Detections
Analytics

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.15-2026-098 (ALASKERNEL-5.15-2026-098)

high Nessus Plugin ID 301269

Synopsis

The remote Amazon Linux 2 host is missing a security update.

Description

The version of kernel installed on the remote host is prior to 5.15.201-140.219. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2026-098 advisory.

 In the Linux kernel, the following vulnerability has been resolved:

 page_pool: Fix use-after-free in page_pool_recycle_in_ring (CVE-2025-38129)

 In the Linux kernel, the following vulnerability has been resolved:

 HID: core: Harden s32ton() against conversion to 0 bits (CVE-2025-38556)

 In the Linux kernel, the following vulnerability has been resolved:

 xfrm: delete x->tunnel as we delete x (CVE-2025-40215)

 In the Linux kernel, the following vulnerability has been resolved:

 ext4: add i_data_sem protection in ext4_destroy_inline_data_nolock() (CVE-2025-68261)

 In the Linux kernel, the following vulnerability has been resolved:

 ext4: refresh inline data size before write operations (CVE-2025-68264)

 In the Linux kernel, the following vulnerability has been resolved:

 net/sched: sch_cake: Fix incorrect qlen reduction in cake_drop (CVE-2025-68325)

 In the Linux kernel, the following vulnerability has been resolved:

 jbd2: avoid bug_on in jbd2_journal_get_create_access() when file system corrupted (CVE-2025-68337)

 In the Linux kernel, the following vulnerability has been resolved:

 NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid (CVE-2025-68349)

 In the Linux kernel, the following vulnerability has been resolved:

 nbd: defer config unlock in nbd_genl_connect (CVE-2025-68366)

 In the Linux kernel, the following vulnerability has been resolved:

 nbd: defer config put in recv_work (CVE-2025-68372)

 In the Linux kernel, the following vulnerability has been resolved:

 crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id (CVE-2025-68724)

 In the Linux kernel, the following vulnerability has been resolved:

 ntfs3: Fix uninit buffer allocated by __getname() (CVE-2025-68727)

 In the Linux kernel, the following vulnerability has been resolved:

 ntfs3: fix uninit memory after failed mi_read in mi_format_new (CVE-2025-68728)

 In the Linux kernel, the following vulnerability has been resolved:

 ima: Handle error code returned by ima_filter_rule_match() (CVE-2025-68740)

 In the Linux kernel, the following vulnerability has been resolved:

 NFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags (CVE-2025-68764)

 In the Linux kernel, the following vulnerability has been resolved:

 sched/deadline: only set free_cpus for online runqueues (CVE-2025-68780)

 In the Linux kernel, the following vulnerability has been resolved:

 scsi: target: Reset t_task_cdb pointer in error case (CVE-2025-68782)

 In the Linux kernel, the following vulnerability has been resolved:

 net: openvswitch: fix middle attribute validation in push_nsh() action (CVE-2025-68785)

 In the Linux kernel, the following vulnerability has been resolved:

 fsnotify: do not generate ACCESS/MODIFY events on child for special files (CVE-2025-68788)

 In the Linux kernel, the following vulnerability has been resolved:

 ethtool: Avoid overflowing userspace buffer on stats query (CVE-2025-68795)

 In the Linux kernel, the following vulnerability has been resolved:

 NFSD: NFSv4 file creation neglects setting ACL (CVE-2025-68803)

 In the Linux kernel, the following vulnerability has been resolved:

 ipvs: fix ipv4 null-ptr-deref in route error path (CVE-2025-68813)

 In the Linux kernel, the following vulnerability has been resolved:

 io_uring: fix filename leak in __io_openat_prep() (CVE-2025-68814)

 In the Linux kernel, the following vulnerability has been resolved:

 net/mlx5: fw_tracer, Validate format string parameters (CVE-2025-68816)

 In the Linux kernel, the following vulnerability has been resolved:

 ext4: xattr: fix null pointer deref in ext4_raw_inode() (CVE-2025-68820)

 In the Linux kernel, the following vulnerability has been resolved:

 fuse: fix readahead reclaim deadlock (CVE-2025-68821)

 In the Linux kernel, the following vulnerability has been resolved:

 tpm: Cap the number of PCR banks (CVE-2025-71077)

 In the Linux kernel, the following vulnerability has been resolved:

 drm/ttm: Avoid NULL pointer deref for evicted BOs (CVE-2025-71083)

 In the Linux kernel, the following vulnerability has been resolved:

 RDMA/cm: Fix leaking the multicast GID table reference (CVE-2025-71084)

 In the Linux kernel, the following vulnerability has been resolved:

 ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (CVE-2025-71085)

 In the Linux kernel, the following vulnerability has been resolved:

 team: fix check for port enabled in team_queue_override_port_prio_changed() (CVE-2025-71091)

 In the Linux kernel, the following vulnerability has been resolved:

 e1000: fix OOB in e1000_tbi_should_accept() (CVE-2025-71093)

 In the Linux kernel, the following vulnerability has been resolved:

 RDMA/core: Check for the presence of LS_NLA_TYPE_DGID correctly (CVE-2025-71096)

 In the Linux kernel, the following vulnerability has been resolved:

 ipv4: Fix reference count leak when using error routes with nexthop objects (CVE-2025-71097)

 In the Linux kernel, the following vulnerability has been resolved:

 ip6_gre: make ip6gre_header() robust (CVE-2025-71098)

 In the Linux kernel, the following vulnerability has been resolved:

 KVM: x86: Fix VM hard lockup after prolonged inactivity with periodic HV timer (CVE-2025-71104)

 In the Linux kernel, the following vulnerability has been resolved:

 crypto: af_alg - zero initialize memory allocated via sock_kmalloc (CVE-2025-71113)

 In the Linux kernel, the following vulnerability has been resolved:

 libceph: make decode_pool() more resilient against corrupted osdmaps (CVE-2025-71116)

 In the Linux kernel, the following vulnerability has been resolved:

 ACPICA: Avoid walking the Namespace if start_node is NULL (CVE-2025-71118)

 In the Linux kernel, the following vulnerability has been resolved:

 SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (CVE-2025-71120)

 In the Linux kernel, the following vulnerability has been resolved:

 tracing: Do not register unsupported perf events (CVE-2025-71125)

 In the Linux kernel, the following vulnerability has been resolved:

 crypto: seqiv - Do not use req->iv after crypto_aead_encrypt (CVE-2025-71131)

 In the Linux kernel, the following vulnerability has been resolved:

 KEYS: trusted: Fix a memory leak in tpm2_load_cmd (CVE-2025-71147)

 In the Linux kernel, the following vulnerability has been resolved:

 net/sched: sch_qfq: Fix NULL deref when deactivating inactive aggregate in qfq_reset (CVE-2026-22976)

 In the Linux kernel, the following vulnerability has been resolved:

 net: sock: fix hardened usercopy panic in sock_recv_errqueue (CVE-2026-22977)

 In the Linux kernel, the following vulnerability has been resolved:

 nfsd: provide locking for v4_end_grace (CVE-2026-22980)

 In the Linux kernel, the following vulnerability has been resolved:

 libceph: prevent potential out-of-bounds reads in handle_auth_done() (CVE-2026-22984)

 In the Linux kernel, the following vulnerability has been resolved:

 libceph: replace overzealous BUG_ON in osdmap_apply_incremental() (CVE-2026-22990)

 In the Linux kernel, the following vulnerability has been resolved:

 libceph: make free_choose_arg_map() resilient to partial allocation (CVE-2026-22991)

 In the Linux kernel, the following vulnerability has been resolved:

 libceph: return the handler error from mon_handle_auth_done() (CVE-2026-22992)

 In the Linux kernel, the following vulnerability has been resolved:

 libceph: make calc_target() set t->paused, not just clear it (CVE-2026-23047)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Run 'yum update kernel' or or 'yum update --advisory ALAS2KERNEL-5.15-2026-098' to update your system.

See Also

https://alas.aws.amazon.com//AL2/ALAS2KERNEL-5.15-2026-098.html

https://alas.aws.amazon.com/faqs.html

https://explore.alas.aws.amazon.com/CVE-2025-38129.html

https://explore.alas.aws.amazon.com/CVE-2025-38556.html

https://explore.alas.aws.amazon.com/CVE-2025-40215.html

https://explore.alas.aws.amazon.com/CVE-2025-68261.html

https://explore.alas.aws.amazon.com/CVE-2025-68264.html

https://explore.alas.aws.amazon.com/CVE-2025-68325.html

https://explore.alas.aws.amazon.com/CVE-2025-68337.html

https://explore.alas.aws.amazon.com/CVE-2025-68349.html

https://explore.alas.aws.amazon.com/CVE-2025-68366.html

https://explore.alas.aws.amazon.com/CVE-2025-68372.html

https://explore.alas.aws.amazon.com/CVE-2025-68724.html

https://explore.alas.aws.amazon.com/CVE-2025-68727.html

https://explore.alas.aws.amazon.com/CVE-2025-68728.html

https://explore.alas.aws.amazon.com/CVE-2025-68740.html

https://explore.alas.aws.amazon.com/CVE-2025-68764.html

https://explore.alas.aws.amazon.com/CVE-2025-68780.html

https://explore.alas.aws.amazon.com/CVE-2025-68782.html

https://explore.alas.aws.amazon.com/CVE-2025-68785.html

https://explore.alas.aws.amazon.com/CVE-2025-68788.html

https://explore.alas.aws.amazon.com/CVE-2025-68795.html

https://explore.alas.aws.amazon.com/CVE-2025-68803.html

https://explore.alas.aws.amazon.com/CVE-2025-68813.html

https://explore.alas.aws.amazon.com/CVE-2025-68814.html

https://explore.alas.aws.amazon.com/CVE-2025-68816.html

https://explore.alas.aws.amazon.com/CVE-2025-68820.html

https://explore.alas.aws.amazon.com/CVE-2025-68821.html

https://explore.alas.aws.amazon.com/CVE-2025-71077.html

https://explore.alas.aws.amazon.com/CVE-2025-71083.html

https://explore.alas.aws.amazon.com/CVE-2025-71084.html

https://explore.alas.aws.amazon.com/CVE-2025-71085.html

https://explore.alas.aws.amazon.com/CVE-2025-71091.html

https://explore.alas.aws.amazon.com/CVE-2025-71093.html

https://explore.alas.aws.amazon.com/CVE-2025-71096.html

https://explore.alas.aws.amazon.com/CVE-2025-71097.html

https://explore.alas.aws.amazon.com/CVE-2025-71098.html

https://explore.alas.aws.amazon.com/CVE-2025-71104.html

https://explore.alas.aws.amazon.com/CVE-2025-71113.html

https://explore.alas.aws.amazon.com/CVE-2025-71116.html

https://explore.alas.aws.amazon.com/CVE-2025-71118.html

https://explore.alas.aws.amazon.com/CVE-2025-71120.html

https://explore.alas.aws.amazon.com/CVE-2025-71125.html

https://explore.alas.aws.amazon.com/CVE-2025-71131.html

https://explore.alas.aws.amazon.com/CVE-2025-71147.html

https://explore.alas.aws.amazon.com/CVE-2026-22976.html

https://explore.alas.aws.amazon.com/CVE-2026-22977.html

https://explore.alas.aws.amazon.com/CVE-2026-22980.html

https://explore.alas.aws.amazon.com/CVE-2026-22984.html

https://explore.alas.aws.amazon.com/CVE-2026-22990.html

https://explore.alas.aws.amazon.com/CVE-2026-22991.html

https://explore.alas.aws.amazon.com/CVE-2026-22992.html

https://explore.alas.aws.amazon.com/CVE-2026-23047.html

Plugin Details

Severity: High

ID: 301269

File Name: al2_ALASKERNEL-5_15-2026-098.nasl

Version: 1.1

Type: local

Agent: unix

Published: 3/6/2026

Updated: 3/6/2026

Supported Sensors: Continuous Assessment, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.3

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2026-22980

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 7

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:amazon:linux:perf, p-cpe:/a:amazon:linux:bpftool, p-cpe:/a:amazon:linux:perf-debuginfo, p-cpe:/a:amazon:linux:kernel-tools-debuginfo, p-cpe:/a:amazon:linux:kernel-debuginfo-common-aarch64, p-cpe:/a:amazon:linux:kernel-tools, p-cpe:/a:amazon:linux:kernel-devel, p-cpe:/a:amazon:linux:python-perf-debuginfo, p-cpe:/a:amazon:linux:kernel, p-cpe:/a:amazon:linux:kernel-debuginfo, p-cpe:/a:amazon:linux:kernel-headers, cpe:/o:amazon:linux:2, p-cpe:/a:amazon:linux:kernel-livepatch-5.15.201-140.219, p-cpe:/a:amazon:linux:bpftool-debuginfo, p-cpe:/a:amazon:linux:kernel-tools-devel, p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64, p-cpe:/a:amazon:linux:python-perf

Required KB Items: Host/local_checks_enabled, Host/AmazonLinux/release, Host/AmazonLinux/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 3/6/2026

Vulnerability Publication Date: 2/12/2025

Reference Information

CVE: CVE-2025-38129, CVE-2025-38556, CVE-2025-40215, CVE-2025-68261, CVE-2025-68264, CVE-2025-68325, CVE-2025-68337, CVE-2025-68349, CVE-2025-68366, CVE-2025-68372, CVE-2025-68724, CVE-2025-68727, CVE-2025-68728, CVE-2025-68740, CVE-2025-68764, CVE-2025-68780, CVE-2025-68782, CVE-2025-68785, CVE-2025-68788, CVE-2025-68795, CVE-2025-68803, CVE-2025-68813, CVE-2025-68814, CVE-2025-68816, CVE-2025-68820, CVE-2025-68821, CVE-2025-71077, CVE-2025-71083, CVE-2025-71084, CVE-2025-71085, CVE-2025-71091, CVE-2025-71093, CVE-2025-71096, CVE-2025-71097, CVE-2025-71098, CVE-2025-71104, CVE-2025-71113, CVE-2025-71116, CVE-2025-71118, CVE-2025-71120, CVE-2025-71125, CVE-2025-71131, CVE-2025-71147, CVE-2026-22976, CVE-2026-22977, CVE-2026-22980, CVE-2026-22984, CVE-2026-22990, CVE-2026-22991, CVE-2026-22992, CVE-2026-23047