Amazon Linux 2023 Security Advisory: ALAS2023-2026-1882
Advisory Released Date: 2026-06-22
Advisory Updated Date: 2026-06-22
FAQs regarding Amazon Linux ALAS/CVE Severity
In the Linux kernel, the following vulnerability has been resolved:
arm64: mm: fix VA-range sanity check (CVE-2023-53989)
In the Linux kernel, the following vulnerability has been resolved:
iommu/amd/pgtbl: Fix possible race while increase page table level (CVE-2025-39961)
In the Linux kernel, the following vulnerability has been resolved:
net: add proper RCU protection to /proc/net/ptype (CVE-2026-23255)
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nf_tables: unconditionally bump set->nelems before insertion (CVE-2026-23272)
In the Linux kernel, the following vulnerability has been resolved:
nf_tables: nft_dynset: fix possible stateful expression memleak in error path (CVE-2026-23399)
In the Linux kernel, the following vulnerability has been resolved:
ipv6: add NULL checks for idev in SRv6 paths (CVE-2026-23442)
In the Linux kernel, the following vulnerability has been resolved:
netfilter: conntrack: add missing netlink policy validations (CVE-2026-31407)
In the Linux kernel, the following vulnerability has been resolved:
net: bonding: fix use-after-free in bond_xmit_broadcast() (CVE-2026-31419)
In the Linux kernel, the following vulnerability has been resolved:
bcache: fix cached_dev.sb_bio use-after-free and crash (CVE-2026-31580)
In the Linux kernel, the following vulnerability has been resolved:
mm: blk-cgroup: fix use-after-free in cgwb_release_workfn() (CVE-2026-31586)
In the Linux kernel, the following vulnerability has been resolved:
KVM: x86: Use scratch field in MMIO fragment to hold small write values (CVE-2026-31588)
In the Linux kernel, the following vulnerability has been resolved:
KVM: SEV: Drop WARN on large size for KVM_MEMORY_ENCRYPT_REG_REGION (CVE-2026-31590)
In the Linux kernel, the following vulnerability has been resolved:
usbip: validate number_of_packets in usbip_pack_ret_submit() (CVE-2026-31607)
In the Linux kernel, the following vulnerability has been resolved:
smb: client: fix OOB reads parsing symlink error response (CVE-2026-31613)
In the Linux kernel, the following vulnerability has been resolved:
xfrm: hold dev ref until after transport_finish NF_HOOK (CVE-2026-31663)
In the Linux kernel, the following vulnerability has been resolved:
af_unix: read UNIX_DIAG_VFS data under unix_state_lock (CVE-2026-31673)
In the Linux kernel, the following vulnerability has been resolved:
netfilter: xt_multiport: validate range encoding in checkentry (CVE-2026-31681)
In the Linux kernel, the following vulnerability has been resolved:
net: sched: act_csum: validate nested VLAN headers (CVE-2026-31684)
In the Linux kernel, the following vulnerability has been resolved:
netfilter: ip6t_eui64: reject invalid MAC header for all packets (CVE-2026-31685)
In the Linux kernel, the following vulnerability has been resolved:
rtnetlink: add missing netlink_ns_capable() check for peer netns (CVE-2026-31692)
In the Linux kernel, the following vulnerability has been resolved:
net/packet: fix TOCTOU race on mmap'd vnet_hdr in tpacket_snd() (CVE-2026-31700)
In the Linux kernel, the following vulnerability has been resolved:
smb: client: fix OOB read in smb2_ioctl_query_info QUERY_INFO path (CVE-2026-31708)
In the Linux kernel, the following vulnerability has been resolved:
fs/ntfs3: validate rec->used in journal-replay file record check (CVE-2026-31716)
In the Linux kernel, the following vulnerability has been resolved:
dcache: Limit the minimal number of bucket to two (CVE-2026-43071)
In the Linux kernel, the following vulnerability has been resolved:
perf/x86/intel/uncore: Skip discovery table for offline dies (CVE-2026-43079)
In the Linux kernel, the following vulnerability has been resolved:
net: ioam6: fix OOB and missing lock (CVE-2026-43083)
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nfnetlink_log: initialize nfgenmsg in NLMSG_DONE terminator (CVE-2026-43085)
In the Linux kernel, the following vulnerability has been resolved:
xfrm_user: fix info leak in build_mapping() (CVE-2026-43089)
In the Linux kernel, the following vulnerability has been resolved:
xsk: tighten UMEM headroom validation to account for tailroom and min frame (CVE-2026-43093)
In the Linux kernel, the following vulnerability has been resolved:
ixgbevf: add missing negotiate_features op to Hyper-V ops table (CVE-2026-43094)
In the Linux kernel, the following vulnerability has been resolved:
fs/smb/client: fix out-of-bounds read in cifs_sanitize_prepath (CVE-2026-43112)
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nft_set_pipapo_avx2: don't return non-matching entry on expiry (CVE-2026-43114)
In the Linux kernel, the following vulnerability has been resolved:
netfilter: ctnetlink: ensure safe access to master conntrack (CVE-2026-43116)
In the Linux kernel, the following vulnerability has been resolved:
btrfs: tracepoints: get correct superblock from dentry in event btrfs_sync_file() (CVE-2026-43117)
In the Linux kernel, the following vulnerability has been resolved:
smb: client: require a full NFS mode SID before reading mode bits (CVE-2026-43350)
In the Linux kernel, the following vulnerability has been resolved:
crypto: pcrypt - Fix handling of MAY_BACKLOG requests (CVE-2026-43493)
In the Linux kernel, the following vulnerability has been resolved:
net/sched: sch_red: Replace direct dequeue call with peek and qdisc_dequeue_peeked (CVE-2026-43496)
In the Linux kernel, the following vulnerability has been resolved:
rtmutex: Use waiter::task instead of current in remove_waiter() (CVE-2026-43499)
In the Linux kernel, the following vulnerability has been resolved:
net/rds: handle zerocopy send cleanup before the message is queued (CVE-2026-43502)
In the Linux kernel, the following vulnerability has been resolved:
bpf: fix end-of-list detection in cgroup_storage_get_next_key() (CVE-2026-45838)
In the Linux kernel, the following vulnerability has been resolved:
bpf: reject negative CO-RE accessor indices in bpf_core_parse_spec() (CVE-2026-45839)
In the Linux kernel, the following vulnerability has been resolved:
openvswitch: cap upcall PID array size and pre-size vport replies (CVE-2026-45840)
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nfnetlink_osf: fix divide-by-zero in OSF_WSS_MODULO (CVE-2026-45841)
In the Linux kernel, the following vulnerability has been resolved:
slip: reject VJ receive packets on instances with no rstate array (CVE-2026-45842)
In the Linux kernel, the following vulnerability has been resolved:
slip: bound decode() reads against the compressed packet length (CVE-2026-45843)
In the Linux kernel, the following vulnerability has been resolved:
KVM: nSVM: Sync interrupt shadow to cached vmcb12 after VMRUN of L2 (CVE-2026-45987)
In the Linux kernel, the following vulnerability has been resolved:
scsi: sd: fix missing put_disk() when device_add(&disk_dev) fails (CVE-2026-45997)
In the Linux kernel, the following vulnerability has been resolved:
tcp: call sk_data_ready() after listener migration (CVE-2026-46015)
In the Linux kernel, the following vulnerability has been resolved:
dm mirror: fix integer overflow in create_dirty_log() (CVE-2026-46023)
In the Linux kernel, the following vulnerability has been resolved:
libceph: Prevent potential null-ptr-deref in ceph_handle_auth_reply() (CVE-2026-46024)
In the Linux kernel, the following vulnerability has been resolved:
crypto: authencesn - reject short ahash digests during instance creation (CVE-2026-46033)
In the Linux kernel, the following vulnerability has been resolved:
ipv4: icmp: validate reply type before using icmp_pointers (CVE-2026-46037)
In the Linux kernel, the following vulnerability has been resolved:
inotify: fix watch count leak when fsnotify_add_inode_mark_locked() fails (CVE-2026-46040)
In the Linux kernel, the following vulnerability has been resolved:
ext4: fix missing brelse() in ext4_xattr_inode_dec_ref_all() (CVE-2026-46046)
In the Linux kernel, the following vulnerability has been resolved:
md/raid10: fix deadlock with check operation and nowait requests (CVE-2026-46050)
In the Linux kernel, the following vulnerability has been resolved:
md/raid5: fix soft lockup in retry_aligned_read() (CVE-2026-46051)
In the Linux kernel, the following vulnerability has been resolved:
net: rds: fix MR cleanup on copy error (CVE-2026-46053)
In the Linux kernel, the following vulnerability has been resolved:
ntfs3: fix integer overflow in run_unpack() volume boundary check (CVE-2026-46062)
In the Linux kernel, the following vulnerability has been resolved:
md/raid5: validate payload size before accessing journal metadata (CVE-2026-46070)
In the Linux kernel, the following vulnerability has been resolved:
ntfs3: add buffer boundary checks to run_unpack() (CVE-2026-46072)
In the Linux kernel, the following vulnerability has been resolved:
erofs: fix the out-of-bounds nameoff handling for trailing dirents (CVE-2026-46078)
In the Linux kernel, the following vulnerability has been resolved:
rbd: fix null-ptr-deref when device_add_disk() fails (CVE-2026-46079)
In the Linux kernel, the following vulnerability has been resolved:
KVM: SVM: Inject #UD for INVLPGA if EFER.SVME=0 (CVE-2026-46082)
In the Linux kernel, the following vulnerability has been resolved:
net: ipv6: fix NOREF dst use in seg6 and rpl lwtunnels (CVE-2026-46099)
In the Linux kernel, the following vulnerability has been resolved:
netfilter: reject zero shift in nft_bitwise (CVE-2026-46101)
In the Linux kernel, the following vulnerability has been resolved:
net: strparser: fix skb_head leak in strp_abort_strp() (CVE-2026-46102)
In the Linux kernel, the following vulnerability has been resolved:
dm-thin: fix metadata refcount underflow (CVE-2026-46107)
In the Linux kernel, the following vulnerability has been resolved:
KVM: x86: Fix shadow paging use-after-free due to unexpected GFN (CVE-2026-46113)
In the Linux kernel, the following vulnerability has been resolved:
libceph: Fix slab-out-of-bounds access in auth message processing (CVE-2026-46119)
In the Linux kernel, the following vulnerability has been resolved:
ip6_gre: Use cached t->net in ip6erspan_changelink(). (CVE-2026-46120)
In the Linux kernel, the following vulnerability has been resolved:
isofs: validate block number from NFS file handle in isofs_export_iget (CVE-2026-46124)
In the Linux kernel, the following vulnerability has been resolved:
btrfs: fix double free in create_space_info() error path (CVE-2026-46129)
In the Linux kernel, the following vulnerability has been resolved:
net: rtnetlink: zero ifla_vf_broadcast to avoid stack infoleak in rtnl_fill_vfinfo (CVE-2026-46132)
In the Linux kernel, the following vulnerability has been resolved:
scsi: target: configfs: Bound snprintf() return in tg_pt_gp_members_show() (CVE-2026-46149)
In the Linux kernel, the following vulnerability has been resolved:
fanotify: fix false positive on permission events (CVE-2026-46150)
In the Linux kernel, the following vulnerability has been resolved:
md/raid10: fix divide-by-zero in setup_geo() with zero far_copies (CVE-2026-46161)
In the Linux kernel, the following vulnerability has been resolved:
openvswitch: vport: fix self-deadlock on release of tunnel ports (CVE-2026-46165)
In the Linux kernel, the following vulnerability has been resolved:
mptcp: fix scheduling with atomic in timestamp sockopt (CVE-2026-46168)
In the Linux kernel, the following vulnerability has been resolved:
ipv6: xfrm6: release dst on error in xfrm6_rcv_encap() (CVE-2026-46172)
In the Linux kernel, the following vulnerability has been resolved:
exit: prevent preemption of oopsing TASK_DEAD task (CVE-2026-46173)
In the Linux kernel, the following vulnerability has been resolved:
smb/client: fix out-of-bounds read in symlink_data() (CVE-2026-46185)
In the Linux kernel, the following vulnerability has been resolved:
drm/gem: Fix inconsistent plane dimension calculation in drm_gem_fb_init_with_funcs() (CVE-2026-46209)
In the Linux kernel, the following vulnerability has been resolved:
vsock/virtio: fix accept queue count leak on transport mismatch (CVE-2026-46214)
In the Linux kernel, the following vulnerability has been resolved:
sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL (CVE-2026-46227)
In the Linux kernel, the following vulnerability has been resolved:
vsock: fix buffer size clamping order (CVE-2026-46234)
In the Linux kernel, the following vulnerability has been resolved:
eventpoll: fix ep_remove struct eventpoll / struct file UAF (CVE-2026-46242)
In the Linux kernel, the following vulnerability has been resolved:
io-wq: check that the predecessor is hashed in io_wq_remove_pending() (CVE-2026-46274)
In the Linux kernel, the following vulnerability has been resolved:
dm: fix a buffer overflow in ioctl processing (CVE-2026-46294)
In the Linux kernel, the following vulnerability has been resolved:
flow_dissector: do not dissect PPPoE PFC frames (CVE-2026-46306)
Affected Packages:
kernel
Issue Correction:
Run dnf update kernel --releasever 2023.12.20260622 or dnf update --advisory ALAS2023-2026-1882 --releasever 2023.12.20260622 to update your system.
More information on how to update your system can be found on this page: Amazon Linux 2023 documentation
aarch64:
kernel-livepatch-6.1.175-219.357-1.0-0.amzn2023.aarch64
kernel-tools-devel-6.1.175-219.357.amzn2023.aarch64
perf-6.1.175-219.357.amzn2023.aarch64
kernel-tools-6.1.175-219.357.amzn2023.aarch64
python3-perf-debuginfo-6.1.175-219.357.amzn2023.aarch64
kernel-modules-extra-6.1.175-219.357.amzn2023.aarch64
kernel-headers-6.1.175-219.357.amzn2023.aarch64
python3-perf-6.1.175-219.357.amzn2023.aarch64
kernel-modules-extra-common-6.1.175-219.357.amzn2023.aarch64
perf-debuginfo-6.1.175-219.357.amzn2023.aarch64
bpftool-debuginfo-6.1.175-219.357.amzn2023.aarch64
bpftool-6.1.175-219.357.amzn2023.aarch64
kernel-debuginfo-6.1.175-219.357.amzn2023.aarch64
kernel-tools-debuginfo-6.1.175-219.357.amzn2023.aarch64
kernel-6.1.175-219.357.amzn2023.aarch64
kernel-debuginfo-common-aarch64-6.1.175-219.357.amzn2023.aarch64
kernel-devel-6.1.175-219.357.amzn2023.aarch64
src:
kernel-6.1.175-219.357.amzn2023.src
x86_64:
kernel-debuginfo-6.1.175-219.357.amzn2023.x86_64
perf-debuginfo-6.1.175-219.357.amzn2023.x86_64
python3-perf-debuginfo-6.1.175-219.357.amzn2023.x86_64
perf-6.1.175-219.357.amzn2023.x86_64
bpftool-6.1.175-219.357.amzn2023.x86_64
kernel-modules-extra-6.1.175-219.357.amzn2023.x86_64
kernel-modules-extra-common-6.1.175-219.357.amzn2023.x86_64
kernel-livepatch-6.1.175-219.357-1.0-0.amzn2023.x86_64
kernel-tools-devel-6.1.175-219.357.amzn2023.x86_64
python3-perf-6.1.175-219.357.amzn2023.x86_64
kernel-tools-6.1.175-219.357.amzn2023.x86_64
kernel-tools-debuginfo-6.1.175-219.357.amzn2023.x86_64
bpftool-debuginfo-6.1.175-219.357.amzn2023.x86_64
kernel-headers-6.1.175-219.357.amzn2023.x86_64
kernel-6.1.175-219.357.amzn2023.x86_64
kernel-debuginfo-common-x86_64-6.1.175-219.357.amzn2023.x86_64
kernel-devel-6.1.175-219.357.amzn2023.x86_64