Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.10-2025-104 (ALASKERNEL-5.10-2025-104)

medium Nessus Plugin ID 265084

Language:

Synopsis

The remote Amazon Linux 2 host is missing a security update.

Description

The version of kernel installed on the remote host is prior to 5.10.242-239.961. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2025-104 advisory.

In the Linux kernel, the following vulnerability has been resolved:

btrfs: fix deadlock when cloning inline extents and using qgroups (CVE-2021-46987)

In the Linux kernel, the following vulnerability has been resolved:

uio_hv_generic: Fix another memory leak in error handling paths (CVE-2021-47070)

In the Linux kernel, the following vulnerability has been resolved:

RDMA/rxe: Return CQE error if invalid lkey was supplied (CVE-2021-47076)

In the Linux kernel, the following vulnerability has been resolved:

scsi: lpfc: Fix link down processing to address NULL pointer dereference (CVE-2021-47183)

In the Linux kernel, the following vulnerability has been resolved:

block: don't call rq_qos_ops->done_bio if the bio isn't tracked (CVE-2021-47412)

In the Linux kernel, the following vulnerability has been resolved:

ptp: Fix possible memory leak in ptp_clock_register() (CVE-2021-47455)

In the Linux kernel, the following vulnerability has been resolved:

dm rq: don't queue request to blk-mq during DM suspend (CVE-2021-47498)

In the Linux kernel, the following vulnerability has been resolved:

ACPI: processor: idle: Check acpi_fetch_acpi_dev() return value (CVE-2022-50327)

In the Linux kernel, the following vulnerability has been resolved:

smb: client: fix UAF in decryption with multichannel (CVE-2025-37750)

In the Linux kernel, the following vulnerability has been resolved:

virtio-net: ensure the received length does not exceed allocated size (CVE-2025-38375)

In the Linux kernel, the following vulnerability has been resolved:

usb: net: sierra: check for no status endpoint (CVE-2025-38474)

In the Linux kernel, the following vulnerability has been resolved:

net/sched: sch_qfq: Fix race condition on qfq_aggregate (CVE-2025-38477)

In the Linux kernel, the following vulnerability has been resolved:

smb: client: fix use-after-free in crypt_message when using async crypto (CVE-2025-38488)

In the Linux kernel, the following vulnerability has been resolved:

HID: core: do not bypass hid_hw_raw_request (CVE-2025-38494)

In the Linux kernel, the following vulnerability has been resolved:

HID: core: ensure the allocated report buffer can contain the reserved report ID (CVE-2025-38495)

In the Linux kernel, the following vulnerability has been resolved:

clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (CVE-2025-38499)

In the Linux kernel, the following vulnerability has been resolved:

net/sched: Restrict conditions for adding duplicating netems to qdisc tree (CVE-2025-38553)

In the Linux kernel, the following vulnerability has been resolved:

ipv6: reject malicious packets in ipv6_gso_segment() (CVE-2025-38572)

In the Linux kernel, the following vulnerability has been resolved:

net/packet: fix a race in packet_set_ring() and packet_notifier() (CVE-2025-38617)

In the Linux kernel, the following vulnerability has been resolved:

vsock: Do not allow binding to VMADDR_PORT_ANY (CVE-2025-38618)

In the Linux kernel, the following vulnerability has been resolved:

net: drop UFO packets in udp_rcv_segment() (CVE-2025-38622)

In the Linux kernel, the following vulnerability has been resolved:

hfsplus: remove mutex_lock check in hfsplus_free_extents (CVE-2025-38650)

In the Linux kernel, the following vulnerability has been resolved:

regulator: core: fix NULL dereference on unbind due to stale coupling data (CVE-2025-38668)

In the Linux kernel, the following vulnerability has been resolved:

hv_netvsc: Fix panic during namespace deletion with VF (CVE-2025-38683)

In the Linux kernel, the following vulnerability has been resolved:

net/sched: ets: use old 'nbands' while purging unused classes (CVE-2025-38684)

In the Linux kernel, the following vulnerability has been resolved:

scsi: lpfc: Check for hdwq null ptr when cleaning up lpfc_vport structure (CVE-2025-38695)

In the Linux kernel, the following vulnerability has been resolved:

scsi: libiscsi: Initialize iscsi_conn->dd_data only if memory is allocated (CVE-2025-38700)

In the Linux kernel, the following vulnerability has been resolved:

ext4: do not BUG when INLINE_DATA_FL lacks system.data xattr (CVE-2025-38701)

In the Linux kernel, the following vulnerability has been resolved:

hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() (CVE-2025-38713)

In the Linux kernel, the following vulnerability has been resolved:

hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read() (CVE-2025-38714)

In the Linux kernel, the following vulnerability has been resolved:

sctp: linearize cloned gso packets in sctp_rcv (CVE-2025-38718)

In the Linux kernel, the following vulnerability has been resolved:

nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm() (CVE-2025-38724)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nf_reject: don't leak dst refcount for loopback packets (CVE-2025-38732)

In the Linux kernel, the following vulnerability has been resolved:

tracing: Limit access to parser->buffer when trace_get_user failed (CVE-2025-39683)

In the Linux kernel, the following vulnerability has been resolved:

ftrace: Also allocate and copy hash for reading of filter files (CVE-2025-39689)

In the Linux kernel, the following vulnerability has been resolved:

fs/buffer: fix use-after-free when call bh_read() helper (CVE-2025-39691)

In the Linux kernel, the following vulnerability has been resolved:

NFS: Fix a race when updating an existing write (CVE-2025-39697)

In the Linux kernel, the following vulnerability has been resolved:

NFS: Fix filehandle bounds checking in nfs_fh_to_dentry() (CVE-2025-39730)

In the Linux kernel, the following vulnerability has been resolved:

net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit (CVE-2025-39766)

In the Linux kernel, the following vulnerability has been resolved:

efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare (CVE-2025-39817)

In the Linux kernel, the following vulnerability has been resolved:

KVM: x86: use array_index_nospec with indices that come from guest (CVE-2025-39823)

In the Linux kernel, the following vulnerability has been resolved:

HID: asus: fix UAF via HID_CLAIMED_INPUT validation (CVE-2025-39824)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Run 'yum update kernel' or or 'yum update --advisory ALAS2KERNEL-5.10-2025-104' to update your system.

Plugin Details

Severity: Medium

ID: 265084

File Name: al2_ALASKERNEL-5_10-2025-104.nasl

Version: 1.2

Type: local

Agent: unix

Family: Amazon Linux Local Security Checks

Published: 9/16/2025

Updated: 9/26/2025

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.7

CVSS v2

Risk Factor: Medium

Base Score: 4.6

Temporal Score: 3.4

Vector: CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:C

CVSS Score Source: CVE-2021-47455

CVSS v3

Risk Factor: Medium

Base Score: 5.5

Temporal Score: 4.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:amazon:linux:python-perf, cpe:/o:amazon:linux:2, p-cpe:/a:amazon:linux:perf, p-cpe:/a:amazon:linux:kernel-devel, p-cpe:/a:amazon:linux:bpftool-debuginfo, p-cpe:/a:amazon:linux:kernel-tools-debuginfo, p-cpe:/a:amazon:linux:kernel-headers, p-cpe:/a:amazon:linux:kernel-tools-devel, p-cpe:/a:amazon:linux:bpftool, p-cpe:/a:amazon:linux:python-perf-debuginfo, p-cpe:/a:amazon:linux:kernel-tools, p-cpe:/a:amazon:linux:kernel-debuginfo-common-aarch64, p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64, p-cpe:/a:amazon:linux:kernel-debuginfo, p-cpe:/a:amazon:linux:perf-debuginfo, p-cpe:/a:amazon:linux:kernel, p-cpe:/a:amazon:linux:kernel-livepatch-5.10.242-239.961

Required KB Items: Host/local_checks_enabled, Host/AmazonLinux/release, Host/AmazonLinux/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 9/16/2025

Vulnerability Publication Date: 5/10/2022

Reference Information

CVE: CVE-2021-46987, CVE-2021-47070, CVE-2021-47076, CVE-2021-47183, CVE-2021-47412, CVE-2021-47455, CVE-2021-47498, CVE-2022-50327, CVE-2025-37750, CVE-2025-38375, CVE-2025-38474, CVE-2025-38477, CVE-2025-38488, CVE-2025-38494, CVE-2025-38495, CVE-2025-38499, CVE-2025-38553, CVE-2025-38572, CVE-2025-38617, CVE-2025-38618, CVE-2025-38622, CVE-2025-38650, CVE-2025-38668, CVE-2025-38683, CVE-2025-38684, CVE-2025-38695, CVE-2025-38700, CVE-2025-38701, CVE-2025-38713, CVE-2025-38714, CVE-2025-38718, CVE-2025-38724, CVE-2025-38732, CVE-2025-39683, CVE-2025-39689, CVE-2025-39691, CVE-2025-39697, CVE-2025-39730, CVE-2025-39766, CVE-2025-39817, CVE-2025-39823, CVE-2025-39824

Detections

Analytics