Amazon Linux 2023 Security Advisory: ALAS2023-2026-1816
Advisory Released Date: 2026-06-08
Advisory Updated Date: 2026-06-08
FAQs regarding Amazon Linux ALAS/CVE Severity
In the Linux kernel, the following vulnerability has been resolved:
mm/pagewalk: fix race between concurrent split and refault (CVE-2026-31456)
In the Linux kernel, the following vulnerability has been resolved:
mm/userfaultfd: fix hugetlb fault mutex hash calculation (CVE-2026-31575)
In the Linux kernel, the following vulnerability has been resolved:
fuse: reject oversized dirents in page cache (CVE-2026-31694)
In the Linux kernel, the following vulnerability has been resolved:
net/packet: fix TOCTOU race on mmap'd vnet_hdr in tpacket_snd() (CVE-2026-31700)
In the Linux kernel, the following vulnerability has been resolved:
smb: client: fix OOB read in smb2_ioctl_query_info QUERY_INFO path (CVE-2026-31708)
In the Linux kernel, the following vulnerability has been resolved:
smb: client: validate the whole DACL before rewriting it in cifsacl (CVE-2026-31709)
In the Linux kernel, the following vulnerability has been resolved:
fs/ntfs3: validate rec->used in journal-replay file record check (CVE-2026-31716)
In the Linux kernel, the following vulnerability has been resolved:
Buffer overflow in drivers/xen/sys-hypervisor.c (CVE-2026-31786)
In the Linux kernel, the following vulnerability has been resolved:
xen/privcmd: fix double free via VMA splitting (CVE-2026-31787)
In the Linux kernel, the following vulnerability has been resolved:
net: af_key: zero aligned sockaddr tail in PF_KEY exports (CVE-2026-43088)
In the Linux kernel, the following vulnerability has been resolved:
x86: shadow stacks: proper error handling for mmap lock (CVE-2026-43109)
In the Linux kernel, the following vulnerability has been resolved:
smb: client: require a full NFS mode SID before reading mode bits (CVE-2026-43350)
Affected Packages:
kernel6.12
Issue Correction:
Run dnf update kernel6.12 --releasever 2023.12.20260608 or dnf update --advisory ALAS2023-2026-1816 --releasever 2023.12.20260608 to update your system.
More information on how to update your system can be found on this page: Amazon Linux 2023 documentation
aarch64:
perf6.12-debuginfo-6.12.90-120.164.amzn2023.aarch64
bpftool6.12-6.12.90-120.164.amzn2023.aarch64
kernel6.12-tools-devel-6.12.90-120.164.amzn2023.aarch64
kernel6.12-modules-extra-common-6.12.90-120.164.amzn2023.aarch64
perf6.12-6.12.90-120.164.amzn2023.aarch64
bpftool6.12-debuginfo-6.12.90-120.164.amzn2023.aarch64
python3-perf6.12-debuginfo-6.12.90-120.164.amzn2023.aarch64
kernel6.12-headers-6.12.90-120.164.amzn2023.aarch64
kernel6.12-modules-extra-6.12.90-120.164.amzn2023.aarch64
kernel6.12-tools-6.12.90-120.164.amzn2023.aarch64
kernel6.12-6.12.90-120.164.amzn2023.aarch64
kernel-livepatch-6.12.90-120.164-1.0-0.amzn2023.aarch64
kernel6.12-debuginfo-6.12.90-120.164.amzn2023.aarch64
python3-perf6.12-6.12.90-120.164.amzn2023.aarch64
kernel6.12-tools-debuginfo-6.12.90-120.164.amzn2023.aarch64
kernel6.12-debuginfo-common-aarch64-6.12.90-120.164.amzn2023.aarch64
kernel6.12-devel-6.12.90-120.164.amzn2023.aarch64
src:
kernel6.12-6.12.90-120.164.amzn2023.src
x86_64:
bpftool6.12-debuginfo-6.12.90-120.164.amzn2023.x86_64
bpftool6.12-6.12.90-120.164.amzn2023.x86_64
kernel6.12-tools-debuginfo-6.12.90-120.164.amzn2023.x86_64
kernel6.12-headers-6.12.90-120.164.amzn2023.x86_64
kernel6.12-modules-extra-common-6.12.90-120.164.amzn2023.x86_64
kernel6.12-modules-extra-6.12.90-120.164.amzn2023.x86_64
perf6.12-debuginfo-6.12.90-120.164.amzn2023.x86_64
perf6.12-6.12.90-120.164.amzn2023.x86_64
kernel6.12-6.12.90-120.164.amzn2023.x86_64
kernel6.12-tools-devel-6.12.90-120.164.amzn2023.x86_64
python3-perf6.12-debuginfo-6.12.90-120.164.amzn2023.x86_64
kernel-livepatch-6.12.90-120.164-1.0-0.amzn2023.x86_64
kernel6.12-tools-6.12.90-120.164.amzn2023.x86_64
kernel6.12-debuginfo-6.12.90-120.164.amzn2023.x86_64
python3-perf6.12-6.12.90-120.164.amzn2023.x86_64
kernel6.12-debuginfo-common-x86_64-6.12.90-120.164.amzn2023.x86_64
kernel6.12-devel-6.12.90-120.164.amzn2023.x86_64