Amazon Linux 2023 Security Advisory: ALAS2023-2023-138
Advisory Released Date: 2023-03-22
Advisory Updated Date: 2025-10-18
FAQs regarding Amazon Linux ALAS/CVE Severity
A double-free vulnerability was found in the handling of IORING_OP_SOCKET operation with io_uring on the Linux kernel. (CVE-2023-1032)
Due to a type confusion during initializations, the tun and tap sockets in the Linux Kernel have their socket UID hardcoded to 0, i.e. root. While it will be often correct, as TUN/TAP devices require CAP_NET_ADMIN, it may not always be the case. The socket UID may be used for network filtering and routing, thus TUN/TAP sockets may be incorrectly managed, potentially bypassing network filters based on UID. (CVE-2023-1076)
kernel: Type confusion in pick_next_rt_entity(), which can result in memory corruption. (CVE-2023-1077)
A flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the way user detaching rc device. A local user could use this flaw to crash the system or potentially escalate their privileges on the system. (CVE-2023-1118)
A use-after-free vulnerability in the Linux Kernel traffic control index filter (tcindex) can be exploited to achieve local privilege escalation. The tcindex_delete function which does not properly deactivate filters in case of a perfect hashes while deleting the underlying structure which can later lead to double freeing the structure. A local attacker user can use this vulnerability to elevate its privileges to root.
We recommend upgrading past commit 8c710f75256bb3cf05ac7b1672c82b92c43f3d28. (CVE-2023-1829)
When plain IBRS is enabled (not enhanced IBRS), the logic in spectre_v2_user_select_mitigation() determines that STIBP is not needed. The IBRS bit implicitly protects against cross-thread branch target
injection. However, with legacy IBRS, the IBRS bit is cleared on returning to userspace for performance reasons which leaves userspace threads vulnerable to cross-thread branch target injection against which STIBP protects. (CVE-2023-1998)
A use-after-free flaw was found in hfsplus_put_super in fs/hfsplus/super.c in the Linux Kernel. This flaw could allow a local user to cause a denial of service. (CVE-2023-2985)
An issue was discovered in lib/kobject.c in the Linux kernel before 6.2.3. With root access, an attacker can trigger a race condition that results in a fill_kobj_path out-of-bounds write. (CVE-2023-45863)
In the Linux kernel, the following vulnerability has been resolved:
vfio/type1: prevent underflow of locked_vm via exec() (CVE-2023-53171)
In the Linux kernel, the following vulnerability has been resolved:
USB: uhci: fix memory leak with using debugfs_lookup() (CVE-2023-53197)
In the Linux kernel, the following vulnerability has been resolved:
netfilter: x_tables: fix percpu counter block leak on error path when creating new netns (CVE-2023-53200)
In the Linux kernel, the following vulnerability has been resolved:
PM: domains: fix memory leak with using debugfs_lookup() (CVE-2023-53202)
In the Linux kernel, the following vulnerability has been resolved:
driver core: location: Free struct acpi_pld_info *pld before return false (CVE-2023-53211)
In the Linux kernel, the following vulnerability has been resolved:
arm64: efi: Make efi_rt_lock a raw_spinlock (CVE-2023-53216)
In the Linux kernel, the following vulnerability has been resolved:
watchdog: Fix kmemleak in watchdog_cdev_register (CVE-2023-53234)
In the Linux kernel, the following vulnerability has been resolved:
xsk: check IFF_UP earlier in Tx path (CVE-2023-53240)
In the Linux kernel, the following vulnerability has been resolved:
firmware: dmi-sysfs: Fix null-ptr-deref in dmi_sysfs_register_handle (CVE-2023-53250)
In the Linux kernel, the following vulnerability has been resolved:
cacheinfo: Fix shared_cpu_map to handle shared caches at different levels (CVE-2023-53254)
In the Linux kernel, the following vulnerability has been resolved:
VMCI: check context->notify_page after call to get_user_pages_fast() to avoid GPF (CVE-2023-53259)
In the Linux kernel, the following vulnerability has been resolved:
misc: vmw_balloon: fix memory leak with using debugfs_lookup() (CVE-2023-53279)
In the Linux kernel, the following vulnerability has been resolved:
udf: Do not update file length for failed writes to inline files (CVE-2023-53295)
In the Linux kernel, the following vulnerability has been resolved:
rbd: avoid use-after-free in do_rbd_add() when rbd_dev_create() fails (CVE-2023-53307)
In the Linux kernel, the following vulnerability has been resolved:
genirq/ipi: Fix NULL pointer deref in irq_data_get_affinity_mask() (CVE-2023-53332)
In the Linux kernel, the following vulnerability has been resolved:
USB: fix memory leak with using debugfs_lookup() (CVE-2023-53359)
In the Linux kernel, the following vulnerability has been resolved:
block: be a bit more careful in checking for NULL bdev while polling (CVE-2023-53366)
In the Linux kernel, the following vulnerability has been resolved:
crypto: seqiv - Handle EBUSY correctly (CVE-2023-53373)
In the Linux kernel, the following vulnerability has been resolved:
NFSD: fix leaked reference count of nfsd4_ssc_umount_item (CVE-2023-53381)
In the Linux kernel, the following vulnerability has been resolved:
drivers: base: dd: fix memory leak with using debugfs_lookup() (CVE-2023-53390)
In the Linux kernel, the following vulnerability has been resolved:
trace/blktrace: fix memory leak with using debugfs_lookup() (CVE-2023-53408)
In the Linux kernel, the following vulnerability has been resolved:
drivers: base: component: fix memory leak with using debugfs_lookup() (CVE-2023-53409)
In the Linux kernel, the following vulnerability has been resolved:
PM: EM: fix memory leak with using debugfs_lookup() (CVE-2023-53411)
In the Linux kernel, the following vulnerability has been resolved:
objtool: Fix memory leak in create_static_call_sections() (CVE-2023-53423)
In the Linux kernel, the following vulnerability has been resolved:
cifs: Fix warning and UAF when destroy the MR list (CVE-2023-53427)
In the Linux kernel, the following vulnerability has been resolved:
ipv6: Add lwtunnel encap size of all siblings in nexthop calculation (CVE-2023-53477)
In the Linux kernel, the following vulnerability has been resolved:
iommu: Fix error unwind in iommu_group_alloc() (CVE-2023-53482)
In the Linux kernel, the following vulnerability has been resolved:
crypto: xts - Handle EBUSY correctly (CVE-2023-53494)
In the Linux kernel, the following vulnerability has been resolved:
udf: Do not bother merging very long extents (CVE-2023-53506)
In the Linux kernel, the following vulnerability has been resolved:
io_uring: fix fget leak when fs don't support nowait buffered read (CVE-2023-53511)
In the Linux kernel, the following vulnerability has been resolved:
sctp: add a refcnt in sctp_stream_priorities to avoid a nested loop (CVE-2023-53590)
In the Linux kernel, the following vulnerability has been resolved:
driver core: fix resource leak in device_add() (CVE-2023-53594)
In the Linux kernel, the following vulnerability has been resolved:
nfsd: clean up potential nfsd_file refcount leaks in COPY codepath (CVE-2023-53606)
In the Linux kernel, the following vulnerability has been resolved:
irqchip: Fix refcount leak in platform_irqchip_probe (CVE-2023-53610)
In the Linux kernel, the following vulnerability has been resolved:
nvme-tcp: don't access released socket during error recovery (CVE-2023-53643)
In the Linux kernel, the following vulnerability has been resolved:
srcu: Delegate work to the boot cpu if using SRCU_SIZE_SMALL (CVE-2023-53671)
In the Linux kernel, the following vulnerability has been resolved:
drm/i915: Fix system suspend without fbdev being initialized (CVE-2023-53678)
kernel: refcount leak in ctnetlink_create_conntrack() (CVE-2023-7192)
Affected Packages:
kernel
Issue Correction:
Run dnf update kernel --releasever 2023.0.20230322 or dnf update --advisory ALAS2023-2023-138 --releasever 2023.0.20230322 to update your system.
More information on how to update your system can be found on this page: Amazon Linux 2023 documentation
aarch64:
kernel-libbpf-6.1.19-30.43.amzn2023.aarch64
bpftool-6.1.19-30.43.amzn2023.aarch64
kernel-libbpf-static-6.1.19-30.43.amzn2023.aarch64
python3-perf-debuginfo-6.1.19-30.43.amzn2023.aarch64
kernel-tools-6.1.19-30.43.amzn2023.aarch64
kernel-libbpf-devel-6.1.19-30.43.amzn2023.aarch64
perf-debuginfo-6.1.19-30.43.amzn2023.aarch64
python3-perf-6.1.19-30.43.amzn2023.aarch64
kernel-headers-6.1.19-30.43.amzn2023.aarch64
kernel-livepatch-6.1.19-30.43-1.0-0.amzn2023.aarch64
bpftool-debuginfo-6.1.19-30.43.amzn2023.aarch64
kernel-tools-devel-6.1.19-30.43.amzn2023.aarch64
perf-6.1.19-30.43.amzn2023.aarch64
kernel-tools-debuginfo-6.1.19-30.43.amzn2023.aarch64
kernel-debuginfo-6.1.19-30.43.amzn2023.aarch64
kernel-6.1.19-30.43.amzn2023.aarch64
kernel-debuginfo-common-aarch64-6.1.19-30.43.amzn2023.aarch64
kernel-devel-6.1.19-30.43.amzn2023.aarch64
src:
kernel-6.1.19-30.43.amzn2023.src
x86_64:
kernel-tools-devel-6.1.19-30.43.amzn2023.x86_64
kernel-libbpf-6.1.19-30.43.amzn2023.x86_64
kernel-libbpf-devel-6.1.19-30.43.amzn2023.x86_64
bpftool-debuginfo-6.1.19-30.43.amzn2023.x86_64
kernel-livepatch-6.1.19-30.43-1.0-0.amzn2023.x86_64
python3-perf-debuginfo-6.1.19-30.43.amzn2023.x86_64
kernel-headers-6.1.19-30.43.amzn2023.x86_64
kernel-libbpf-static-6.1.19-30.43.amzn2023.x86_64
bpftool-6.1.19-30.43.amzn2023.x86_64
perf-6.1.19-30.43.amzn2023.x86_64
python3-perf-6.1.19-30.43.amzn2023.x86_64
kernel-tools-debuginfo-6.1.19-30.43.amzn2023.x86_64
perf-debuginfo-6.1.19-30.43.amzn2023.x86_64
kernel-debuginfo-6.1.19-30.43.amzn2023.x86_64
kernel-tools-6.1.19-30.43.amzn2023.x86_64
kernel-6.1.19-30.43.amzn2023.x86_64
kernel-debuginfo-common-x86_64-6.1.19-30.43.amzn2023.x86_64
kernel-devel-6.1.19-30.43.amzn2023.x86_64
2025-10-18: CVE-2023-53610 was added to this advisory.
2025-10-18: CVE-2023-53511 was added to this advisory.
2025-10-18: CVE-2023-53594 was added to this advisory.
2025-10-18: CVE-2023-53678 was added to this advisory.
2025-10-18: CVE-2023-53643 was added to this advisory.
2025-10-18: CVE-2023-53590 was added to this advisory.
2025-10-18: CVE-2023-53671 was added to this advisory.
2025-10-18: CVE-2023-53606 was added to this advisory.
2025-10-18: CVE-2023-53482 was added to this advisory.
2025-10-18: CVE-2023-53411 was added to this advisory.
2025-10-08: CVE-2023-53477 was added to this advisory.
2025-10-08: CVE-2023-53494 was added to this advisory.
2025-10-08: CVE-2023-53506 was added to this advisory.
2025-10-02: CVE-2023-53211 was added to this advisory.
2025-10-02: CVE-2023-53234 was added to this advisory.
2025-10-02: CVE-2023-53171 was added to this advisory.
2025-10-02: CVE-2023-53409 was added to this advisory.
2025-10-02: CVE-2023-53423 was added to this advisory.
2025-10-02: CVE-2023-53279 was added to this advisory.
2025-10-02: CVE-2023-53373 was added to this advisory.
2025-10-02: CVE-2023-53250 was added to this advisory.
2025-10-02: CVE-2023-53381 was added to this advisory.
2025-10-02: CVE-2023-53197 was added to this advisory.
2025-10-02: CVE-2023-53390 was added to this advisory.
2025-10-02: CVE-2023-53202 was added to this advisory.
2025-10-02: CVE-2023-53408 was added to this advisory.
2025-10-02: CVE-2023-53332 was added to this advisory.
2025-10-02: CVE-2023-53359 was added to this advisory.
2025-10-02: CVE-2023-53427 was added to this advisory.
2025-09-22: CVE-2023-53295 was added to this advisory.
2025-09-22: CVE-2023-53200 was added to this advisory.
2025-09-22: CVE-2023-53307 was added to this advisory.
2025-09-22: CVE-2023-53240 was added to this advisory.
2025-09-22: CVE-2023-53216 was added to this advisory.
2025-09-22: CVE-2023-53254 was added to this advisory.
2025-09-22: CVE-2023-53366 was added to this advisory.
2025-09-22: CVE-2023-53259 was added to this advisory.
2024-01-19: CVE-2023-7192 was added to this advisory.
2023-10-25: CVE-2023-45863 was added to this advisory.
2023-10-10: CVE-2023-1076 was added to this advisory.