Amazon Linux 2023 Security Advisory: ALAS2023-2025-1208
Advisory Released Date: 2025-09-29
Advisory Updated Date: 2025-10-18
FAQs regarding Amazon Linux ALAS/CVE Severity
In the Linux kernel, the following vulnerability has been resolved:
net: fix NULL pointer dereference in l3mdev_l3_rcv (CVE-2025-22103)
In the Linux kernel, the following vulnerability has been resolved:
ext4: avoid journaling sb update on error if journal is destroying (CVE-2025-22113)
In the Linux kernel, the following vulnerability has been resolved:
md/md-bitmap: fix wrong bitmap_limit for clustermd when write sb (CVE-2025-22124)
In the Linux kernel, the following vulnerability has been resolved:
md/raid1,raid10: don't ignore IO flags (CVE-2025-22125)
In the Linux kernel, the following vulnerability has been resolved:
io_uring/msg_ring: ensure io_kiocb freeing is deferred for RCU (CVE-2025-38453)
In the Linux kernel, the following vulnerability has been resolved:
xfrm: interface: fix use-after-free after changing collect_md xfrm interface (CVE-2025-38500)
In the Linux kernel, the following vulnerability has been resolved:
bpf: Fix oob access in cgroup local storage (CVE-2025-38502)
In the Linux kernel, the following vulnerability has been resolved:
net/sched: Restrict conditions for adding duplicating netems to qdisc tree (CVE-2025-38553)
In the Linux kernel, the following vulnerability has been resolved:
HID: core: Harden s32ton() against conversion to 0 bits (CVE-2025-38556)
In the Linux kernel, the following vulnerability has been resolved:
perf/core: Prevent VMA split of buffer mappings (CVE-2025-38563)
In the Linux kernel, the following vulnerability has been resolved:
perf/core: Exit early on perf_mmap() fail (CVE-2025-38565)
In the Linux kernel, the following vulnerability has been resolved:
sunrpc: fix handling of server side tls alerts (CVE-2025-38566)
In the Linux kernel, the following vulnerability has been resolved:
net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing (CVE-2025-38568)
In the Linux kernel, the following vulnerability has been resolved:
sunrpc: fix client side handling of tls alerts (CVE-2025-38571)
In the Linux kernel, the following vulnerability has been resolved:
ipv6: reject malicious packets in ipv6_gso_segment() (CVE-2025-38572)
In the Linux kernel, the following vulnerability has been resolved:
bpf, arm64: Fix fp initialization for exception boundary (CVE-2025-38586)
In the Linux kernel, the following vulnerability has been resolved:
ipv6: fix possible infinite loop in fib6_info_uses_dev() (CVE-2025-38587)
In the Linux kernel, the following vulnerability has been resolved:
ipv6: prevent infinite loop in rt6_nlmsg_size() (CVE-2025-38588)
In the Linux kernel, the following vulnerability has been resolved:
net/mlx5e: Remove skb secpath if xfrm state is not found (CVE-2025-38590)
In the Linux kernel, the following vulnerability has been resolved:
bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (CVE-2025-38608)
In the Linux kernel, the following vulnerability has been resolved:
eventpoll: Fix semi-unbounded recursion (CVE-2025-38614)
In the Linux kernel, the following vulnerability has been resolved:
fs/ntfs3: cancle set bad inode after removing name fails (CVE-2025-38615)
In the Linux kernel, the following vulnerability has been resolved:
tls: handle data disappearing from under the TLS ULP (CVE-2025-38616)
In the Linux kernel, the following vulnerability has been resolved:
net/packet: fix a race in packet_set_ring() and packet_notifier() (CVE-2025-38617)
In the Linux kernel, the following vulnerability has been resolved:
vsock: Do not allow binding to VMADDR_PORT_ANY (CVE-2025-38618)
In the Linux kernel, the following vulnerability has been resolved:
net: drop UFO packets in udp_rcv_segment() (CVE-2025-38622)
In the Linux kernel, the following vulnerability has been resolved:
pinmux: fix race causing mux_owner NULL with active mux_usecount (CVE-2025-38632)
In the Linux kernel, the following vulnerability has been resolved:
netfilter: xt_nfacct: don't assume acct name is null-terminated (CVE-2025-38639)
In the Linux kernel, the following vulnerability has been resolved:
bpf: Disable migration in nf_hook_run_bpf(). (CVE-2025-38640)
In the Linux kernel, the following vulnerability has been resolved:
net/mlx5: Check device memory pointer before usage (CVE-2025-38645)
In the Linux kernel, the following vulnerability has been resolved:
proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al (CVE-2025-38653)
In the Linux kernel, the following vulnerability has been resolved:
[ceph] parse_longname(): strrchr() expects NUL-terminated string (CVE-2025-38660)
In the Linux kernel, the following vulnerability has been resolved:
can: netlink: can_changelink(): fix NULL pointer deref of struct can_priv::do_set_mode (CVE-2025-38665)
In the Linux kernel, the following vulnerability has been resolved:
arm64/entry: Mask DAIF in cpu_switch_to(), call_on_irq_stack() (CVE-2025-38670)
In the Linux kernel, the following vulnerability has been resolved:
xfrm: state: initialize state_ptrs earlier in xfrm_state_find (CVE-2025-38675)
In the Linux kernel, the following vulnerability has been resolved:
iommu/amd: Avoid stack buffer overflow from kernel cmdline (CVE-2025-38676)
In the Linux kernel, the following vulnerability has been resolved:
mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd() (CVE-2025-38681)
In the Linux kernel, the following vulnerability has been resolved:
hv_netvsc: Fix panic during namespace deletion with VF (CVE-2025-38683)
In the Linux kernel, the following vulnerability has been resolved:
fbdev: Fix vmalloc out-of-bounds write in fast_imageblit (CVE-2025-38685)
In the Linux kernel, the following vulnerability has been resolved:
userfaultfd: fix a crash in UFFDIO_MOVE when PMD is a migration entry (CVE-2025-38686)
In the Linux kernel, the following vulnerability has been resolved:
pNFS: Fix uninited ptr deref in block/scsi layout (CVE-2025-38691)
In the Linux kernel, the following vulnerability has been resolved:
exfat: add cluster chain loop check for dir (CVE-2025-38692)
In the Linux kernel, the following vulnerability has been resolved:
scsi: libiscsi: Initialize iscsi_conn->dd_data only if memory is allocated (CVE-2025-38700)
In the Linux kernel, the following vulnerability has been resolved:
ext4: do not BUG when INLINE_DATA_FL lacks system.data xattr (CVE-2025-38701)
In the Linux kernel, the following vulnerability has been resolved:
fbdev: fix potential buffer overflow in do_register_framebuffer() (CVE-2025-38702)
In the Linux kernel, the following vulnerability has been resolved:
rcu/nocb: Fix possible invalid rdp's->nocb_cb_kthread pointer access (CVE-2025-38704)
In the Linux kernel, the following vulnerability has been resolved:
fs/ntfs3: Add sanity check for file name (CVE-2025-38707)
In the Linux kernel, the following vulnerability has been resolved:
drbd: add missing kref_get in handle_write_conflicts (CVE-2025-38708)
In the Linux kernel, the following vulnerability has been resolved:
loop: Avoid updating block size under exclusive owner (CVE-2025-38709)
In the Linux kernel, the following vulnerability has been resolved:
net: kcm: Fix race condition in kcm_unattach() (CVE-2025-38717)
In the Linux kernel, the following vulnerability has been resolved:
sctp: linearize cloned gso packets in sctp_rcv (CVE-2025-38718)
In the Linux kernel, the following vulnerability has been resolved:
netfilter: ctnetlink: fix refcount leak on table dump (CVE-2025-38721)
In the Linux kernel, the following vulnerability has been resolved:
nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm() (CVE-2025-38724)
In the Linux kernel, the following vulnerability has been resolved:
smb3: fix for slab out of bounds on mount to ksmbd (CVE-2025-38728)
In the Linux kernel, the following vulnerability has been resolved:
io_uring/net: commit partial buffers on retry (CVE-2025-38730)
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nf_reject: don't leak dst refcount for loopback packets (CVE-2025-38732)
In the Linux kernel, the following vulnerability has been resolved:
cifs: Fix oops due to uninitialised variable (CVE-2025-38737)
In the Linux kernel, the following vulnerability has been resolved:
net/sched: Fix backlog accounting in qdisc_dequeue_internal (CVE-2025-39677)
In the Linux kernel, the following vulnerability has been resolved:
x86/cpu/hygon: Add missing resctrl_cpu_detect() in bsp_init helper (CVE-2025-39681)
In the Linux kernel, the following vulnerability has been resolved:
tls: fix handling of zero-length records on the rx_list (CVE-2025-39682)
In the Linux kernel, the following vulnerability has been resolved:
tracing: Limit access to parser->buffer when trace_get_user failed (CVE-2025-39683)
In the Linux kernel, the following vulnerability has been resolved:
ftrace: Also allocate and copy hash for reading of filter files (CVE-2025-39689)
In the Linux kernel, the following vulnerability has been resolved:
fs/buffer: fix use-after-free when call bh_read() helper (CVE-2025-39691)
In the Linux kernel, the following vulnerability has been resolved:
NFS: Fix a race when updating an existing write (CVE-2025-39697)
In the Linux kernel, the following vulnerability has been resolved:
io_uring/futex: ensure io_futex_wait() cleans up properly on failure (CVE-2025-39698)
In the Linux kernel, the following vulnerability has been resolved:
mm/damon/ops-common: ignore migration request to invalid nodes (CVE-2025-39700)
In the Linux kernel, the following vulnerability has been resolved:
ipv6: sr: Fix MAC comparison to be constant-time (CVE-2025-39702)
In the Linux kernel, the following vulnerability has been resolved:
vsock/virtio: Validate length in packet header before skb_put() (CVE-2025-39718)
In the Linux kernel, the following vulnerability has been resolved:
netfs: Fix unbuffered write error handling (CVE-2025-39723)
In the Linux kernel, the following vulnerability has been resolved:
serial: 8250: fix panic due to PSLVERR (CVE-2025-39724)
In the Linux kernel, the following vulnerability has been resolved:
mm/vmscan: fix hwpoisoned large folio handling in shrink_folio_list (CVE-2025-39725)
In the Linux kernel, the following vulnerability has been resolved:
mm: swap: fix potential buffer overflow in setup_clusters() (CVE-2025-39727)
In the Linux kernel, the following vulnerability has been resolved:
NFS: Fix filehandle bounds checking in nfs_fh_to_dentry() (CVE-2025-39730)
In the Linux kernel, the following vulnerability has been resolved:
Revert "fs/ntfs3: Replace inode_trylock with inode_lock" (CVE-2025-39734)
In the Linux kernel, the following vulnerability has been resolved:
btrfs: do not allow relocation of partially dropped subvolumes (CVE-2025-39738)
In the Linux kernel, the following vulnerability has been resolved:
rcu: Fix rcu_read_unlock() deadloop due to IRQ work (CVE-2025-39744)
In the Linux kernel, the following vulnerability has been resolved:
bpf: Forget ranges when refining tnum after JSET (CVE-2025-39748)
In the Linux kernel, the following vulnerability has been resolved:
rcu: Protect ->defer_qs_iw_pending from data race (CVE-2025-39749)
In the Linux kernel, the following vulnerability has been resolved:
mm/smaps: fix race between smaps_hugetlb_range and migration (CVE-2025-39754)
In the Linux kernel, the following vulnerability has been resolved:
fs: Prevent file descriptor table allocations exceeding INT_MAX (CVE-2025-39756)
In the Linux kernel, the following vulnerability has been resolved:
btrfs: qgroup: fix race between quota disable and quota rescan ioctl (CVE-2025-39759)
In the Linux kernel, the following vulnerability has been resolved:
usb: core: config: Prevent OOB read in SS endpoint companion parsing (CVE-2025-39760)
In the Linux kernel, the following vulnerability has been resolved:
ACPI: APEI: send SIGBUS to current task if synchronous memory error not recovered (CVE-2025-39763)
In the Linux kernel, the following vulnerability has been resolved:
net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit (CVE-2025-39766)
In the Linux kernel, the following vulnerability has been resolved:
net: gso: Forbid IPv6 TSO with extensions on devices with only IPV6_CSUM (CVE-2025-39770)
In the Linux kernel, the following vulnerability has been resolved:
net: bridge: fix soft lockup in br_multicast_query_expired() (CVE-2025-39773)
In the Linux kernel, the following vulnerability has been resolved:
btrfs: subpage: keep TOWRITE tag until folio is cleaned (CVE-2025-39779)
In the Linux kernel, the following vulnerability has been resolved:
sched/ext: Fix invalid task state transitions on class switch (CVE-2025-39780)
In the Linux kernel, the following vulnerability has been resolved:
jbd2: prevent softlockup in jbd2_log_do_checkpoint() (CVE-2025-39782)
In the Linux kernel, the following vulnerability has been resolved:
PCI: endpoint: Fix configfs group list head handling (CVE-2025-39783)
In the Linux kernel, the following vulnerability has been resolved:
dm: dm-crypt: Do not partially accept write BIOs with zoned targets (CVE-2025-39791)
In the Linux kernel, the following vulnerability has been resolved:
dm: Always split write BIOs to zoned device limits (CVE-2025-39792)
In the Linux kernel, the following vulnerability has been resolved:
block: avoid possible overflow for chunk_sectors check in blk_stack_limits() (CVE-2025-39795)
In the Linux kernel, the following vulnerability has been resolved:
xfrm: Duplicate SPI Handling (CVE-2025-39797)
In the Linux kernel, the following vulnerability has been resolved:
NFS: Fix the setting of capabilities when automounting a new filesystem (CVE-2025-39798)
In the Linux kernel, the following vulnerability has been resolved:
btrfs: abort transaction on unexpected eb generation at btrfs_copy_root() (CVE-2025-39800)
In the Linux kernel, the following vulnerability has been resolved:
HID: multitouch: fix slab out-of-bounds access in mt_report_fixup() (CVE-2025-39806)
In the Linux kernel, the following vulnerability has been resolved:
sctp: initialize more fields in sctp_v6_from_sk() (CVE-2025-39812)
In the Linux kernel, the following vulnerability has been resolved:
ftrace: Fix potential warning in trace_printk_seq during ftrace_dump (CVE-2025-39813)
In the Linux kernel, the following vulnerability has been resolved:
efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare (CVE-2025-39817)
In the Linux kernel, the following vulnerability has been resolved:
fs/smb: Fix inconsistent refcnt update (CVE-2025-39819)
In the Linux kernel, the following vulnerability has been resolved:
KVM: x86: use array_index_nospec with indices that come from guest (CVE-2025-39823)
In the Linux kernel, the following vulnerability has been resolved:
HID: asus: fix UAF via HID_CLAIMED_INPUT validation (CVE-2025-39824)
In the Linux kernel, the following vulnerability has been resolved:
smb: client: fix race with concurrent opens in rename(2) (CVE-2025-39825)
In the Linux kernel, the following vulnerability has been resolved:
trace/fgraph: Fix the warning caused by missing unregister notifier (CVE-2025-39829)
In the Linux kernel, the following vulnerability has been resolved:
net/mlx5: Fix lockdep assertion on sync reset unload event (CVE-2025-39832)
In the Linux kernel, the following vulnerability has been resolved:
xfs: do not propagate ENODATA disk errors into xattr code (CVE-2025-39835)
In the Linux kernel, the following vulnerability has been resolved:
cifs: prevent NULL pointer dereference in UTF16 conversion (CVE-2025-39838)
In the Linux kernel, the following vulnerability has been resolved:
mm: slub: avoid wake up kswapd in set_track_prepare (CVE-2025-39843)
In the Linux kernel, the following vulnerability has been resolved:
mm: move page table sync declarations to linux/pgtable.h (CVE-2025-39844)
In the Linux kernel, the following vulnerability has been resolved:
x86/mm/64: define ARCH_PAGE_TABLE_SYNC_MASK and arch_sync_kernel_mappings() (CVE-2025-39845)
In the Linux kernel, the following vulnerability has been resolved:
vxlan: Fix NPD in {arp,neigh}_reduce() when using nexthop objects (CVE-2025-39850)
In the Linux kernel, the following vulnerability has been resolved:
vxlan: Fix NPD when refreshing an FDB entry with a nexthop object (CVE-2025-39851)
In the Linux kernel, the following vulnerability has been resolved:
net/tcp: Fix socket memory leak in TCP-AO failure handling for IPv6 (CVE-2025-39852)
In the Linux kernel, the following vulnerability has been resolved:
fs: writeback: fix use-after-free in __mark_inode_dirty() (CVE-2025-39866)
In the Linux kernel, the following vulnerability has been resolved:
netfilter: br_netfilter: do not check confirmed bit in br_nf_local_in() after confirm (CVE-2025-39894)
In the Linux kernel, the following vulnerability has been resolved:
sched: Fix sched_numa_find_nth_cpu() if mask offline (CVE-2025-39895)
In the Linux kernel, the following vulnerability has been resolved:
e1000e: fix heap overflow in e1000_set_eeprom (CVE-2025-39898)
In the Linux kernel, the following vulnerability has been resolved:
mm/userfaultfd: fix kmap_local LIFO ordering for CONFIG_HIGHPTE (CVE-2025-39899)
In the Linux kernel, the following vulnerability has been resolved:
net_sched: gen_estimator: fix est_timer() vs CONFIG_PREEMPT_RT=y (CVE-2025-39900)
In the Linux kernel, the following vulnerability has been resolved:
mm/slub: avoid accessing metadata when pointer is invalid in object_err() (CVE-2025-39902)
In the Linux kernel, the following vulnerability has been resolved:
of_numa: fix uninitialized memory nodes causing kernel panic (CVE-2025-39903)
Affected Packages:
kernel6.12
Issue Correction:
Run dnf update kernel6.12 --releasever 2023.9.20250929 or dnf update --advisory ALAS2023-2025-1208 --releasever 2023.9.20250929 to update your system.
More information on how to update your system can be found on this page: Amazon Linux 2023 documentation
aarch64:
python3-perf6.12-6.12.46-66.121.amzn2023.aarch64
kernel-livepatch-6.12.46-66.121-1.0-0.amzn2023.aarch64
perf6.12-debuginfo-6.12.46-66.121.amzn2023.aarch64
kernel6.12-modules-extra-6.12.46-66.121.amzn2023.aarch64
kernel6.12-modules-extra-common-6.12.46-66.121.amzn2023.aarch64
kernel6.12-libbpf-6.12.46-66.121.amzn2023.aarch64
kernel6.12-libbpf-static-6.12.46-66.121.amzn2023.aarch64
kernel6.12-tools-debuginfo-6.12.46-66.121.amzn2023.aarch64
bpftool6.12-debuginfo-6.12.46-66.121.amzn2023.aarch64
kernel6.12-headers-6.12.46-66.121.amzn2023.aarch64
kernel6.12-libbpf-devel-6.12.46-66.121.amzn2023.aarch64
kernel6.12-tools-devel-6.12.46-66.121.amzn2023.aarch64
kernel6.12-tools-6.12.46-66.121.amzn2023.aarch64
kernel6.12-libbpf-debuginfo-6.12.46-66.121.amzn2023.aarch64
bpftool6.12-6.12.46-66.121.amzn2023.aarch64
kernel6.12-6.12.46-66.121.amzn2023.aarch64
python3-perf6.12-debuginfo-6.12.46-66.121.amzn2023.aarch64
perf6.12-6.12.46-66.121.amzn2023.aarch64
kernel6.12-debuginfo-6.12.46-66.121.amzn2023.aarch64
kernel6.12-debuginfo-common-aarch64-6.12.46-66.121.amzn2023.aarch64
kernel6.12-devel-6.12.46-66.121.amzn2023.aarch64
src:
kernel6.12-6.12.46-66.121.amzn2023.src
x86_64:
kernel6.12-tools-6.12.46-66.121.amzn2023.x86_64
python3-perf6.12-debuginfo-6.12.46-66.121.amzn2023.x86_64
kernel6.12-libbpf-static-6.12.46-66.121.amzn2023.x86_64
kernel-livepatch-6.12.46-66.121-1.0-0.amzn2023.x86_64
perf6.12-debuginfo-6.12.46-66.121.amzn2023.x86_64
kernel6.12-tools-devel-6.12.46-66.121.amzn2023.x86_64
bpftool6.12-6.12.46-66.121.amzn2023.x86_64
kernel6.12-libbpf-debuginfo-6.12.46-66.121.amzn2023.x86_64
kernel6.12-tools-debuginfo-6.12.46-66.121.amzn2023.x86_64
kernel6.12-modules-extra-6.12.46-66.121.amzn2023.x86_64
kernel6.12-modules-extra-common-6.12.46-66.121.amzn2023.x86_64
kernel6.12-libbpf-devel-6.12.46-66.121.amzn2023.x86_64
bpftool6.12-debuginfo-6.12.46-66.121.amzn2023.x86_64
python3-perf6.12-6.12.46-66.121.amzn2023.x86_64
kernel6.12-libbpf-6.12.46-66.121.amzn2023.x86_64
kernel6.12-headers-6.12.46-66.121.amzn2023.x86_64
kernel6.12-6.12.46-66.121.amzn2023.x86_64
perf6.12-6.12.46-66.121.amzn2023.x86_64
kernel6.12-debuginfo-6.12.46-66.121.amzn2023.x86_64
kernel6.12-debuginfo-common-x86_64-6.12.46-66.121.amzn2023.x86_64
kernel6.12-devel-6.12.46-66.121.amzn2023.x86_64
2025-10-18: CVE-2025-39895 was added to this advisory.
2025-10-08: CVE-2025-39903 was added to this advisory.
2025-10-08: CVE-2025-39899 was added to this advisory.
2025-10-08: CVE-2025-39902 was added to this advisory.
2025-10-08: CVE-2025-39900 was added to this advisory.
2025-10-08: CVE-2025-39898 was added to this advisory.
2025-10-08: CVE-2025-39894 was added to this advisory.