Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2025-876)

high Nessus Plugin ID 232711

Language:

Synopsis

The remote Amazon Linux 2023 host is missing a security update.

Description

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-876 advisory.

In the Linux kernel, the following vulnerability has been resolved:

block, bfq: fix bfqq uaf in bfq_limit_depth() (CVE-2024-53166)

In the Linux kernel, the following vulnerability has been resolved:

usb: xhci: Fix NULL pointer dereference on certain command aborts (CVE-2024-57981)

In the Linux kernel, the following vulnerability has been resolved:

HID: core: Fix assumption that Resolution Multipliers must be in Logical Collections (CVE-2024-57986)

In the Linux kernel, the following vulnerability has been resolved:

HID: hid-thrustmaster: Fix warning in thrustmaster_probe by adding endpoint check (CVE-2024-57993)

In the Linux kernel, the following vulnerability has been resolved:

net_sched: sch_sfq: don't allow 1 packet limit (CVE-2024-57996)

In the Linux kernel, the following vulnerability has been resolved:

safesetid: check size of policy writes (CVE-2024-58016)

In the Linux kernel, the following vulnerability has been resolved:

HID: multitouch: Add NULL check in mt_input_configured (CVE-2024-58020)

In the Linux kernel, the following vulnerability has been resolved:

team: prevent adding a device which is already a team device lower (CVE-2024-58071)

In the Linux kernel, the following vulnerability has been resolved:

KVM: Explicitly verify target vCPU is online in kvm_get_vcpu() (CVE-2024-58083)

In the Linux kernel, the following vulnerability has been resolved:

netem: Update sch->q.qlen before qdisc_tree_reduce_backlog() (CVE-2025-21703)

In the Linux kernel, the following vulnerability has been resolved:

mptcp: handle fastopen disconnect correctly (CVE-2025-21705)

In the Linux kernel, the following vulnerability has been resolved:

mptcp: pm: only set fullmesh for subflow endp (CVE-2025-21706)

In the Linux kernel, the following vulnerability has been resolved:

mptcp: consolidate suboption status (CVE-2025-21707)

In the Linux kernel, the following vulnerability has been resolved:

vxlan: Fix uninit-value in vxlan_vnifilter_dump() (CVE-2025-21716)

In the Linux kernel, the following vulnerability has been resolved:

ipmr: do not call mr_mfc_uses_dev() for unres entries (CVE-2025-21719)

In the Linux kernel, the following vulnerability has been resolved:

iommufd/iova_bitmap: Fix shift-out-of-bounds in iova_bitmap_offset_to_index() (CVE-2025-21724)

In the Linux kernel, the following vulnerability has been resolved:

smb: client: fix oops due to unset link speed (CVE-2025-21725)

In the Linux kernel, the following vulnerability has been resolved:

bpf: Send signals asynchronously if !preemptible (CVE-2025-21728)

In the Linux kernel, the following vulnerability has been resolved:

ata: libata-sff: Ensure that we cannot write outside the allocated buffer (CVE-2025-21738)

In the Linux kernel, the following vulnerability has been resolved:

blk-cgroup: Fix class @block_class's subsystem refcount leakage (CVE-2025-21745)

In the Linux kernel, the following vulnerability has been resolved:

ipv4: use RCU protection in __ip_rt_update_pmtu() (CVE-2025-21766)

In the Linux kernel, the following vulnerability has been resolved:

clocksource: Use migrate_disable() to avoid calling get_random_u32() in atomic context (CVE-2025-21767)

In the Linux kernel, the following vulnerability has been resolved:

USB: hub: Ignore non-compliant devices with too many configs or interfaces (CVE-2025-21776)

In the Linux kernel, the following vulnerability has been resolved:

KVM: x86: Reject Hyper-V's SEND_IPI hypercalls if local APIC isn't in-kernel (CVE-2025-21779)

In the Linux kernel, the following vulnerability has been resolved:

arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array (CVE-2025-21785)

In the Linux kernel, the following vulnerability has been resolved:

team: better TEAM_OPTION_TYPE_STRING validation (CVE-2025-21787)

In the Linux kernel, the following vulnerability has been resolved:

vxlan: check vxlan_vnigroup_init() return value (CVE-2025-21790)

In the Linux kernel, the following vulnerability has been resolved:

NFSD: fix hang in nfsd4_shutdown_callback (CVE-2025-21795)

In the Linux kernel, the following vulnerability has been resolved:

net: let net.core.dev_weight always be non-zero (CVE-2025-21806)

In the Linux kernel, the following vulnerability has been resolved:

ptp: Ensure info->enable callback is always set (CVE-2025-21814)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nf_tables: reject mismatching sum of field_len with set key length (CVE-2025-21826)

In the Linux kernel, the following vulnerability has been resolved:

block: don't revert iter for -EIOCBQUEUED (CVE-2025-21832)

In the Linux kernel, the following vulnerability has been resolved:

io_uring: fix io_req_prep_async with provided buffers (CVE-2025-40364)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Run 'dnf update kernel --releasever 2023.6.20250303' to update your system.

Plugin Details

Severity: High

ID: 232711

File Name: al2023_ALAS2023-2025-876.nasl

Version: 1.4

Type: local

Agent: unix

Family: Amazon Linux Local Security Checks

Published: 3/14/2025

Updated: 6/9/2025

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2025-21785

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:amazon:linux:kernel-modules-extra-common, p-cpe:/a:amazon:linux:perf-debuginfo, p-cpe:/a:amazon:linux:kernel-modules-extra, p-cpe:/a:amazon:linux:kernel-debuginfo-common-aarch64, p-cpe:/a:amazon:linux:kernel-tools, p-cpe:/a:amazon:linux:python3-perf, p-cpe:/a:amazon:linux:kernel-libbpf-static, p-cpe:/a:amazon:linux:kernel-livepatch-6.1.129-138.220, p-cpe:/a:amazon:linux:kernel-debuginfo, p-cpe:/a:amazon:linux:kernel-libbpf, p-cpe:/a:amazon:linux:bpftool-debuginfo, p-cpe:/a:amazon:linux:kernel-libbpf-devel, p-cpe:/a:amazon:linux:kernel-headers, p-cpe:/a:amazon:linux:kernel-tools-devel, cpe:/o:amazon:linux:2023, p-cpe:/a:amazon:linux:perf, p-cpe:/a:amazon:linux:bpftool, p-cpe:/a:amazon:linux:kernel-tools-debuginfo, p-cpe:/a:amazon:linux:kernel-devel, p-cpe:/a:amazon:linux:kernel, p-cpe:/a:amazon:linux:python3-perf-debuginfo, p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64

Required KB Items: Host/local_checks_enabled, Host/AmazonLinux/release, Host/AmazonLinux/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 2/26/2025

Vulnerability Publication Date: 12/27/2024

Reference Information

CVE: CVE-2024-53166, CVE-2024-57981, CVE-2024-57986, CVE-2024-57993, CVE-2024-57996, CVE-2024-58016, CVE-2024-58020, CVE-2024-58071, CVE-2024-58083, CVE-2025-21703, CVE-2025-21705, CVE-2025-21706, CVE-2025-21707, CVE-2025-21716, CVE-2025-21719, CVE-2025-21724, CVE-2025-21725, CVE-2025-21728, CVE-2025-21738, CVE-2025-21745, CVE-2025-21766, CVE-2025-21767, CVE-2025-21776, CVE-2025-21779, CVE-2025-21785, CVE-2025-21787, CVE-2025-21790, CVE-2025-21795, CVE-2025-21806, CVE-2025-21814, CVE-2025-21826, CVE-2025-21832, CVE-2025-40364

Detections

Analytics