Detections
Analytics

Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2025-864)

high Nessus Plugin ID 232713

Language:

Synopsis

The remote Amazon Linux 2023 host is missing a security update.

Description

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-864 advisory.

 In the Linux kernel, the following vulnerability has been resolved:

 xfs: fix log recovery buffer allocation for the legacy h_size fixup (CVE-2024-39472)

 In the Linux kernel, the following vulnerability has been resolved:

 netfilter: nf_tables: prefer nft_chain_validate (CVE-2024-41042)

 In the Linux kernel, the following vulnerability has been resolved:

 scsi: mpi3mr: Sanitise num_phys (CVE-2024-42159)

 In the Linux kernel, the following vulnerability has been resolved:

 mm: huge_memory: use !CONFIG_64BIT to relax huge page alignment on 32 bit machines (CVE-2024-42258)

 In the Linux kernel, the following vulnerability has been resolved:

 drm/i915/gem: Fix Virtual Memory mapping boundaries calculation (CVE-2024-42259)

 In the Linux kernel, the following vulnerability has been resolved:

 net/mlx5: Fix missing lock on sync reset reload (CVE-2024-42268)

 In the Linux kernel, the following vulnerability has been resolved:

 netfilter: iptables: Fix potential null-ptr-deref in ip6table_nat_table_init(). (CVE-2024-42269)

 In the Linux kernel, the following vulnerability has been resolved:

 netfilter: iptables: Fix null-ptr-deref in iptable_nat_table_init(). (CVE-2024-42270)

 In the Linux kernel, the following vulnerability has been resolved:

 nvme-pci: add missing condition check for existence of mapped data (CVE-2024-42276)

 In the Linux kernel, the following vulnerability has been resolved:

 bpf: Fix a segment issue when downgrading gso_size (CVE-2024-42281)

 In the Linux kernel, the following vulnerability has been resolved:

 net: nexthop: Initialize all fields in dumped nexthops (CVE-2024-42283)

 In the Linux kernel, the following vulnerability has been resolved:

 RDMA/iwcm: Fix a use-after-free related to destroying CM IDs (CVE-2024-42285)

 In the Linux kernel, the following vulnerability has been resolved:

 kobject_uevent: Fix OOB access within zap_modalias_env() (CVE-2024-42292)

 In the Linux kernel, the following vulnerability has been resolved:

 fs/ntfs3: Update log->page_{mask,bits} if log->page_size changed (CVE-2024-42299)

 In the Linux kernel, the following vulnerability has been resolved:

 PCI/DPC: Fix use-after-free on concurrent DPC and hot-removal (CVE-2024-42302)

 In the Linux kernel, the following vulnerability has been resolved:

 ext4: make sure the first directory block is not a hole (CVE-2024-42304)

 In the Linux kernel, the following vulnerability has been resolved:

 ext4: check dot and dotdot of dx_root before making dir indexed (CVE-2024-42305)

 In the Linux kernel, the following vulnerability has been resolved:

 udf: Avoid using corrupted block bitmap buffer (CVE-2024-42306)

 In the Linux kernel, the following vulnerability has been resolved:

 cifs: fix potential null pointer use in destroy_workqueue in init_cifs error path (CVE-2024-42307)

 In the Linux kernel, the following vulnerability has been resolved:

 sysctl: always initialize i_uid/i_gid (CVE-2024-42312)

 In the Linux kernel, the following vulnerability has been resolved:

 mm/mglru: fix div-by-zero in vmpressure_calc_level() (CVE-2024-42316)

 In the Linux kernel, the following vulnerability has been resolved:

 net: flow_dissector: use DEBUG_NET_WARN_ON_ONCE (CVE-2024-42321)

 In the Linux kernel, the following vulnerability has been resolved:

 net: missing check virtio (CVE-2024-43817)

 In the Linux kernel, the following vulnerability has been resolved:

 PCI: keystone: Fix NULL pointer dereference in case of DT error in ks_pcie_setup_rc_app_regs() (CVE-2024-43823)

 In the Linux kernel, the following vulnerability has been resolved:

 ext4: fix infinite loop when replaying fast_commit (CVE-2024-43828)

 In the Linux kernel, the following vulnerability has been resolved:

 leds: trigger: Unregister sysfs attributes before calling deactivate() (CVE-2024-43830)

 In the Linux kernel, the following vulnerability has been resolved:

 xdp: fix invalid wait context of page_pool_destroy() (CVE-2024-43834)

 In the Linux kernel, the following vulnerability has been resolved:

 bpf: Fix null pointer dereference in resolve_prog_type() for BPF_PROG_TYPE_EXT (CVE-2024-43837)

 In the Linux kernel, the following vulnerability has been resolved:

 cgroup/cpuset: Prevent UAF in proc_cpuset_show() (CVE-2024-43853)

 In the Linux kernel, the following vulnerability has been resolved:

 block: initialize integrity buffer to zero before writing it to media (CVE-2024-43854)

 In the Linux kernel, the following vulnerability has been resolved:

 md: fix deadlock between mddev_suspend and flush bio (CVE-2024-43855)

 In the Linux kernel, the following vulnerability has been resolved:

 dma: fix call order in dmam_free_coherent (CVE-2024-43856)

 In the Linux kernel, the following vulnerability has been resolved:

 perf: Fix event leak upon exec and file release (CVE-2024-43869)

 In the Linux kernel, the following vulnerability has been resolved:

 perf: Fix event leak upon exit (CVE-2024-43870)

 In the Linux kernel, the following vulnerability has been resolved:

 devres: Fix memory leakage caused by driver API devm_free_percpu() (CVE-2024-43871)

 In the Linux kernel, the following vulnerability has been resolved:

 vhost/vsock: always initialize seqpacket_allow (CVE-2024-43873)

 In the Linux kernel, the following vulnerability has been resolved:

 exec: Fix ToCToU between perm check and set-uid/gid usage (CVE-2024-43882)

 In the Linux kernel, the following vulnerability has been resolved:

 usb: vhci-hcd: Do not drop references before new references are gained (CVE-2024-43883)

 In the Linux kernel, the following vulnerability has been resolved:

 padata: Fix possible divide-by-0 panic in padata_mt_helper() (CVE-2024-43889)

 In the Linux kernel, the following vulnerability has been resolved:

 serial: core: check uartclk for zero to avoid divide by zero (CVE-2024-43893)

 In the Linux kernel, the following vulnerability has been resolved:

 drm/client: fix null pointer dereference in drm_client_modeset_probe (CVE-2024-43894)

 In the Linux kernel, the following vulnerability has been resolved:

 md/raid5: avoid BUG_ON() while continue reshape after reassembling (CVE-2024-43914)

 In the Linux kernel, the following vulnerability has been resolved:

 net: bridge: mcast: wait for previous gc cycles when removing port (CVE-2024-44934)

 In the Linux kernel, the following vulnerability has been resolved:

 sctp: Fix null-ptr-deref in reuseport_add_sock(). (CVE-2024-44935)

 In the Linux kernel, the following vulnerability has been resolved:

 netfilter: ctnetlink: use helper function to calculate expect ID (CVE-2024-44944)

 In the Linux kernel, the following vulnerability has been resolved:

 x86/mtrr: Check if fixed MTRRs exist before saving them (CVE-2024-44948)

 In the Linux kernel, the following vulnerability has been resolved:

 sched/smt: Fix unbalance sched_smt_present dec/inc (CVE-2024-44958)

 In the Linux kernel, the following vulnerability has been resolved:

 x86/mm: Fix pti_clone_pgtable() alignment assumption (CVE-2024-44965)

 In the Linux kernel, the following vulnerability has been resolved:

 net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink (CVE-2024-44970)

 In the Linux kernel, the following vulnerability has been resolved:

 netfilter: nf_set_pipapo: fix initial map fill (CVE-2024-57947)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Run 'dnf update kernel --releasever 2023.6.20250303' or or 'dnf update --advisory ALAS2023-2025-864 --releasever 2023.6.20250303' to update your system.

See Also

https://alas.aws.amazon.com//AL2023/ALAS2023-2025-864.html

https://alas.aws.amazon.com/faqs.html

https://explore.alas.aws.amazon.com/CVE-2024-39472.html

https://explore.alas.aws.amazon.com/CVE-2024-41042.html

https://explore.alas.aws.amazon.com/CVE-2024-42159.html

https://explore.alas.aws.amazon.com/CVE-2024-42258.html

https://explore.alas.aws.amazon.com/CVE-2024-42259.html

https://explore.alas.aws.amazon.com/CVE-2024-42268.html

https://explore.alas.aws.amazon.com/CVE-2024-42269.html

https://explore.alas.aws.amazon.com/CVE-2024-42270.html

https://explore.alas.aws.amazon.com/CVE-2024-42276.html

https://explore.alas.aws.amazon.com/CVE-2024-42281.html

https://explore.alas.aws.amazon.com/CVE-2024-42283.html

https://explore.alas.aws.amazon.com/CVE-2024-42285.html

https://explore.alas.aws.amazon.com/CVE-2024-42292.html

https://explore.alas.aws.amazon.com/CVE-2024-42299.html

https://explore.alas.aws.amazon.com/CVE-2024-42302.html

https://explore.alas.aws.amazon.com/CVE-2024-42304.html

https://explore.alas.aws.amazon.com/CVE-2024-42305.html

https://explore.alas.aws.amazon.com/CVE-2024-42306.html

https://explore.alas.aws.amazon.com/CVE-2024-42307.html

https://explore.alas.aws.amazon.com/CVE-2024-42312.html

https://explore.alas.aws.amazon.com/CVE-2024-42316.html

https://explore.alas.aws.amazon.com/CVE-2024-42321.html

https://explore.alas.aws.amazon.com/CVE-2024-43817.html

https://explore.alas.aws.amazon.com/CVE-2024-43823.html

https://explore.alas.aws.amazon.com/CVE-2024-43828.html

https://explore.alas.aws.amazon.com/CVE-2024-43830.html

https://explore.alas.aws.amazon.com/CVE-2024-43834.html

https://explore.alas.aws.amazon.com/CVE-2024-43837.html

https://explore.alas.aws.amazon.com/CVE-2024-43853.html

https://explore.alas.aws.amazon.com/CVE-2024-43854.html

https://explore.alas.aws.amazon.com/CVE-2024-43855.html

https://explore.alas.aws.amazon.com/CVE-2024-43856.html

https://explore.alas.aws.amazon.com/CVE-2024-43869.html

https://explore.alas.aws.amazon.com/CVE-2024-43870.html

https://explore.alas.aws.amazon.com/CVE-2024-43871.html

https://explore.alas.aws.amazon.com/CVE-2024-43873.html

https://explore.alas.aws.amazon.com/CVE-2024-43882.html

https://explore.alas.aws.amazon.com/CVE-2024-43883.html

https://explore.alas.aws.amazon.com/CVE-2024-43889.html

https://explore.alas.aws.amazon.com/CVE-2024-43893.html

https://explore.alas.aws.amazon.com/CVE-2024-43894.html

https://explore.alas.aws.amazon.com/CVE-2024-43914.html

https://explore.alas.aws.amazon.com/CVE-2024-44934.html

https://explore.alas.aws.amazon.com/CVE-2024-44935.html

https://explore.alas.aws.amazon.com/CVE-2024-44944.html

https://explore.alas.aws.amazon.com/CVE-2024-44948.html

https://explore.alas.aws.amazon.com/CVE-2024-44958.html

https://explore.alas.aws.amazon.com/CVE-2024-44965.html

https://explore.alas.aws.amazon.com/CVE-2024-44970.html

https://explore.alas.aws.amazon.com/CVE-2024-57947.html

Plugin Details

Severity: High

ID: 232713

File Name: al2023_ALAS2023-2025-864.nasl

Version: 1.5

Type: local

Agent: unix

Published: 3/14/2025

Updated: 10/6/2025

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.3

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2024-44934

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 7

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:amazon:linux:kernel-modules-extra-common, p-cpe:/a:amazon:linux:perf-debuginfo, p-cpe:/a:amazon:linux:kernel-modules-extra, p-cpe:/a:amazon:linux:kernel-debuginfo-common-aarch64, p-cpe:/a:amazon:linux:kernel-tools, p-cpe:/a:amazon:linux:python3-perf, p-cpe:/a:amazon:linux:kernel-libbpf-static, p-cpe:/a:amazon:linux:kernel-livepatch-6.1.106-116.188, p-cpe:/a:amazon:linux:kernel-debuginfo, p-cpe:/a:amazon:linux:kernel-libbpf, p-cpe:/a:amazon:linux:bpftool-debuginfo, p-cpe:/a:amazon:linux:kernel-libbpf-devel, p-cpe:/a:amazon:linux:kernel-headers, p-cpe:/a:amazon:linux:kernel-tools-devel, cpe:/o:amazon:linux:2023, p-cpe:/a:amazon:linux:perf, p-cpe:/a:amazon:linux:bpftool, p-cpe:/a:amazon:linux:kernel-tools-debuginfo, p-cpe:/a:amazon:linux:kernel-devel, p-cpe:/a:amazon:linux:kernel, p-cpe:/a:amazon:linux:python3-perf-debuginfo, p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64

Required KB Items: Host/local_checks_enabled, Host/AmazonLinux/release, Host/AmazonLinux/rpm-list

Exploit Available: true

Exploit Ease: No known exploits are available

Patch Publication Date: 2/26/2025

Vulnerability Publication Date: 7/29/2024

Reference Information

CVE: CVE-2024-39472, CVE-2024-41042, CVE-2024-42159, CVE-2024-42258, CVE-2024-42259, CVE-2024-42268, CVE-2024-42269, CVE-2024-42270, CVE-2024-42276, CVE-2024-42281, CVE-2024-42283, CVE-2024-42285, CVE-2024-42292, CVE-2024-42299, CVE-2024-42302, CVE-2024-42304, CVE-2024-42305, CVE-2024-42306, CVE-2024-42307, CVE-2024-42312, CVE-2024-42316, CVE-2024-42321, CVE-2024-43817, CVE-2024-43823, CVE-2024-43828, CVE-2024-43830, CVE-2024-43834, CVE-2024-43837, CVE-2024-43853, CVE-2024-43854, CVE-2024-43855, CVE-2024-43856, CVE-2024-43869, CVE-2024-43870, CVE-2024-43871, CVE-2024-43873, CVE-2024-43882, CVE-2024-43883, CVE-2024-43889, CVE-2024-43893, CVE-2024-43894, CVE-2024-43914, CVE-2024-44934, CVE-2024-44935, CVE-2024-44944, CVE-2024-44948, CVE-2024-44958, CVE-2024-44965, CVE-2024-44970, CVE-2024-57947