Amazon Linux 2023 : bpftool6.12, kernel6.12, kernel6.12-devel (ALAS2023-2026-1430)

medium Nessus Plugin ID 299530

Language:

Synopsis

The remote Amazon Linux 2023 host is missing a security update.

Description

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1430 advisory.

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nf_tables: reject duplicate device on updates (CVE-2025-38678)

In the Linux kernel, the following vulnerability has been resolved:

tcp_metrics: use dst_dev_net_rcu() (CVE-2025-40075)

In the Linux kernel, the following vulnerability has been resolved:

nfsd: fix refcount leak in nfsd_set_fh_dentry() (CVE-2025-40212)

In the Linux kernel, the following vulnerability has been resolved:

af_unix: Initialise scc_index in unix_add_edge(). (CVE-2025-40214)

In the Linux kernel, the following vulnerability has been resolved:

xfrm: delete x->tunnel as we delete x (CVE-2025-40215)

In the Linux kernel, the following vulnerability has been resolved:

vsock: Ignore signal/timeout on connect() if already established (CVE-2025-40248)

In the Linux kernel, the following vulnerability has been resolved:

net/mlx5: Clean up only new IRQ glue on request_irq() failure (CVE-2025-40250)

In the Linux kernel, the following vulnerability has been resolved:

devlink: rate: Unset parent pointer in devl_rate_nodes_destroy (CVE-2025-40251)

In the Linux kernel, the following vulnerability has been resolved:

net: openvswitch: remove never-working support for setting nsh fields (CVE-2025-40254)

In the Linux kernel, the following vulnerability has been resolved:

mptcp: fix a race in mptcp_pm_del_add_timer() (CVE-2025-40257)

In the Linux kernel, the following vulnerability has been resolved:

mptcp: fix race condition in mptcp_schedule_work() (CVE-2025-40258)

In the Linux kernel, the following vulnerability has been resolved:

scsi: sg: Do not sleep in atomic context (CVE-2025-40259)

In the Linux kernel, the following vulnerability has been resolved:

KVM: arm64: Check the untrusted offset in FF-A memory share (CVE-2025-40266)

In the Linux kernel, the following vulnerability has been resolved:

cifs: client: fix memory leak in smb3_fs_context_parse_param (CVE-2025-40268)

In the Linux kernel, the following vulnerability has been resolved:

fs/proc: fix uaf in proc_readdir_de() (CVE-2025-40271)

In the Linux kernel, the following vulnerability has been resolved:

mm/secretmem: fix use-after-free race in fault handler (CVE-2025-40272)

In the Linux kernel, the following vulnerability has been resolved:

NFSD: free copynotify stateid in nfs4_free_ol_stateid() (CVE-2025-40273)

In the Linux kernel, the following vulnerability has been resolved:

KVM: guest_memfd: Remove bindings on memslot deletion when gmem is dying (CVE-2025-40274)

In the Linux kernel, the following vulnerability has been resolved:

drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE (CVE-2025-40277)

In the Linux kernel, the following vulnerability has been resolved:

net: sched: act_connmark: initialize struct tc_ife to fix kernel leak (CVE-2025-40279)

In the Linux kernel, the following vulnerability has been resolved:

sctp: prevent possible shift-out-of-bounds in sctp_transport_update_rto (CVE-2025-40281)

In the Linux kernel, the following vulnerability has been resolved:

exfat: fix improper check of dentry.stream.valid_size (CVE-2025-40287)

In the Linux kernel, the following vulnerability has been resolved:

crash: fix crashkernel resource shrink (CVE-2025-68198)

In the Linux kernel, the following vulnerability has been resolved:

codetag: debug: handle existing CODETAG_EMPTY in mark_objexts_empty for slabobj_ext (CVE-2025-68199)

In the Linux kernel, the following vulnerability has been resolved:

bpf: Add bpf_prog_run_data_pointers() (CVE-2025-68200)

In the Linux kernel, the following vulnerability has been resolved:

sched_ext: Fix unsafe locking in the scx_dump_state() (CVE-2025-68202)

In the Linux kernel, the following vulnerability has been resolved:

bpf: account for current allocated stack depth in widen_imprecise_scalars() (CVE-2025-68208)

In the Linux kernel, the following vulnerability has been resolved:

erofs: avoid infinite loop due to incomplete zstd-compressed data (CVE-2025-68210)

In the Linux kernel, the following vulnerability has been resolved:

timers: Fix NULL function pointer race in timer_shutdown_sync() (CVE-2025-68214)

In the Linux kernel, the following vulnerability has been resolved:

cifs: fix memory leak in smb3_fs_context_parse_param error path (CVE-2025-68219)

In the Linux kernel, the following vulnerability has been resolved:

smb: client: fix incomplete backport in cfids_invalidation_worker() (CVE-2025-68226)

In the Linux kernel, the following vulnerability has been resolved:

mptcp: Fix proto fallback detection with BPF (CVE-2025-68227)

In the Linux kernel, the following vulnerability has been resolved:

scsi: target: tcm_loop: Fix segfault in tcm_loop_tpg_address_show() (CVE-2025-68229)

In the Linux kernel, the following vulnerability has been resolved:

mm/mempool: fix poisoning order>0 pages with HIGHMEM (CVE-2025-68231)

In the Linux kernel, the following vulnerability has been resolved:

mtdchar: fix integer overflow in read/write ioctls (CVE-2025-68237)

In the Linux kernel, the following vulnerability has been resolved:

ipv4: route: Prevent rt_bind_exception() from rebinding stale fnhe (CVE-2025-68241)

In the Linux kernel, the following vulnerability has been resolved:

NFS: Fix LTP test failures when timestamps are delegated (CVE-2025-68242)

In the Linux kernel, the following vulnerability has been resolved:

drm/i915: Avoid lock inversion when pinning to GGTT on CHV/BXT+VTD (CVE-2025-68244)

In the Linux kernel, the following vulnerability has been resolved:

KVM: SVM: Don't skip unrelated instruction if INT3/INTO is replaced (CVE-2025-68259)

In the Linux kernel, the following vulnerability has been resolved:

ext4: add i_data_sem protection in ext4_destroy_inline_data_nolock() (CVE-2025-68261)

In the Linux kernel, the following vulnerability has been resolved:

ext4: refresh inline data size before write operations (CVE-2025-68264)

In the Linux kernel, the following vulnerability has been resolved:

nvme: fix admin request_queue lifetime (CVE-2025-68265)

In the Linux kernel, the following vulnerability has been resolved:

libceph: replace BUG_ON with bounds check for map->max_osd (CVE-2025-68283)

In the Linux kernel, the following vulnerability has been resolved:

libceph: prevent potential out-of-bounds writes in handle_auth_session_key() (CVE-2025-68284)

In the Linux kernel, the following vulnerability has been resolved:

libceph: fix potential use-after-free in have_mon_and_osd_map() (CVE-2025-68285)

In the Linux kernel, the following vulnerability has been resolved:

usb: storage: Fix memory leak in USB bulk transport (CVE-2025-68288)

In the Linux kernel, the following vulnerability has been resolved:

mm/memfd: fix information leak in hugetlb folios (CVE-2025-68292)

In the Linux kernel, the following vulnerability has been resolved:

mm/huge_memory: fix NULL pointer deference when splitting folio (CVE-2025-68293)

In the Linux kernel, the following vulnerability has been resolved:

smb: client: fix memory leak in cifs_construct_tcon() (CVE-2025-68295)

In the Linux kernel, the following vulnerability has been resolved:

drm, fbcon, vga_switcheroo: Avoid race condition in fbcon setup (CVE-2025-68296)

In the Linux kernel, the following vulnerability has been resolved:

ceph: fix crash in process_v2_sparse_read() for encrypted directories (CVE-2025-68297)

In the Linux kernel, the following vulnerability has been resolved:

net/sched: sch_cake: Fix incorrect qlen reduction in cake_drop (CVE-2025-68325)

In the Linux kernel, the following vulnerability has been resolved:

tracing: Fix WARN_ON in tracing_buffers_mmap_close for split VMAs (CVE-2025-68329)

In the Linux kernel, the following vulnerability has been resolved:

usb: uas: fix urb unmapping issue when the uas device is remove during ongoing data transfer (CVE-2025-68331)

In the Linux kernel, the following vulnerability has been resolved:

jbd2: avoid bug_on in jbd2_journal_get_create_access() when file system corrupted (CVE-2025-68337)

In the Linux kernel, the following vulnerability has been resolved:

team: Move team device type change at the end of team_port_add (CVE-2025-68340)

In the Linux kernel, the following vulnerability has been resolved:

veth: reduce XDP no_direct return section to fix race (CVE-2025-68341)

In the Linux kernel, the following vulnerability has been resolved:

block: fix memory leak in __blkdev_issue_zero_pages (CVE-2025-68348)

In the Linux kernel, the following vulnerability has been resolved:

NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid (CVE-2025-68349)

In the Linux kernel, the following vulnerability has been resolved:

erofs: limit the level of fs stacking for file-backed mounts (CVE-2025-68361)

In the Linux kernel, the following vulnerability has been resolved:

bpf: Check skb->transport_header is set in bpf_skb_check_mtu (CVE-2025-68363)

In the Linux kernel, the following vulnerability has been resolved:

nbd: defer config unlock in nbd_genl_connect (CVE-2025-68366)

In the Linux kernel, the following vulnerability has been resolved:

ntfs3: init run lock for extend inode (CVE-2025-68369)

In the Linux kernel, the following vulnerability has been resolved:

scsi: smartpqi: Fix device resources accessed after device removal (CVE-2025-68371)

In the Linux kernel, the following vulnerability has been resolved:

nbd: defer config put in recv_work (CVE-2025-68372)

In the Linux kernel, the following vulnerability has been resolved:

md: fix rcu protection in md_wakeup_thread (CVE-2025-68374)

In the Linux kernel, the following vulnerability has been resolved:

bpf: Fix stackmap overflow check in __bpf_get_stackid() (CVE-2025-68378)

In the Linux kernel, the following vulnerability has been resolved:

crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id (CVE-2025-68724)

In the Linux kernel, the following vulnerability has been resolved:

ntfs3: Fix uninit buffer allocated by __getname() (CVE-2025-68727)

In the Linux kernel, the following vulnerability has been resolved:

ntfs3: fix uninit memory after failed mi_read in mi_format_new (CVE-2025-68728)

In the Linux kernel, the following vulnerability has been resolved:

ima: Handle error code returned by ima_filter_rule_match() (CVE-2025-68740)

In the Linux kernel, the following vulnerability has been resolved:

bpf: Fix invalid prog->stats access when update_effective_progs fails (CVE-2025-68742)

In the Linux kernel, the following vulnerability has been resolved:

bpf: Free special fields when update [lru_,]percpu_hash maps (CVE-2025-68744)

In the Linux kernel, the following vulnerability has been resolved:

spi: tegra210-quad: Fix timeout handling (CVE-2025-68746)

In the Linux kernel, the following vulnerability has been resolved:

block: Use RCU in blk_mq_[un]quiesce_tagset() instead of set->tag_list_lock (CVE-2025-68756)

In the Linux kernel, the following vulnerability has been resolved:

NFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags (CVE-2025-68764)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Run 'dnf update kernel6.12 --releasever 2023.10.20260216' or or 'dnf update --advisory ALAS2023-2026-1430 --releasever 2023.10.20260216' to update your system.

Plugin Details

Severity: Medium

ID: 299530

File Name: al2023_ALAS2023-2026-1430.nasl

Version: 1.1

Type: local

Agent: unix

Family: Amazon Linux Local Security Checks

Published: 2/19/2026

Updated: 2/19/2026

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Medium

Base Score: 4.6

Temporal Score: 3.6

Vector: CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:C

CVSS Score Source: CVE-2025-38678

CVSS v3

Risk Factor: Medium

Base Score: 5.5

Temporal Score: 5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:amazon:linux:python3-perf6.12, p-cpe:/a:amazon:linux:kernel6.12-libbpf, p-cpe:/a:amazon:linux:kernel6.12, p-cpe:/a:amazon:linux:kernel6.12-libbpf-static, p-cpe:/a:amazon:linux:kernel6.12-tools-devel, p-cpe:/a:amazon:linux:kernel6.12-libbpf-debuginfo, p-cpe:/a:amazon:linux:kernel6.12-headers, p-cpe:/a:amazon:linux:kernel6.12-modules-extra, p-cpe:/a:amazon:linux:kernel6.12-debuginfo, p-cpe:/a:amazon:linux:kernel-livepatch-6.12.63-84.121, p-cpe:/a:amazon:linux:bpftool6.12-debuginfo, p-cpe:/a:amazon:linux:bpftool6.12, p-cpe:/a:amazon:linux:kernel6.12-debuginfo-common-x86_64, p-cpe:/a:amazon:linux:perf6.12, p-cpe:/a:amazon:linux:perf6.12-debuginfo, p-cpe:/a:amazon:linux:kernel6.12-debuginfo-common-aarch64, p-cpe:/a:amazon:linux:kernel6.12-modules-extra-common, cpe:/o:amazon:linux:2023, p-cpe:/a:amazon:linux:kernel6.12-devel, p-cpe:/a:amazon:linux:kernel6.12-tools-debuginfo, p-cpe:/a:amazon:linux:python3-perf6.12-debuginfo, p-cpe:/a:amazon:linux:kernel6.12-libbpf-devel, p-cpe:/a:amazon:linux:kernel6.12-tools

Required KB Items: Host/local_checks_enabled, Host/AmazonLinux/release, Host/AmazonLinux/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2/18/2026

Vulnerability Publication Date: 9/3/2025

Reference Information

CVE: CVE-2025-38678, CVE-2025-40075, CVE-2025-40212, CVE-2025-40214, CVE-2025-40215, CVE-2025-40248, CVE-2025-40250, CVE-2025-40251, CVE-2025-40254, CVE-2025-40257, CVE-2025-40258, CVE-2025-40259, CVE-2025-40266, CVE-2025-40268, CVE-2025-40271, CVE-2025-40272, CVE-2025-40273, CVE-2025-40274, CVE-2025-40277, CVE-2025-40279, CVE-2025-40281, CVE-2025-40287, CVE-2025-68198, CVE-2025-68199, CVE-2025-68200, CVE-2025-68202, CVE-2025-68208, CVE-2025-68210, CVE-2025-68214, CVE-2025-68219, CVE-2025-68226, CVE-2025-68227, CVE-2025-68229, CVE-2025-68231, CVE-2025-68237, CVE-2025-68241, CVE-2025-68242, CVE-2025-68244, CVE-2025-68259, CVE-2025-68261, CVE-2025-68264, CVE-2025-68265, CVE-2025-68283, CVE-2025-68284, CVE-2025-68285, CVE-2025-68288, CVE-2025-68292, CVE-2025-68293, CVE-2025-68295, CVE-2025-68296, CVE-2025-68297, CVE-2025-68325, CVE-2025-68329, CVE-2025-68331, CVE-2025-68337, CVE-2025-68340, CVE-2025-68341, CVE-2025-68348, CVE-2025-68349, CVE-2025-68361, CVE-2025-68363, CVE-2025-68366, CVE-2025-68369, CVE-2025-68371, CVE-2025-68372, CVE-2025-68374, CVE-2025-68378, CVE-2025-68724, CVE-2025-68727, CVE-2025-68728, CVE-2025-68740, CVE-2025-68742, CVE-2025-68744, CVE-2025-68746, CVE-2025-68756, CVE-2025-68764

Detections

Analytics

Amazon Linux 2023 : bpftool6.12, kernel6.12, kernel6.12-devel (ALAS2023-2026-1430)

medium Nessus Plugin ID 299530

Synopsis

Description

Solution

See Also

Plugin Details

Risk Information

VPR

CVSS v2

CVSS v3

Vulnerability Information

Reference Information