ALAS2023-2026-1711

Package updates are available for Amazon Linux 2023 that fix the following vulnerabilities: CVE-2026-43315: In the Linux kernel, the following vulnerability has been resolved:

KVM: nSVM: Remove a user-triggerable WARN on nested_svm_load_cr3() succeeding

CVE-2026-43314: In the Linux kernel, the following vulnerability has been resolved:

dm: remove fake timeout to avoid leak request

CVE-2026-43313: In the Linux kernel, the following vulnerability has been resolved:

ACPI: processor: Fix NULL-pointer dereference in acpi_processor_errata_piix4()

CVE-2026-43309: In the Linux kernel, the following vulnerability has been resolved:

md raid: fix hang when stopping arrays with metadata through dm-raid

CVE-2026-43306: In the Linux kernel, the following vulnerability has been resolved:

bpf: crypto: Use the correct destructor kfunc type

CVE-2026-43304: In the Linux kernel, the following vulnerability has been resolved:

libceph: define and enforce CEPH_MAX_KEY_LEN

CVE-2026-43303: In the Linux kernel, the following vulnerability has been resolved:

mm/page_alloc: clear page->private in free_pages_prepare()

CVE-2026-43292: In the Linux kernel, the following vulnerability has been resolved:

mm/vmalloc: prevent RCU stalls in kasan_release_vmalloc_node

CVE-2026-43289: In the Linux kernel, the following vulnerability has been resolved:

kexec: derive purgatory entry from symbol

CVE-2026-43288: In the Linux kernel, the following vulnerability has been resolved:

ext4: move ext4_percpu_param_init() before ext4_mb_init()

CVE-2026-43287: In the Linux kernel, the following vulnerability has been resolved:

drm: Account property blob allocations to memcg

CVE-2026-43286: In the Linux kernel, the following vulnerability has been resolved:

mm/hugetlb: restore failed global reservations to subpool

CVE-2026-43285: In the Linux kernel, the following vulnerability has been resolved:

mm/slab: do not access current->mems_allowed_seq if !allow_spin

CVE-2026-43281:...