Amazon Linux 2 Security Advisory: ALAS2KERNEL-5.4-2023-042
Advisory Released Date: 2023-02-22
Advisory Updated Date: 2025-10-18
FAQs regarding Amazon Linux ALAS/CVE Severity
A flaw was found in the Linux kernel's Layer 2 Tunneling Protocol (L2TP). A missing lock when clearing sk_user_data can lead to a race condition and NULL pointer dereference. A local user could use this flaw to potentially crash the system causing a denial of service. (CVE-2022-4129)
In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service (system crash) via a crafted traffic control configuration that is set up with "tc qdisc" and "tc class" commands. This affects qdisc_graft in net/sched/sch_api.c. (CVE-2022-47929)
In the Linux kernel, the following vulnerability has been resolved:
efi: fix NULL-deref in init error path (CVE-2022-48879)
In the Linux kernel, the following vulnerability has been resolved:
ixgbe: fix pci device refcount leak (CVE-2022-48896)
In the Linux kernel, the following vulnerability has been resolved:
drm/virtio: Fix GEM handle creation UAF (CVE-2022-48899)
In the Linux kernel, the following vulnerability has been resolved:
udf: Fix preallocation discarding at indirect extent boundary (CVE-2022-48946)
In the Linux kernel, the following vulnerability has been resolved:
igb: Initialize mailbox message for VF reset (CVE-2022-48949)
In the Linux kernel, the following vulnerability has been resolved:
perf/x86/amd: fix potential integer overflow on shift of a int (CVE-2022-49748)
In the Linux kernel, the following vulnerability has been resolved:
dmaengine: Fix double increment of client_count in dma_chan_get() (CVE-2022-49753)
In the Linux kernel, the following vulnerability has been resolved:
drivers: net: qlcnic: Fix potential memory leak in qlcnic_sriov_init() (CVE-2022-50242)
In the Linux kernel, the following vulnerability has been resolved:
regulator: core: fix use_count leakage when handling boot-on (CVE-2022-50250)
In the Linux kernel, the following vulnerability has been resolved:
mmc: vub300: fix return value check of mmc_add_host() (CVE-2022-50251)
In the Linux kernel, the following vulnerability has been resolved:
igb: Do not free q_vector unless new one was allocated (CVE-2022-50252)
In the Linux kernel, the following vulnerability has been resolved:
bpf: make sure skb->len != 0 when redirecting to a tunneling device (CVE-2022-50253)
In the Linux kernel, the following vulnerability has been resolved:
bpf, sockmap: fix race in sock_map_free() (CVE-2022-50259)
In the Linux kernel, the following vulnerability has been resolved:
drm/radeon: Add the missed acpi_put_table() to fix memory leak (CVE-2022-50275)
In the Linux kernel, the following vulnerability has been resolved:
power: supply: fix null pointer dereferencing in power_supply_get_battery_info (CVE-2022-50276)
In the Linux kernel, the following vulnerability has been resolved:
PNP: fix name memory leak in pnp_alloc_dev() (CVE-2022-50278)
In the Linux kernel, the following vulnerability has been resolved:
pnode: terminate at peers of source (CVE-2022-50280)
In the Linux kernel, the following vulnerability has been resolved:
chardev: fix error handling in cdev_device_add() (CVE-2022-50282)
In the Linux kernel, the following vulnerability has been resolved:
ext4: fix delayed allocation bug in ext4_clu_mapped for bigalloc + inline (CVE-2022-50286)
In the Linux kernel, the following vulnerability has been resolved:
qlcnic: prevent ->dcb use-after-free on qlcnic_dcb_enable() failure (CVE-2022-50288)
In the Linux kernel, the following vulnerability has been resolved:
perf/x86/intel/uncore: Fix reference count leak in hswep_has_limit_sbox() (CVE-2022-50318)
In the Linux kernel, the following vulnerability has been resolved:
fs: jfs: fix shift-out-of-bounds in dbDiscardAG (CVE-2022-50333)
In the Linux kernel, the following vulnerability has been resolved:
hugetlbfs: fix null-ptr-deref in hugetlbfs_parse_param() (CVE-2022-50334)
In the Linux kernel, the following vulnerability has been resolved:
cifs: fix oops during encryption (CVE-2022-50341)
In the Linux kernel, the following vulnerability has been resolved:
rapidio: fix possible name leaks when rio_add_device() fails (CVE-2022-50343)
In the Linux kernel, the following vulnerability has been resolved:
ext4: init quota for 'old.inode' in 'ext4_rename' (CVE-2022-50346)
In the Linux kernel, the following vulnerability has been resolved:
misc: tifm: fix possible memory leak in tifm_7xx1_switch_media() (CVE-2022-50349)
In the Linux kernel, the following vulnerability has been resolved:
skbuff: Account for tail adjustment during pull operations (CVE-2022-50365)
In the Linux kernel, the following vulnerability has been resolved:
md: fix a crash in mempool_free (CVE-2022-50381)
In the Linux kernel, the following vulnerability has been resolved:
tpm: tpm_crb: Add the missed acpi_put_table() to fix memory leak (CVE-2022-50389)
In the Linux kernel, the following vulnerability has been resolved:
integrity: Fix memory leakage in keyring allocation error path (CVE-2022-50395)
In the Linux kernel, the following vulnerability has been resolved:
net: sched: fix memory leak in tcindex_set_parms (CVE-2022-50396)
In the Linux kernel, the following vulnerability has been resolved:
nfsd: under NFSv4.1, fix double svc_xprt_put on rpc_create failure (CVE-2022-50401)
In the Linux kernel, the following vulnerability has been resolved:
drivers/md/md-bitmap: check the return value of md_bitmap_get_counter() (CVE-2022-50402)
In the Linux kernel, the following vulnerability has been resolved:
net/tunnel: wait until all sk_user_data reader finish before releasing the sock (CVE-2022-50405)
In the Linux kernel, the following vulnerability has been resolved:
ACPICA: Fix error code path in acpi_ds_call_control_method() (CVE-2022-50411)
In the Linux kernel, the following vulnerability has been resolved:
scsi: fcoe: Fix transport not deattached when fcoe_if_init() fails (CVE-2022-50414)
In the Linux kernel, the following vulnerability has been resolved:
ACPICA: Fix use-after-free in acpi_ut_copy_ipackage_to_ipackage() (CVE-2022-50423)
In the Linux kernel, the following vulnerability has been resolved:
mmc: vub300: fix warning - do not call blocking ops when !TASK_RUNNING (CVE-2022-50430)
In the Linux kernel, the following vulnerability has been resolved:
blk-mq: fix possible memleak when register 'hctx' failed (CVE-2022-50434)
In the Linux kernel, the following vulnerability has been resolved:
btrfs: fix resolving backrefs for inline extent followed by prealloc (CVE-2022-50456)
In the Linux kernel, the following vulnerability has been resolved:
MIPS: vpe-mt: fix possible memory leak while module exiting (CVE-2022-50462)
In the Linux kernel, the following vulnerability has been resolved:
cpufreq: Init completion before kobject_init_and_add() (CVE-2022-50473)
In the Linux kernel, the following vulnerability has been resolved:
macintosh: fix possible memory leak in macio_add_one_device() (CVE-2022-50474)
In the Linux kernel, the following vulnerability has been resolved:
nilfs2: fix shift-out-of-bounds/overflow in nilfs_sb2_bad_offset() (CVE-2022-50478)
In the Linux kernel, the following vulnerability has been resolved:
ext4: add EXT4_IGET_BAD flag to prevent unexpected bad inode (CVE-2022-50485)
In the Linux kernel, the following vulnerability has been resolved:
dm cache: Fix UAF in destroy() (CVE-2022-50496)
In the Linux kernel, the following vulnerability has been resolved:
binfmt_misc: fix shift-out-of-bounds in check_special_flags (CVE-2022-50497)
In the Linux kernel, the following vulnerability has been resolved:
mtd: lpddr2_nvm: Fix possible null-ptr-deref (CVE-2022-50503)
In the Linux kernel, the following vulnerability has been resolved:
lib/fonts: fix undefined behavior in bit shift for get_default_font (CVE-2022-50511)
In the Linux kernel, the following vulnerability has been resolved:
drm/radeon: Fix PCI device refcount leak in radeon_atrm_get_bios() (CVE-2022-50520)
In the Linux kernel, the following vulnerability has been resolved:
scsi: mpt3sas: Fix possible resource leaks in mpt3sas_transport_port_add() (CVE-2022-50532)
In the Linux kernel, the following vulnerability has been resolved:
dm thin: Use last transaction's pmd->root when commit failed (CVE-2022-50534)
In the Linux kernel, the following vulnerability has been resolved:
bpf, sockmap: Fix repeated calls to sock_put() when msg has more_data (CVE-2022-50536)
In the Linux kernel, the following vulnerability has been resolved:
dm thin: Fix ABBA deadlock between shrink_slab and dm_pool_abort_metadata (CVE-2022-50549)
The Linux kernel does not correctly mitigate SMT attacks, as discovered through a strange pattern in the kernel API using STIBP as a mitigation, leaving the process exposed for a short period of time after a syscall. The kernel also does not issue an IBPB immediately during the syscall. (CVE-2023-0045)
A NULL pointer dereference flaw was found in rawv6_push_pending_frames in net/ipv6/raw.c in the network subcomponent in the Linux kernel. This flaw causes the system to crash. (CVE-2023-0394)
Detected a few exploitable gadgets that could leak secret memory through a side-channel such as MDS as well as insufficient hardening of the usercopy functions against spectre-v1. (CVE-2023-0459)
There is a use-after-free vulnerability in the Linux Kernel which can be exploited to achieve local privilege escalation. To reach the vulnerability kernel configuration flag CONFIG_TLS or CONFIG_XFRM_ESPINTCP has to be configured, but the operation does not require any privilege.
There is a use-after-free bug of icsk_ulp_data of a struct inet_connection_sock.
When CONFIG_TLS is enabled, user can install a tls context (struct tls_context) on a connected tcp socket. The context is not cleared if this socket is disconnected and reused as a listener. If a new socket is created from the listener, the context is inherited and vulnerable.
The setsockopt TCP_ULP operation does not require any privilege.
We recommend upgrading past commit 2c02d41d71f90a5168391b6a5f2954112ba2307c (CVE-2023-0461)
A memory corruption flaw was found in the Linux kernel's human interface device (HID) subsystem in how a user inserts a malicious USB device. This flaw allows a local user to crash or potentially escalate their privileges on the system. (CVE-2023-1073)
cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results). (CVE-2023-23454)
atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results). (CVE-2023-23455)
In the Linux kernel, the following vulnerability has been resolved:
btrfs: fix race between quota rescan and disable leading to NULL pointer deref (CVE-2023-52896)
In the Linux kernel, the following vulnerability has been resolved:
xhci: Fix null pointer dereference when host dies (CVE-2023-52898)
In the Linux kernel, the following vulnerability has been resolved:
nilfs2: fix general protection fault in nilfs_btree_insert() (CVE-2023-52900)
In the Linux kernel, the following vulnerability has been resolved:
usb: xhci: Check endpoint is valid before dereferencing it (CVE-2023-52901)
In the Linux kernel, the following vulnerability has been resolved:
net/sched: act_mpls: Fix warning during failed attribute validation (CVE-2023-52906)
In the Linux kernel, the following vulnerability has been resolved:
bpf: Skip task with pid=1 in send_signal_common() (CVE-2023-52992)
In the Linux kernel, the following vulnerability has been resolved:
x86/i8259: Mark legacy PIC interrupts with IRQ_LEVEL (CVE-2023-52993)
In the Linux kernel, the following vulnerability has been resolved:
ipv4: prevent potential spectre v1 gadget in fib_metrics_match() (CVE-2023-52996)
In the Linux kernel, the following vulnerability has been resolved:
ipv4: prevent potential spectre v1 gadget in ip_metrics_convert() (CVE-2023-52997)
In the Linux kernel, the following vulnerability has been resolved:
net: fix UaF in netns ops registration error path (CVE-2023-52999)
In the Linux kernel, the following vulnerability has been resolved:
netlink: prevent potential spectre v1 gadgets (CVE-2023-53000)
In the Linux kernel, the following vulnerability has been resolved:
cifs: Fix oops due to uncleared server->smbd_conn in reconnect (CVE-2023-53006)
In the Linux kernel, the following vulnerability has been resolved:
tracing: Make sure trace_printk() can output as soon as it can be used (CVE-2023-53007)
In the Linux kernel, the following vulnerability has been resolved:
HID: betop: check shape of output reports (CVE-2023-53015)
In the Linux kernel, the following vulnerability has been resolved:
net: mdio: validate parameter addr in mdiobus_get_phy() (CVE-2023-53019)
In the Linux kernel, the following vulnerability has been resolved:
net/sched: sch_taprio: fix possible use-after-free (CVE-2023-53021)
In the Linux kernel, the following vulnerability has been resolved:
bpf: Fix pointer-leak due to insufficient speculative store bypass mitigation (CVE-2023-53024)
In the Linux kernel, the following vulnerability has been resolved:
RDMA/core: Fix ib block iterator counter overflow (CVE-2023-53026)
In the Linux kernel, the following vulnerability has been resolved:
netfilter: ipset: Fix overflow before widen in the bitmap_ip_create() function. (CVE-2023-53032)
Affected Packages:
kernel
Note:
This advisory is applicable to Amazon Linux 2 - Kernel-5.4 Extra. Visit this page to learn more about Amazon Linux 2 (AL2) Extras and this FAQ section for the difference between AL2 Core and AL2 Extras advisories.
Issue Correction:
Run yum update kernel or yum update --advisory ALAS2KERNEL-5.4-2023-042 to update your system.
aarch64:
kernel-5.4.231-137.341.amzn2.aarch64
kernel-headers-5.4.231-137.341.amzn2.aarch64
kernel-debuginfo-common-aarch64-5.4.231-137.341.amzn2.aarch64
perf-5.4.231-137.341.amzn2.aarch64
perf-debuginfo-5.4.231-137.341.amzn2.aarch64
python-perf-5.4.231-137.341.amzn2.aarch64
python-perf-debuginfo-5.4.231-137.341.amzn2.aarch64
kernel-tools-5.4.231-137.341.amzn2.aarch64
kernel-tools-devel-5.4.231-137.341.amzn2.aarch64
kernel-tools-debuginfo-5.4.231-137.341.amzn2.aarch64
bpftool-5.4.231-137.341.amzn2.aarch64
bpftool-debuginfo-5.4.231-137.341.amzn2.aarch64
kernel-devel-5.4.231-137.341.amzn2.aarch64
kernel-debuginfo-5.4.231-137.341.amzn2.aarch64
i686:
kernel-headers-5.4.231-137.341.amzn2.i686
src:
kernel-5.4.231-137.341.amzn2.src
x86_64:
kernel-5.4.231-137.341.amzn2.x86_64
kernel-headers-5.4.231-137.341.amzn2.x86_64
kernel-debuginfo-common-x86_64-5.4.231-137.341.amzn2.x86_64
perf-5.4.231-137.341.amzn2.x86_64
perf-debuginfo-5.4.231-137.341.amzn2.x86_64
python-perf-5.4.231-137.341.amzn2.x86_64
python-perf-debuginfo-5.4.231-137.341.amzn2.x86_64
kernel-tools-5.4.231-137.341.amzn2.x86_64
kernel-tools-devel-5.4.231-137.341.amzn2.x86_64
kernel-tools-debuginfo-5.4.231-137.341.amzn2.x86_64
bpftool-5.4.231-137.341.amzn2.x86_64
bpftool-debuginfo-5.4.231-137.341.amzn2.x86_64
kernel-devel-5.4.231-137.341.amzn2.x86_64
kernel-debuginfo-5.4.231-137.341.amzn2.x86_64
2025-10-18: CVE-2022-50473 was added to this advisory.
2025-10-18: CVE-2022-50462 was added to this advisory.
2025-10-18: CVE-2022-50497 was added to this advisory.
2025-10-18: CVE-2022-50434 was added to this advisory.
2025-10-18: CVE-2022-50534 was added to this advisory.
2025-10-18: CVE-2022-50503 was added to this advisory.
2025-10-18: CVE-2022-50474 was added to this advisory.
2025-10-18: CVE-2022-50511 was added to this advisory.
2025-10-18: CVE-2022-50485 was added to this advisory.
2025-10-18: CVE-2022-50456 was added to this advisory.
2025-10-18: CVE-2022-50478 was added to this advisory.
2025-10-18: CVE-2022-50496 was added to this advisory.
2025-10-18: CVE-2022-50536 was added to this advisory.
2025-10-18: CVE-2022-50549 was added to this advisory.
2025-10-18: CVE-2022-50520 was added to this advisory.
2025-10-18: CVE-2022-50532 was added to this advisory.
2025-10-18: CVE-2022-50423 was added to this advisory.
2025-10-08: CVE-2022-50430 was added to this advisory.
2025-10-02: CVE-2022-48896 was added to this advisory.
2025-10-02: CVE-2022-50365 was added to this advisory.
2025-10-02: CVE-2023-52900 was added to this advisory.
2025-10-02: CVE-2022-50414 was added to this advisory.
2025-10-02: CVE-2022-48899 was added to this advisory.
2025-10-02: CVE-2022-50259 was added to this advisory.
2025-10-02: CVE-2022-50343 was added to this advisory.
2025-10-02: CVE-2022-50396 was added to this advisory.
2025-10-02: CVE-2023-52898 was added to this advisory.
2025-10-02: CVE-2022-50286 was added to this advisory.
2025-10-02: CVE-2022-50381 was added to this advisory.
2025-10-02: CVE-2022-50250 was added to this advisory.
2025-10-02: CVE-2022-50242 was added to this advisory.
2025-10-02: CVE-2023-52901 was added to this advisory.
2025-10-02: CVE-2022-50411 was added to this advisory.
2025-10-02: CVE-2022-50389 was added to this advisory.
2025-10-02: CVE-2022-48879 was added to this advisory.
2025-10-02: CVE-2022-50402 was added to this advisory.
2025-10-02: CVE-2022-50405 was added to this advisory.
2025-10-02: CVE-2022-50278 was added to this advisory.
2025-10-02: CVE-2022-50275 was added to this advisory.
2025-10-02: CVE-2022-50349 was added to this advisory.
2025-10-02: CVE-2022-50253 was added to this advisory.
2025-10-02: CVE-2022-50318 was added to this advisory.
2025-10-02: CVE-2022-50401 was added to this advisory.
2025-10-02: CVE-2022-50395 was added to this advisory.
2025-10-02: CVE-2022-50251 was added to this advisory.
2025-10-02: CVE-2023-52896 was added to this advisory.
2025-09-22: CVE-2022-50276 was added to this advisory.
2025-09-22: CVE-2022-50346 was added to this advisory.
2025-09-22: CVE-2022-50252 was added to this advisory.
2025-09-22: CVE-2022-50280 was added to this advisory.
2025-09-22: CVE-2022-50288 was added to this advisory.
2025-09-22: CVE-2022-50341 was added to this advisory.
2025-09-22: CVE-2022-50282 was added to this advisory.
2025-09-22: CVE-2022-50333 was added to this advisory.
2025-09-22: CVE-2022-50334 was added to this advisory.
2025-05-21: CVE-2023-53015 was added to this advisory.
2025-05-21: CVE-2023-52992 was added to this advisory.
2025-05-21: CVE-2023-52996 was added to this advisory.
2025-05-21: CVE-2022-49748 was added to this advisory.
2025-05-21: CVE-2023-53007 was added to this advisory.
2025-05-21: CVE-2023-53024 was added to this advisory.
2025-05-21: CVE-2023-53032 was added to this advisory.
2025-05-21: CVE-2023-52993 was added to this advisory.
2025-05-21: CVE-2023-53026 was added to this advisory.
2025-05-21: CVE-2023-53006 was added to this advisory.
2025-05-21: CVE-2023-53019 was added to this advisory.
2025-05-21: CVE-2023-53000 was added to this advisory.
2025-05-21: CVE-2023-52997 was added to this advisory.
2025-04-23: CVE-2022-49753 was added to this advisory.
2025-04-23: CVE-2023-53021 was added to this advisory.
2025-04-23: CVE-2023-52999 was added to this advisory.
2025-03-13: CVE-2022-48949 was added to this advisory.
2025-03-13: CVE-2022-48946 was added to this advisory.
2025-03-13: CVE-2023-52906 was added to this advisory.
2024-02-01: CVE-2023-1073 was added to this advisory.
2024-02-01: CVE-2023-0461 was added to this advisory.