Detections
Analytics

Amazon Linux 2023 : bpftool6.12, kernel6.12, kernel6.12-devel (ALAS2023-2026-1455)

medium Nessus Plugin ID 301337

Synopsis

The remote Amazon Linux 2023 host is missing a security update.

Description

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1455 advisory.

 In the Linux kernel, the following vulnerability has been resolved:

 bpf: Reject narrower access to pointer ctx fields (CVE-2025-38591)

 In the Linux kernel, the following vulnerability has been resolved:

 sched_ext: Fix possible deadlock in the deferred_irq_workfn() (CVE-2025-68333)

 In the Linux kernel, the following vulnerability has been resolved:

 exfat: fix refcount leak in exfat_find (CVE-2025-68351)

 In the Linux kernel, the following vulnerability has been resolved:

 btrfs: fix racy bitfield write in btrfs_clear_space_info_full() (CVE-2025-68358)

 In the Linux kernel, the following vulnerability has been resolved:

 fs/ntfs3: Initialize allocated memory before use (CVE-2025-68365)

 In the Linux kernel, the following vulnerability has been resolved:

 bpf: Do not let BPF test infra emit invalid GSO types to stack (CVE-2025-68725)

 In the Linux kernel, the following vulnerability has been resolved:

 btrfs: fix deadlock in wait_current_trans() due to ignored transaction type (CVE-2025-71194)

 In the Linux kernel, the following vulnerability has been resolved:

 net/mlx5e: Don't store mlx5e_priv in mlx5e_dev devlink priv (CVE-2026-22996)

 In the Linux kernel, the following vulnerability has been resolved:

 net/sched: sch_qfq: do not free existing class in qfq_change_class() (CVE-2026-22999)

 In the Linux kernel, the following vulnerability has been resolved:

 net/mlx5e: Fix crash on profile change rollback failure (CVE-2026-23000)

 In the Linux kernel, the following vulnerability has been resolved:

 macvlan: fix possible UAF in macvlan_forward_source() (CVE-2026-23001)

 In the Linux kernel, the following vulnerability has been resolved:

 lib/buildid: use __kernel_read() for sleepable context (CVE-2026-23002)

 In the Linux kernel, the following vulnerability has been resolved:

 ip6_tunnel: use skb_vlan_inet_prepare() in __ip6_tnl_rcv() (CVE-2026-23003)

 In the Linux kernel, the following vulnerability has been resolved:

 x86/fpu: Clear XSTATE_BV[i] in guest XSAVE state whenever XFD[i]=1 (CVE-2026-23005)

 In the Linux kernel, the following vulnerability has been resolved:

 ipv6: Fix use-after-free in inet6_addr_del(). (CVE-2026-23010)

 In the Linux kernel, the following vulnerability has been resolved:

 ipv4: ip_gre: make ipgre_header() robust (CVE-2026-23011)

 In the Linux kernel, the following vulnerability has been resolved:

 mm/page_alloc: prevent pcp corruption with SMP=n (CVE-2026-23025)

 In the Linux kernel, the following vulnerability has been resolved:

 null_blk: fix kmemleak by releasing references to fault configfs items (CVE-2026-23032)

 In the Linux kernel, the following vulnerability has been resolved:

 net/mlx5e: Pass netdev to mlx5e_destroy_netdev instead of priv (CVE-2026-23035)

 In the Linux kernel, the following vulnerability has been resolved:

 pnfs/flexfiles: Fix memory leak in nfs4_ff_alloc_deviceid_node() (CVE-2026-23038)

 In the Linux kernel, the following vulnerability has been resolved:

 pNFS: Fix a deadlock when returning a delegation during open() (CVE-2026-23050)

 In the Linux kernel, the following vulnerability has been resolved:

 NFS: Fix a deadlock involving nfs_release_folio() (CVE-2026-23053)

 In the Linux kernel, the following vulnerability has been resolved:

 net: hv_netvsc: reject RSS hash key programming without RX indirection table (CVE-2026-23054)

 In the Linux kernel, the following vulnerability has been resolved:

 vsock/virtio: Coalesce only linear skb (CVE-2026-23057)

 In the Linux kernel, the following vulnerability has been resolved:

 crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec (CVE-2026-23060)

 In the Linux kernel, the following vulnerability has been resolved:

 vsock/virtio: fix potential underflow in virtio_transport_get_credit() (CVE-2026-23069)

 In the Linux kernel, the following vulnerability has been resolved:

 regmap: Fix race condition in hwspinlock irqsave routine (CVE-2026-23071)

 In the Linux kernel, the following vulnerability has been resolved:

 net/sched: Enforce that teql can only be used as root qdisc (CVE-2026-23074)

 In the Linux kernel, the following vulnerability has been resolved:

 fou: Don't allow 0 for FOU_ATTR_IPPROTO. (CVE-2026-23083)

 In the Linux kernel, the following vulnerability has been resolved:

 irqchip/gic-v3-its: Avoid truncating memory addresses (CVE-2026-23085)

 In the Linux kernel, the following vulnerability has been resolved:

 vsock/virtio: cap TX credit to local buffer size (CVE-2026-23086)

 In the Linux kernel, the following vulnerability has been resolved:

 gue: Fix skb memleak with inner IP protocol 0. (CVE-2026-23095)

 In the Linux kernel, the following vulnerability has been resolved:

 migrate: correct lock ordering for hugetlb file folios (CVE-2026-23097)

 In the Linux kernel, the following vulnerability has been resolved:

 bonding: limit BOND_MODE_8023AD to Ethernet devices (CVE-2026-23099)

 In the Linux kernel, the following vulnerability has been resolved:

 ipvlan: Make the addrs_lock be per port (CVE-2026-23103)

 In the Linux kernel, the following vulnerability has been resolved:

 net/sched: qfq: Use cl_is_active to determine whether class is active in qfq_rm_from_ag (CVE-2026-23105)

 In the Linux kernel, the following vulnerability has been resolved:

 arm64/fpsimd: signal: Allocate SSVE storage when restoring ZA (CVE-2026-23107)

 In the Linux kernel, the following vulnerability has been resolved:

 scsi: core: Wake up the error handler when final completions race against each other (CVE-2026-23110)

 In the Linux kernel, the following vulnerability has been resolved:

 io_uring/io-wq: check IO_WQ_BIT_EXIT inside work run loop (CVE-2026-23113)

 In the Linux kernel, the following vulnerability has been resolved:

 bonding: provide a net pointer to __skb_flow_dissect() (CVE-2026-23119)

 In the Linux kernel, the following vulnerability has been resolved:

 ipv6: annotate data-race in ndisc_router_discovery() (CVE-2026-23124)

 In the Linux kernel, the following vulnerability has been resolved:

 sctp: move SCTP_CMD_ASSOC_SHKEY right after SCTP_CMD_PEER_INIT (CVE-2026-23125)

 In the Linux kernel, the following vulnerability has been resolved:

 netdevsim: fix a race issue related to the operation on bpf_bound_progs list (CVE-2026-23126)

 In the Linux kernel, the following vulnerability has been resolved:

 arm64: Set __nocfi on swsusp_arch_resume() (CVE-2026-23128)

 In the Linux kernel, the following vulnerability has been resolved:

 btrfs: send: check for inline extents in range_is_hole_in_parent() (CVE-2026-23141)

 In the Linux kernel, the following vulnerability has been resolved:

 mm/damon/sysfs-scheme: cleanup access_pattern subdirs on scheme dir setup failure (CVE-2026-23142)

 In the Linux kernel, the following vulnerability has been resolved:

 mm/damon/sysfs: cleanup attrs subdirs on context dir setup failure (CVE-2026-23144)

 In the Linux kernel, the following vulnerability has been resolved:

 ext4: fix iloc.bh leak in ext4_xattr_inode_update_ref (CVE-2026-23145)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Run 'dnf update kernel6.12 --releasever 2023.10.20260302' or or 'dnf update --advisory ALAS2023-2026-1455 --releasever 2023.10.20260302' to update your system.

See Also

https://alas.aws.amazon.com/faqs.html

https://explore.alas.aws.amazon.com/CVE-2025-38591.html

https://explore.alas.aws.amazon.com/CVE-2025-68333.html

https://explore.alas.aws.amazon.com/CVE-2025-68351.html

https://explore.alas.aws.amazon.com/CVE-2025-68358.html

https://explore.alas.aws.amazon.com/CVE-2025-68365.html

https://explore.alas.aws.amazon.com/CVE-2025-68725.html

https://explore.alas.aws.amazon.com/CVE-2025-71194.html

https://explore.alas.aws.amazon.com/CVE-2026-22996.html

https://explore.alas.aws.amazon.com/CVE-2026-22999.html

https://explore.alas.aws.amazon.com/CVE-2026-23000.html

https://explore.alas.aws.amazon.com/CVE-2026-23001.html

https://explore.alas.aws.amazon.com/CVE-2026-23002.html

https://explore.alas.aws.amazon.com/CVE-2026-23003.html

https://explore.alas.aws.amazon.com/CVE-2026-23005.html

https://explore.alas.aws.amazon.com/CVE-2026-23010.html

https://explore.alas.aws.amazon.com/CVE-2026-23011.html

https://explore.alas.aws.amazon.com/CVE-2026-23025.html

https://explore.alas.aws.amazon.com/CVE-2026-23032.html

https://explore.alas.aws.amazon.com/CVE-2026-23035.html

https://explore.alas.aws.amazon.com/CVE-2026-23038.html

https://explore.alas.aws.amazon.com/CVE-2026-23050.html

https://explore.alas.aws.amazon.com/CVE-2026-23053.html

https://explore.alas.aws.amazon.com/CVE-2026-23054.html

https://explore.alas.aws.amazon.com/CVE-2026-23057.html

https://explore.alas.aws.amazon.com/CVE-2026-23060.html

https://explore.alas.aws.amazon.com/CVE-2026-23069.html

https://explore.alas.aws.amazon.com/CVE-2026-23071.html

https://explore.alas.aws.amazon.com/CVE-2026-23074.html

https://explore.alas.aws.amazon.com/CVE-2026-23083.html

https://explore.alas.aws.amazon.com/CVE-2026-23085.html

https://explore.alas.aws.amazon.com/CVE-2026-23086.html

https://explore.alas.aws.amazon.com/CVE-2026-23095.html

https://explore.alas.aws.amazon.com/CVE-2026-23097.html

https://explore.alas.aws.amazon.com/CVE-2026-23099.html

https://explore.alas.aws.amazon.com/CVE-2026-23103.html

https://explore.alas.aws.amazon.com/CVE-2026-23105.html

https://explore.alas.aws.amazon.com/CVE-2026-23107.html

https://explore.alas.aws.amazon.com/CVE-2026-23110.html

https://explore.alas.aws.amazon.com/CVE-2026-23113.html

https://explore.alas.aws.amazon.com/CVE-2026-23119.html

https://explore.alas.aws.amazon.com/CVE-2026-23124.html

https://explore.alas.aws.amazon.com/CVE-2026-23125.html

https://explore.alas.aws.amazon.com/CVE-2026-23126.html

https://explore.alas.aws.amazon.com/CVE-2026-23128.html

https://explore.alas.aws.amazon.com/CVE-2026-23141.html

https://explore.alas.aws.amazon.com/CVE-2026-23142.html

https://explore.alas.aws.amazon.com/CVE-2026-23144.html

https://explore.alas.aws.amazon.com/CVE-2026-23145.html

https://alas.aws.amazon.com//AL2023/ALAS2023-2026-1455.html

Plugin Details

Severity: Medium

ID: 301337

File Name: al2023_ALAS2023-2026-1455.nasl

Version: 1.1

Type: local

Agent: unix

Published: 3/6/2026

Updated: 3/6/2026

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Medium

Base Score: 4.6

Temporal Score: 3.4

Vector: CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:C

CVSS Score Source: CVE-2026-23000

CVSS v3

Risk Factor: Medium

Base Score: 5.5

Temporal Score: 4.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:amazon:linux:python3-perf6.12, p-cpe:/a:amazon:linux:kernel6.12-libbpf, p-cpe:/a:amazon:linux:kernel6.12, p-cpe:/a:amazon:linux:kernel6.12-libbpf-static, p-cpe:/a:amazon:linux:kernel6.12-tools-devel, p-cpe:/a:amazon:linux:kernel6.12-libbpf-debuginfo, p-cpe:/a:amazon:linux:kernel6.12-headers, p-cpe:/a:amazon:linux:kernel6.12-modules-extra, p-cpe:/a:amazon:linux:kernel6.12-debuginfo, p-cpe:/a:amazon:linux:bpftool6.12-debuginfo, p-cpe:/a:amazon:linux:bpftool6.12, p-cpe:/a:amazon:linux:kernel6.12-debuginfo-common-x86_64, p-cpe:/a:amazon:linux:perf6.12, p-cpe:/a:amazon:linux:perf6.12-debuginfo, p-cpe:/a:amazon:linux:kernel6.12-debuginfo-common-aarch64, p-cpe:/a:amazon:linux:kernel6.12-modules-extra-common, cpe:/o:amazon:linux:2023, p-cpe:/a:amazon:linux:kernel6.12-devel, p-cpe:/a:amazon:linux:kernel6.12-tools-debuginfo, p-cpe:/a:amazon:linux:kernel-livepatch-6.12.68-92.122, p-cpe:/a:amazon:linux:python3-perf6.12-debuginfo, p-cpe:/a:amazon:linux:kernel6.12-libbpf-devel, p-cpe:/a:amazon:linux:kernel6.12-tools

Required KB Items: Host/local_checks_enabled, Host/AmazonLinux/release, Host/AmazonLinux/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 3/5/2026

Vulnerability Publication Date: 8/19/2025

Reference Information

CVE: CVE-2025-38591, CVE-2025-68333, CVE-2025-68351, CVE-2025-68358, CVE-2025-68365, CVE-2025-68725, CVE-2025-71194, CVE-2026-22996, CVE-2026-22999, CVE-2026-23000, CVE-2026-23001, CVE-2026-23002, CVE-2026-23003, CVE-2026-23005, CVE-2026-23010, CVE-2026-23011, CVE-2026-23025, CVE-2026-23032, CVE-2026-23035, CVE-2026-23038, CVE-2026-23050, CVE-2026-23053, CVE-2026-23054, CVE-2026-23057, CVE-2026-23060, CVE-2026-23069, CVE-2026-23071, CVE-2026-23074, CVE-2026-23083, CVE-2026-23085, CVE-2026-23086, CVE-2026-23095, CVE-2026-23097, CVE-2026-23099, CVE-2026-23103, CVE-2026-23105, CVE-2026-23107, CVE-2026-23110, CVE-2026-23113, CVE-2026-23119, CVE-2026-23124, CVE-2026-23125, CVE-2026-23126, CVE-2026-23128, CVE-2026-23141, CVE-2026-23142, CVE-2026-23144, CVE-2026-23145