ALAS2023-2025-1350

Package updates are available for Amazon Linux 2023 that fix the following vulnerabilities: CVE-2025-68321: In the Linux kernel, the following vulnerability has been resolved:

page_pool: always add GFP_NOWARN for ATOMIC allocations

CVE-2025-68295: In the Linux kernel, the following vulnerability has been resolved:

smb: client: fix memory leak in cifs_construct_tcon()

CVE-2025-68288: In the Linux kernel, the following vulnerability has been resolved:

usb: storage: Fix memory leak in USB bulk transport

CVE-2025-68287: In the Linux kernel, the following vulnerability has been resolved:

usb: dwc3: Fix race condition between concurrent dwc3_remove_requests() call paths

CVE-2025-68285: In the Linux kernel, the following vulnerability has been resolved:

libceph: fix potential use-after-free in have_mon_and_osd_map()

CVE-2025-68284: In the Linux kernel, the following vulnerability has been resolved:

libceph: prevent potential out-of-bounds writes in handle_auth_session_key()

CVE-2025-68283: In the Linux kernel, the following vulnerability has been resolved:

libceph: replace BUG_ON with bounds check for map->max_osd

CVE-2025-68244: In the Linux kernel, the following vulnerability has been resolved:

drm/i915: Avoid lock inversion when pinning to GGTT on CHV/BXT+VTD

CVE-2025-68241: In the Linux kernel, the following vulnerability has been resolved:

ipv4: route: Prevent rt_bind_exception() from rebinding stale fnhe

CVE-2025-68231: In the Linux kernel, the following vulnerability has been resolved:

mm/mempool: fix poisoning order>0 pages with HIGHMEM

CVE-2025-68229: In the Linux kernel, the following vulnerability has been resolved:

scsi: target: tcm_loop: Fix segfault in tcm_loop_tpg_address_show()

CVE-2025-68227: In the Linux kernel, the following vulnerability has been resolved:

mptcp: Fix proto fallback detection with BPF

CVE-2025-68224: In the Linux kernel, the following vulnerability has been resolved:

scsi: core: Fix a regression triggered by scsi_host_busy()

CVE-2025-68214: In the Linux kernel, the following vulnerability has been resolved:

timers: Fix NULL function pointer race in timer_shutdown_sync()

CVE-2025-68200: In the Linux kernel, the following vulnerability has been resolved:

bpf: Add bpf_prog_run_data_pointers()

CVE-2025-68191: In the Linux kernel, the following vulnerability has been resolved:

udp_tunnel: use netdev_warn() instead of netdev_WARN()

CVE-2025-68185: In the Linux kernel, the following vulnerability has been resolved:

nfs4_setup_readdir(): insufficient locking for ->d_parent->d_inode dereferencing

CVE-2025-68173: In the Linux kernel, the following vulnerability has been resolved:

ftrace: Fix softlockup in ftrace_module_enable

CVE-2025-68171: In the Linux kernel, the following vulnerability has been resolved:

x86/fpu: Ensure XFD state on signal delivery

CVE-2025-40363: In the Linux kernel, the following vulnerability has been resolved:

net: ipv6: fix field-spanning memcpy warning in AH output

CVE-2025-40361: In the Linux kernel, the following vulnerability has been resolved:

fs: ext4: change GFP_KERNEL to GFP_NOFS to avoid deadlock

CVE-2025-40360: In the Linux kernel, the following vulnerability has been resolved:

drm/sysfb: Do not dereference NULL pointer in plane reset

CVE-2025-40341: In the Linux kernel, the following vulnerability has been resolved:

futex: Don't leak robust_list pointer on exec race

CVE-2025-40331: In the Linux kernel, the following vulnerability has been resolved:

sctp: Prevent TOCTOU out-of-bounds write

CVE-2025-40324: In the Linux kernel, the following vulnerability has been resolved:

NFSD: Fix crash in nfsd4_read_release()

CVE-2025-40323: In the Linux kernel, the following vulnerability has been resolved:

fbcon: Set fb_display[i]->mode to NULL when the mode is released

CVE-2025-40322: In the Linux kernel, the following vulnerability has been resolved:

fbdev: bitblit: bound-check glyph index in bit_putcs*

CVE-2025-40319: In the Linux kernel, the following vulnerability has been resolved:

bpf: Sync pending IRQ work before freeing ring buffer

CVE-2025-40313: In the Linux kernel, the following vulnerability has been resolved:

ntfs3: pretend $Extend records as regular files

CVE-2025-40304: In the Linux kernel, the following vulnerability has been resolved:

fbdev: Add bounds checking in bit_putcs to fix vmalloc-out-of-bounds

CVE-2025-40297: In the Linux kernel, the following vulnerability has been resolved:

net: bridge: fix use-after-free due to MST port state bypass

CVE-2025-40293: In the Linux kernel, the following vulnerability has been resolved:

iommufd: Don't overflow during division for dirty tracking

CVE-2025-40292: In the Linux kernel, the following vulnerability has been resolved:

virtio-net: fix received length check in big packets

CVE-2025-40281: In the Linux kernel, the following vulnerability has been resolved:

sctp: prevent possible shift-out-of-bounds in sctp_transport_update_rto

CVE-2025-40279: In the Linux kernel, the following vulnerability has been resolved:

net: sched: act_connmark: initialize struct tc_ife to fix kernel leak

CVE-2025-40277: In the Linux kernel, the following vulnerability has been resolved:

drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE

CVE-2025-40273: In the Linux kernel, the following vulnerability has been resolved:

NFSD: free copynotify stateid in nfs4_free_ol_stateid()

CVE-2025-40272: In the Linux kernel, the following vulnerability has been resolved:

mm/secretmem: fix use-after-free race in fault handler

CVE-2025-40271: In the Linux kernel, the following vulnerability has been resolved:

fs/proc: fix uaf in proc_readdir_de()

CVE-2025-40264: In the Linux kernel, the following vulnerability has been resolved:

be2net: pass wrb_params in case of OS2BMC

CVE-2025-40259: In the Linux kernel, the following vulnerability has been resolved:

scsi: sg: Do not sleep in atomic context

CVE-2025-40258: In the Linux kernel, the following vulnerability has been resolved:

mptcp: fix race condition in mptcp_schedule_work()

CVE-2025-40257: In the Linux kernel, the following vulnerability has been resolved:

mptcp: fix a race in mptcp_pm_del_add_timer()

CVE-2025-40254: In the Linux kernel, the following vulnerability has been resolved:

net: openvswitch: remove never-working support for setting nsh fields

CVE-2025-40248: In the Linux kernel, the following vulnerability has been resolved:

vsock: Ignore signal/timeout on connect() if already established

CVE-2025-40214: In the Linux kernel, the following vulnerability has been resolved:

af_unix: Initialise scc_index in unix_add_edge().

CVE-2025-40211: In the Linux kernel, the following vulnerability has been resolved:

ACPI: video: Fix use-after-free in acpi_video_switch_brightness()

CVE-2025-40083: In the Linux kernel, the following vulnerability has been resolved:

net/sched: sch_qfq: Fix null-deref in agg_dequeue

CVE-2025-38678: In the Linux kernel, the following vulnerability has been resolved:

netfilter: nf_tables: reject duplicate device on updates

CVE-2025-38556: In the Linux kernel, the following vulnerability has been resolved:

HID: core: Harden s32ton() against conversion to 0 bits

CVE-2025-38073: In the Linux kernel, the following vulnerability has been resolved:

block: fix race between set_blocksize and read paths

CVE-2023-53292: In the Linux kernel, the following vulnerability has been resolved:

blk-mq: fix NULL dereference on q->elevator in blk_mq_elv_switch_none