Amazon Linux 1 (EOL) Security Advisory: ALAS-2025-1973
Advisory Released Date: 2025-04-29
Advisory Updated Date: 2025-05-21
FAQs regarding Amazon Linux ALAS/CVE Severity
A use-after-free flaw was found in btrfs_search_slot in fs/btrfs/ctree.c in btrfs in the Linux Kernel.This flaw allows an attacker to crash the system and possibly cause a kernel information lea (CVE-2023-1611)
nftables out-of-bounds read in nf_osf_match_one() (CVE-2023-39189)
In the Linux kernel, the following vulnerability has been resolved:
scsi: iscsi_tcp: Fix UAF during logout when accessing the shost ipaddress (CVE-2023-52975)
In the Linux kernel, the following vulnerability has been resolved:
mm: call the security_mmap_file() LSM hook in remap_file_pages() (CVE-2024-47745)
In the Linux kernel, the following vulnerability has been resolved:
ext4: fix double brelse() the buffer of the extents path (CVE-2024-49882)
In the Linux kernel, the following vulnerability has been resolved:
net: do not delay dst_entries_add() in dst_release() (CVE-2024-50036)
In the Linux kernel, the following vulnerability has been resolved:
dm cache: fix potential out-of-bounds access on the first resume (CVE-2024-50278)
In the Linux kernel, the following vulnerability has been resolved:
security/keys: fix slab-out-of-bounds in key_task_permission (CVE-2024-50301)
In the Linux kernel, the following vulnerability has been resolved:
ipv6: mcast: extend RCU protection in igmp6_send() (CVE-2025-21759)
In the Linux kernel, the following vulnerability has been resolved:
vrf: use RCU protection in l3mdev_l3_out() (CVE-2025-21791)
In the Linux kernel, the following vulnerability has been resolved:
nfsd: clear acl_access/acl_default after releasing them (CVE-2025-21796)
In the Linux kernel, the following vulnerability has been resolved:
geneve: Fix use-after-free in geneve_find_dev(). (CVE-2025-21858)
In the Linux kernel, the following vulnerability has been resolved:
x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes (CVE-2025-21991)
Affected Packages:
kernel
Issue Correction:
Run yum update kernel to update your system.
System reboot is required in order to complete this update.
i686:
perf-debuginfo-4.14.355-196.639.amzn1.i686
kernel-4.14.355-196.639.amzn1.i686
kernel-tools-4.14.355-196.639.amzn1.i686
kernel-tools-devel-4.14.355-196.639.amzn1.i686
kernel-debuginfo-4.14.355-196.639.amzn1.i686
kernel-headers-4.14.355-196.639.amzn1.i686
perf-4.14.355-196.639.amzn1.i686
kernel-debuginfo-common-i686-4.14.355-196.639.amzn1.i686
kernel-devel-4.14.355-196.639.amzn1.i686
kernel-tools-debuginfo-4.14.355-196.639.amzn1.i686
src:
kernel-4.14.355-196.639.amzn1.src
x86_64:
perf-debuginfo-4.14.355-196.639.amzn1.x86_64
kernel-debuginfo-4.14.355-196.639.amzn1.x86_64
kernel-debuginfo-common-x86_64-4.14.355-196.639.amzn1.x86_64
kernel-tools-4.14.355-196.639.amzn1.x86_64
kernel-4.14.355-196.639.amzn1.x86_64
perf-4.14.355-196.639.amzn1.x86_64
kernel-devel-4.14.355-196.639.amzn1.x86_64
kernel-headers-4.14.355-196.639.amzn1.x86_64
kernel-tools-debuginfo-4.14.355-196.639.amzn1.x86_64
kernel-tools-devel-4.14.355-196.639.amzn1.x86_64
2025-05-21: CVE-2024-50301 was added to this advisory.
2025-05-21: CVE-2024-50036 was added to this advisory.
2025-05-21: CVE-2024-50278 was added to this advisory.
2025-05-21: CVE-2024-49882 was added to this advisory.
2025-05-21: CVE-2025-21791 was added to this advisory.
2025-05-21: CVE-2023-52975 was added to this advisory.
2025-05-21: CVE-2025-21991 was added to this advisory.
2025-05-21: CVE-2025-21759 was added to this advisory.
2025-05-21: CVE-2025-21796 was added to this advisory.
2025-05-21: CVE-2023-1611 was added to this advisory.
2025-05-21: CVE-2024-47745 was added to this advisory.
2025-05-21: CVE-2023-39189 was added to this advisory.