amzn2023.x86_64
kernel-libbpf-devel-6.12.22-27.96.amzn2023.x86_64
python3-perf6.12-6.12.22-27.96.amzn2023.x86_64
kernel-libbpf-debuginfo-6.12.22-27.96.amzn2023.x86_64
kernel-tools-debuginfo-6.12.22-27.96.amzn2023.x86_64
bpftool-6.12.22-27.96.amzn2023.x86_64
kernel-tools-6.12.22-27.96.amzn2023.x86_64
kernel-tools-devel-6.12.22-27.96.amzn2023.x86_64
kernel-modules-extra-common-6.12.22-27.96.amzn2023.x86_64
kernel-libbpf-6.12.22-27.96.amzn2023.x86_64
kernel-livepatch-6.12.22-27.96-1.0-0.amzn2023.x86_64
python3-perf6.12-debuginfo-6.12.22-27.96.amzn2023.x86_64
kernel-headers-6.12.22-27.96.amzn2023.x86_64
kernel6.12-debuginfo-6.12.22-27.96.amzn2023.x86_64
kernel-libbpf-static-6.12.22-27.96.amzn2023.x86_64
perf6.12-6.12.22-27.96.amzn2023.x86_64
kernel6.12-modules-extra-6.12.22-27.96.amzn2023.x86_64
kernel6.12-6.12.22-27.96.amzn2023.x86_64
kernel6.12-debuginfo-common-x86_64-6.12.22-27.96.amzn2023.x86_64
kernel-devel-6.12.22-27.96.amzn2023.x86_64
2025-06-19: CVE-2025-22013 was added to this advisory.
2025-06-19: CVE-2025-22017 was added to this advisory.
2025-06-19: CVE-2025-22022 was added to this advisory.
2025-06-19: CVE-2025-22000 was added to this advisory.
2025-06-19: CVE-2025-21997 was added to this advisory.
2025-06-19: CVE-2024-58092 was added to this advisory.
2025-06-19: CVE-2025-22002 was added to this advisory.
2025-06-19: CVE-2025-22015 was added to this advisory.
2025-06-19: CVE-2025-22023 was added to this advisory.
2025-06-19: CVE-2025-22005 was added to this advisory.
2025-06-19: CVE-2025-22021 was added to this advisory.
2025-06-05: CVE-2025-21999 was added to this advisory.