ALAS2KERNEL-5.10-2023-031

Amazon Linux 2 Security Advisory: ALAS2KERNEL-5.10-2023-031
Advisory Released Date: 2023-05-01
Advisory Updated Date: 2025-10-18

Severity: Important

References: CVE-2022-49634 CVE-2023-2124 CVE-2023-53273 CVE-2023-53296 CVE-2023-53372 CVE-2023-53375 CVE-2023-53440 CVE-2023-53464 CVE-2023-53525 CVE-2023-53608 CVE-2023-53623
FAQs regarding Amazon Linux ALAS/CVE Severity

Issue Overview:

In the Linux kernel, the following vulnerability has been resolved:

sysctl: Fix data-races in proc_dou8vec_minmax(). (CVE-2022-49634)

An out-of-bounds memory access flaw was found in the Linux kernel's XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user to crash or potentially escalate their privileges on the system. (CVE-2023-2124)

In the Linux kernel, the following vulnerability has been resolved:

Drivers: vmbus: Check for channel allocation before looking up relids (CVE-2023-53273)

In the Linux kernel, the following vulnerability has been resolved:

sctp: check send stream number after wait_for_sndbuf (CVE-2023-53296)

In the Linux kernel, the following vulnerability has been resolved:

sctp: fix a potential overflow in sctp_ifwdtsn_skip (CVE-2023-53372)

In the Linux kernel, the following vulnerability has been resolved:

tracing: Free error logs of tracing instances (CVE-2023-53375)

In the Linux kernel, the following vulnerability has been resolved:

nilfs2: fix sysfs interface lifetime (CVE-2023-53440)

In the Linux kernel, the following vulnerability has been resolved:

scsi: iscsi_tcp: Check that sock is valid before iscsi_set_param() (CVE-2023-53464)

In the Linux kernel, the following vulnerability has been resolved:

RDMA/cma: Allow UD qp_type to join multicast only (CVE-2023-53525)

In the Linux kernel, the following vulnerability has been resolved:

nilfs2: fix potential UAF of struct nilfs_sc_info in nilfs_segctor_thread() (CVE-2023-53608)

In the Linux kernel, the following vulnerability has been resolved:

mm/swap: fix swap_info_struct race between swapoff and get_swap_pages() (CVE-2023-53623)

Affected Packages:

kernel

Note:

This advisory is applicable to Amazon Linux 2 - Kernel-5.10 Extra. Visit this page to learn more about Amazon Linux 2 (AL2) Extras and this FAQ section for the difference between AL2 Core and AL2 Extras advisories.

Issue Correction:
Run yum update kernel or yum update --advisory ALAS2KERNEL-5.10-2023-031 to update your system.

New Packages:

aarch64:
    kernel-5.10.178-162.673.amzn2.aarch64
    kernel-headers-5.10.178-162.673.amzn2.aarch64
    kernel-debuginfo-common-aarch64-5.10.178-162.673.amzn2.aarch64
    perf-5.10.178-162.673.amzn2.aarch64
    perf-debuginfo-5.10.178-162.673.amzn2.aarch64
    python-perf-5.10.178-162.673.amzn2.aarch64
    python-perf-debuginfo-5.10.178-162.673.amzn2.aarch64
    kernel-tools-5.10.178-162.673.amzn2.aarch64
    kernel-tools-devel-5.10.178-162.673.amzn2.aarch64
    kernel-tools-debuginfo-5.10.178-162.673.amzn2.aarch64
    bpftool-5.10.178-162.673.amzn2.aarch64
    bpftool-debuginfo-5.10.178-162.673.amzn2.aarch64
    kernel-devel-5.10.178-162.673.amzn2.aarch64
    kernel-debuginfo-5.10.178-162.673.amzn2.aarch64
    kernel-livepatch-5.10.178-162.673-1.0-0.amzn2.aarch64

i686:
    kernel-headers-5.10.178-162.673.amzn2.i686

src:
    kernel-5.10.178-162.673.amzn2.src

x86_64:
    kernel-5.10.178-162.673.amzn2.x86_64
    kernel-headers-5.10.178-162.673.amzn2.x86_64
    kernel-debuginfo-common-x86_64-5.10.178-162.673.amzn2.x86_64
    perf-5.10.178-162.673.amzn2.x86_64
    perf-debuginfo-5.10.178-162.673.amzn2.x86_64
    python-perf-5.10.178-162.673.amzn2.x86_64
    python-perf-debuginfo-5.10.178-162.673.amzn2.x86_64
    kernel-tools-5.10.178-162.673.amzn2.x86_64
    kernel-tools-devel-5.10.178-162.673.amzn2.x86_64
    kernel-tools-debuginfo-5.10.178-162.673.amzn2.x86_64
    bpftool-5.10.178-162.673.amzn2.x86_64
    bpftool-debuginfo-5.10.178-162.673.amzn2.x86_64
    kernel-devel-5.10.178-162.673.amzn2.x86_64
    kernel-debuginfo-5.10.178-162.673.amzn2.x86_64
    kernel-livepatch-5.10.178-162.673-1.0-0.amzn2.x86_64

Changelog:

2025-10-18: CVE-2023-53608 was added to this advisory.

2025-10-18: CVE-2023-53623 was added to this advisory.

2025-10-08: CVE-2023-53464 was added to this advisory.

2025-10-08: CVE-2023-53525 was added to this advisory.

2025-10-02: CVE-2023-53372 was added to this advisory.

2025-10-02: CVE-2023-53440 was added to this advisory.

2025-10-02: CVE-2023-53375 was added to this advisory.

2025-09-22: CVE-2023-53296 was added to this advisory.

2025-09-22: CVE-2023-53273 was added to this advisory.

2025-05-21: CVE-2022-49634 was added to this advisory.

Additional References

Release Notes: Amazon Linux 2 Release Notes

Red Hat: CVE-2022-49634, CVE-2023-2124, CVE-2023-53273, CVE-2023-53296, CVE-2023-53372, CVE-2023-53375, CVE-2023-53440, CVE-2023-53464, CVE-2023-53525, CVE-2023-53608, CVE-2023-53623

Mitre: CVE-2022-49634, CVE-2023-2124, CVE-2023-53273, CVE-2023-53296, CVE-2023-53372, CVE-2023-53375, CVE-2023-53440, CVE-2023-53464, CVE-2023-53525, CVE-2023-53608, CVE-2023-53623