Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.10-2026-123 (ALASKERNEL-5.10-2026-123)

high Nessus Plugin ID 321988

Synopsis

The remote Amazon Linux 2 host is missing a security update.

Description

The version of kernel installed on the remote host is prior to 5.10.258-257.1041. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2026-123 advisory.

In the Linux kernel, the following vulnerability has been resolved:

IB/mad: Don't call to function that might sleep while in atomic context (CVE-2022-50472)

In the Linux kernel, the following vulnerability has been resolved:

scsi: qla2xxx: Fix crash when I/O abort times out (CVE-2022-50493)

In the Linux kernel, the following vulnerability has been resolved:

blk-mq: use quiesced elevator switch when reinitializing queues (CVE-2022-50552)

In the Linux kernel, the following vulnerability has been resolved:

mm: fix zswap writeback race condition (CVE-2023-53178)

In the Linux kernel, the following vulnerability has been resolved:

blk-cgroup: Reinit blkg_iostat_set after clearing in blkcg_reset_stats() (CVE-2023-53421)

In the Linux kernel, the following vulnerability has been resolved:

page_pool: Fix use-after-free in page_pool_recycle_in_ring (CVE-2025-38129)

In the Linux kernel, the following vulnerability has been resolved:

gfs2: Validate i_depth for exhash directories (CVE-2025-38710)

In the Linux kernel, the following vulnerability has been resolved:

mm/damon/sysfs: fix use-after-free in state_show() (CVE-2025-39877)

In the Linux kernel, the following vulnerability has been resolved:

net/sched: cls_u32: use skb_header_pointer_careful() (CVE-2026-23204)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nf_tables: unconditionally bump set->nelems before insertion (CVE-2026-23272)

In the Linux kernel, the following vulnerability has been resolved:

net: sched: avoid qdisc_reset_all_tx_gt() vs dequeue race for lockless qdiscs (CVE-2026-23340)

In the Linux kernel, the following vulnerability has been resolved:

ipv6: add NULL checks for idev in SRv6 paths (CVE-2026-23442)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: conntrack: add missing netlink policy validations (CVE-2026-31407)

In the Linux kernel, the following vulnerability has been resolved:

net: bonding: fix use-after-free in bond_xmit_broadcast() (CVE-2026-31419)

In the Linux kernel, the following vulnerability has been resolved:

can: raw: fix ro->uniq use-after-free in raw_rcv() (CVE-2026-31532)

In the Linux kernel, the following vulnerability has been resolved:

nilfs2: fix NULL i_assoc_inode dereference in nilfs_mdt_save_to_shadow_map (CVE-2026-31577)

In the Linux kernel, the following vulnerability has been resolved:

bcache: fix cached_dev.sb_bio use-after-free and crash (CVE-2026-31580)

In the Linux kernel, the following vulnerability has been resolved:

mm: blk-cgroup: fix use-after-free in cgwb_release_workfn() (CVE-2026-31586)

In the Linux kernel, the following vulnerability has been resolved:

KVM: x86: Use scratch field in MMIO fragment to hold small write values (CVE-2026-31588)

In the Linux kernel, the following vulnerability has been resolved:

KVM: SEV: Drop WARN on large size for KVM_MEMORY_ENCRYPT_REG_REGION (CVE-2026-31590)

In the Linux kernel, the following vulnerability has been resolved:

usbip: validate number_of_packets in usbip_pack_ret_submit() (CVE-2026-31607)

In the Linux kernel, the following vulnerability has been resolved:

HID: core: clamp report_size in s32ton() to avoid undefined shift (CVE-2026-31624)

In the Linux kernel, the following vulnerability has been resolved:

rxrpc: fix reference count leak in rxrpc_server_keyring() (CVE-2026-31634)

In the Linux kernel, the following vulnerability has been resolved:

drm/i915/gt: fix refcount underflow in intel_engine_park_heartbeat (CVE-2026-31656)

In the Linux kernel, the following vulnerability has been resolved:

xfrm: hold dev ref until after transport_finish NF_HOOK (CVE-2026-31663)

In the Linux kernel, the following vulnerability has been resolved:

xfrm: clear trailing padding in build_polexpire() (CVE-2026-31664)

In the Linux kernel, the following vulnerability has been resolved:

af_unix: read UNIX_DIAG_VFS data under unix_state_lock (CVE-2026-31673)

In the Linux kernel, the following vulnerability has been resolved:

rxrpc: only handle RESPONSE during service challenge (CVE-2026-31676)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: xt_multiport: validate range encoding in checkentry (CVE-2026-31681)

In the Linux kernel, the following vulnerability has been resolved:

net: sched: act_csum: validate nested VLAN headers (CVE-2026-31684)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: ip6t_eui64: reject invalid MAC header for all packets (CVE-2026-31685)

In the Linux kernel, the following vulnerability has been resolved:

rtnetlink: add missing netlink_ns_capable() check for peer netns (CVE-2026-31692)

In the Linux kernel, the following vulnerability has been resolved:

net/packet: fix TOCTOU race on mmap'd vnet_hdr in tpacket_snd() (CVE-2026-31700)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nfnetlink_log: initialize nfgenmsg in NLMSG_DONE terminator (CVE-2026-43085)

In the Linux kernel, the following vulnerability has been resolved:

xfrm_user: fix info leak in build_mapping() (CVE-2026-43089)

In the Linux kernel, the following vulnerability has been resolved:

xsk: tighten UMEM headroom validation to account for tailroom and min frame (CVE-2026-43093)

In the Linux kernel, the following vulnerability has been resolved:

HID: roccat: fix use-after-free in roccat_report_event (CVE-2026-43111)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nft_set_pipapo_avx2: don't return non-matching entry on expiry (CVE-2026-43114)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: ctnetlink: ensure safe access to master conntrack (CVE-2026-43116)

In the Linux kernel, the following vulnerability has been resolved:

btrfs: tracepoints: get correct superblock from dentry in event btrfs_sync_file() (CVE-2026-43117)

In the Linux kernel, the following vulnerability has been resolved:

mailbox: Prevent out-of-bounds access in fw_mbox_index_xlate() (CVE-2026-43281)

In the Linux kernel, the following vulnerability has been resolved:

crypto: pcrypt - Fix handling of MAY_BACKLOG requests (CVE-2026-43493)

In the Linux kernel, the following vulnerability has been resolved:

net/sched: sch_red: Replace direct dequeue call with peek and qdisc_dequeue_peeked (CVE-2026-43496)

In the Linux kernel, the following vulnerability has been resolved:

net/rds: handle zerocopy send cleanup before the message is queued (CVE-2026-43502)

In the Linux kernel, the following vulnerability has been resolved:

bpf: fix end-of-list detection in cgroup_storage_get_next_key() (CVE-2026-45838)

In the Linux kernel, the following vulnerability has been resolved:

openvswitch: cap upcall PID array size and pre-size vport replies (CVE-2026-45840)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nfnetlink_osf: fix divide-by-zero in OSF_WSS_MODULO (CVE-2026-45841)

In the Linux kernel, the following vulnerability has been resolved:

slip: reject VJ receive packets on instances with no rstate array (CVE-2026-45842)

In the Linux kernel, the following vulnerability has been resolved:

slip: bound decode() reads against the compressed packet length (CVE-2026-45843)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: arp_tables: fix IEEE1394 ARP payload parsing (CVE-2026-45844)

In the Linux kernel, the following vulnerability has been resolved:

KVM: nSVM: Sync interrupt shadow to cached vmcb12 after VMRUN of L2 (CVE-2026-45987)

In the Linux kernel, the following vulnerability has been resolved:

ext2: reject inodes with zero i_nlink and valid mode in ext2_iget() (CVE-2026-46002)

In the Linux kernel, the following vulnerability has been resolved:

dm mirror: fix integer overflow in create_dirty_log() (CVE-2026-46023)

In the Linux kernel, the following vulnerability has been resolved:

crypto: authencesn - reject short ahash digests during instance creation (CVE-2026-46033)

In the Linux kernel, the following vulnerability has been resolved:

inotify: fix watch count leak when fsnotify_add_inode_mark_locked() fails (CVE-2026-46040)

In the Linux kernel, the following vulnerability has been resolved:

RDMA/rxe: Validate pad and ICRC before payload_size() in rxe_rcv (CVE-2026-46043)

In the Linux kernel, the following vulnerability has been resolved:

ext4: fix missing brelse() in ext4_xattr_inode_dec_ref_all() (CVE-2026-46046)

In the Linux kernel, the following vulnerability has been resolved:

md/raid5: fix soft lockup in retry_aligned_read() (CVE-2026-46051)

In the Linux kernel, the following vulnerability has been resolved:

net: rds: fix MR cleanup on copy error (CVE-2026-46053)

In the Linux kernel, the following vulnerability has been resolved:

md/raid5: validate payload size before accessing journal metadata (CVE-2026-46070)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: reject zero shift in nft_bitwise (CVE-2026-46101)

In the Linux kernel, the following vulnerability has been resolved:

net: strparser: fix skb_head leak in strp_abort_strp() (CVE-2026-46102)

In the Linux kernel, the following vulnerability has been resolved:

ipmi:si: Return state to normal if message allocation fails (CVE-2026-46108)

In the Linux kernel, the following vulnerability has been resolved:

usb: ulpi: fix memory leak on ulpi_register() error paths (CVE-2026-46109)

In the Linux kernel, the following vulnerability has been resolved:

KVM: x86: Fix shadow paging use-after-free due to unexpected GFN (CVE-2026-46113)

In the Linux kernel, the following vulnerability has been resolved:

ip6_gre: Use cached t->net in ip6erspan_changelink(). (CVE-2026-46120)

In the Linux kernel, the following vulnerability has been resolved:

isofs: validate block number from NFS file handle in isofs_export_iget (CVE-2026-46124)

In the Linux kernel, the following vulnerability has been resolved:

ipmi: Check event message buffer response for bad data (CVE-2026-46128)

In the Linux kernel, the following vulnerability has been resolved:

net: rtnetlink: zero ifla_vf_broadcast to avoid stack infoleak in rtnl_fill_vfinfo (CVE-2026-46132)

In the Linux kernel, the following vulnerability has been resolved:

RDMA/rxe: Reject unknown opcodes before ICRC processing (CVE-2026-46133)

In the Linux kernel, the following vulnerability has been resolved:

scsi: target: configfs: Bound snprintf() return in tg_pt_gp_members_show() (CVE-2026-46149)

In the Linux kernel, the following vulnerability has been resolved:

fanotify: fix false positive on permission events (CVE-2026-46150)

In the Linux kernel, the following vulnerability has been resolved:

usb: usblp: fix heap leak in IEEE 1284 device ID via short response (CVE-2026-46151)

In the Linux kernel, the following vulnerability has been resolved:

md/raid10: fix divide-by-zero in setup_geo() with zero far_copies (CVE-2026-46161)

In the Linux kernel, the following vulnerability has been resolved:

usb: usblp: fix uninitialized heap leak via LPGETSTATUS ioctl (CVE-2026-46167)

In the Linux kernel, the following vulnerability has been resolved:

ipv6: xfrm6: release dst on error in xfrm6_rcv_encap() (CVE-2026-46172)

In the Linux kernel, the following vulnerability has been resolved:

ipmi: Add limits to event and receive message requests (CVE-2026-46177)

In the Linux kernel, the following vulnerability has been resolved:

RDMA/mlx4: Fix resource leak on error in mlx4_ib_create_srq() (CVE-2026-46178)

In the Linux kernel, the following vulnerability has been resolved:

drm/gem: Fix inconsistent plane dimension calculation in drm_gem_fb_init_with_funcs() (CVE-2026-46209)

In the Linux kernel, the following vulnerability has been resolved:

vsock/virtio: fix accept queue count leak on transport mismatch (CVE-2026-46214)

In the Linux kernel, the following vulnerability has been resolved:

sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL (CVE-2026-46227)

In the Linux kernel, the following vulnerability has been resolved:

vsock: fix buffer size clamping order (CVE-2026-46234)

In the Linux kernel, the following vulnerability has been resolved:

io-wq: check that the predecessor is hashed in io_wq_remove_pending() (CVE-2026-46274)

In the Linux kernel, the following vulnerability has been resolved:

dm: fix a buffer overflow in ioctl processing (CVE-2026-46294)

In the Linux kernel, the following vulnerability has been resolved:

nvmet: avoid recursive nvmet-wq flush in nvmet_ctrl_free (CVE-2026-46304)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: ip6t_hbh: reject oversized option lists (CVE-2026-52915)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: xt_policy: fix strict mode inbound policy matching (CVE-2026-52920)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: ipset: stop hash:* range iteration at end (CVE-2026-52921)

In the Linux kernel, the following vulnerability has been resolved:

vrf: Fix a potential NPD when removing a port from a VRF (CVE-2026-52925)

In the Linux kernel, the following vulnerability has been resolved:

libceph: handle rbtree insertion error in decode_choose_args() (CVE-2026-52954)

In the Linux kernel, the following vulnerability has been resolved:

libceph: Fix potential out-of-bounds access in crush_decode() (CVE-2026-52955)

In the Linux kernel, the following vulnerability has been resolved:

libceph: Fix potential null-ptr-deref in decode_choose_args() (CVE-2026-52957)

In the Linux kernel, the following vulnerability has been resolved:

libceph: Fix potential out-of-bounds access in osdmap_decode() (CVE-2026-52958)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nft_ct: fix missing expect put in obj eval (CVE-2026-52970)

In the Linux kernel, the following vulnerability has been resolved:

crypto: af_alg - Cap AEAD AD length to 0x80000000 (CVE-2026-52972)

In the Linux kernel, the following vulnerability has been resolved:

net: usb: rtl8150: fix use-after-free in rtl8150_start_xmit() (CVE-2026-52982)

In the Linux kernel, the following vulnerability has been resolved:

netdevsim: zero initialize struct iphdr in dummy sk_buff (CVE-2026-52985)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nf_conntrack_sip: don't use simple_strtoul (CVE-2026-52986)

In the Linux kernel, the following vulnerability has been resolved:

tipc: fix double-free in tipc_buf_append() (CVE-2026-52993)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nfnetlink_osf: fix potential NULL dereference in ttl check (CVE-2026-52998)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nfnetlink_osf: fix out-of-bounds read on option matching (CVE-2026-52999)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: xtables: restrict several matches to inet family (CVE-2026-53001)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: conntrack: remove sprintf usage (CVE-2026-53002)

In the Linux kernel, the following vulnerability has been resolved:

pppoe: drop PFC frames (CVE-2026-53003)

In the Linux kernel, the following vulnerability has been resolved:

ipv6: fix possible UAF in icmpv6_rcv() (CVE-2026-53006)

In the Linux kernel, the following vulnerability has been resolved:

net/sched: taprio: fix use-after-free in advance_sched() on schedule switch (CVE-2026-53011)

In the Linux kernel, the following vulnerability has been resolved:

nexthop: fix IPv6 route referencing IPv4 nexthop (CVE-2026-53012)

In the Linux kernel, the following vulnerability has been resolved:

crypto: ccp - copy IV using skcipher ivsize (CVE-2026-53016)

In the Linux kernel, the following vulnerability has been resolved:

scsi: target: core: Fix integer overflow in UNMAP bounds check (CVE-2026-53021)

In the Linux kernel, the following vulnerability has been resolved:

HID: usbhid: fix deadlock in hid_post_reset() (CVE-2026-53037)

In the Linux kernel, the following vulnerability has been resolved:

efi/capsule-loader: fix incorrect sizeof in phys array reallocation (CVE-2026-53047)

In the Linux kernel, the following vulnerability has been resolved:

quota: Fix race of dquot_scan_active() with quota deactivation (CVE-2026-53050)

In the Linux kernel, the following vulnerability has been resolved:

dm log: fix out-of-bounds write due to region_count overflow (CVE-2026-53059)

In the Linux kernel, the following vulnerability has been resolved:

dm cache metadata: fix memory leak on metadata abort retry (CVE-2026-53060)

In the Linux kernel, the following vulnerability has been resolved:

dm cache: fix dirty mapping checking in passthrough mode switching (CVE-2026-53061)

In the Linux kernel, the following vulnerability has been resolved:

bpf: reject short IPv4/IPv6 inputs in bpf_prog_test_run_skb (CVE-2026-53074)

In the Linux kernel, the following vulnerability has been resolved:

ppp: require CAP_NET_ADMIN in target netns for unattached ioctls (CVE-2026-53075)

In the Linux kernel, the following vulnerability has been resolved:

drbd: Balance RCU calls in drbd_adm_dump_devices() (CVE-2026-53128)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Run 'yum update kernel' or or 'yum update --advisory ALAS2KERNEL-5.10-2026-123' to update your system.

See Also

https://alas.aws.amazon.com//AL2/ALAS2KERNEL-5.10-2026-123.html

https://alas.aws.amazon.com/faqs.html

https://explore.alas.aws.amazon.com/CVE-2022-50472.html

https://explore.alas.aws.amazon.com/CVE-2022-50493.html

https://explore.alas.aws.amazon.com/CVE-2022-50552.html

https://explore.alas.aws.amazon.com/CVE-2023-53178.html

https://explore.alas.aws.amazon.com/CVE-2023-53421.html

https://explore.alas.aws.amazon.com/CVE-2025-38129.html

https://explore.alas.aws.amazon.com/CVE-2025-38710.html

https://explore.alas.aws.amazon.com/CVE-2025-39877.html

https://explore.alas.aws.amazon.com/CVE-2026-23204.html

https://explore.alas.aws.amazon.com/CVE-2026-23272.html

https://explore.alas.aws.amazon.com/CVE-2026-23340.html

https://explore.alas.aws.amazon.com/CVE-2026-23442.html

https://explore.alas.aws.amazon.com/CVE-2026-31407.html

https://explore.alas.aws.amazon.com/CVE-2026-31419.html

https://explore.alas.aws.amazon.com/CVE-2026-31532.html

https://explore.alas.aws.amazon.com/CVE-2026-31577.html

https://explore.alas.aws.amazon.com/CVE-2026-31580.html

https://explore.alas.aws.amazon.com/CVE-2026-31586.html

https://explore.alas.aws.amazon.com/CVE-2026-31588.html

https://explore.alas.aws.amazon.com/CVE-2026-31590.html

https://explore.alas.aws.amazon.com/CVE-2026-31607.html

https://explore.alas.aws.amazon.com/CVE-2026-31624.html

https://explore.alas.aws.amazon.com/CVE-2026-31634.html

https://explore.alas.aws.amazon.com/CVE-2026-31656.html

https://explore.alas.aws.amazon.com/CVE-2026-31663.html

https://explore.alas.aws.amazon.com/CVE-2026-31664.html

https://explore.alas.aws.amazon.com/CVE-2026-31673.html

https://explore.alas.aws.amazon.com/CVE-2026-31676.html

https://explore.alas.aws.amazon.com/CVE-2026-31681.html

https://explore.alas.aws.amazon.com/CVE-2026-31684.html

https://explore.alas.aws.amazon.com/CVE-2026-31685.html

https://explore.alas.aws.amazon.com/CVE-2026-31692.html

https://explore.alas.aws.amazon.com/CVE-2026-31700.html

https://explore.alas.aws.amazon.com/CVE-2026-43085.html

https://explore.alas.aws.amazon.com/CVE-2026-43089.html

https://explore.alas.aws.amazon.com/CVE-2026-43093.html

https://explore.alas.aws.amazon.com/CVE-2026-43111.html

https://explore.alas.aws.amazon.com/CVE-2026-43114.html

https://explore.alas.aws.amazon.com/CVE-2026-43116.html

https://explore.alas.aws.amazon.com/CVE-2026-43117.html

https://explore.alas.aws.amazon.com/CVE-2026-43281.html

https://explore.alas.aws.amazon.com/CVE-2026-43493.html

https://explore.alas.aws.amazon.com/CVE-2026-43496.html

https://explore.alas.aws.amazon.com/CVE-2026-43502.html

https://explore.alas.aws.amazon.com/CVE-2026-45838.html

https://explore.alas.aws.amazon.com/CVE-2026-45840.html

https://explore.alas.aws.amazon.com/CVE-2026-45841.html

https://explore.alas.aws.amazon.com/CVE-2026-45842.html

https://explore.alas.aws.amazon.com/CVE-2026-45843.html

https://explore.alas.aws.amazon.com/CVE-2026-45844.html

https://explore.alas.aws.amazon.com/CVE-2026-45987.html

https://explore.alas.aws.amazon.com/CVE-2026-46002.html

https://explore.alas.aws.amazon.com/CVE-2026-46023.html

https://explore.alas.aws.amazon.com/CVE-2026-46033.html

https://explore.alas.aws.amazon.com/CVE-2026-46040.html

https://explore.alas.aws.amazon.com/CVE-2026-46043.html

https://explore.alas.aws.amazon.com/CVE-2026-46046.html

https://explore.alas.aws.amazon.com/CVE-2026-46051.html

https://explore.alas.aws.amazon.com/CVE-2026-46053.html

https://explore.alas.aws.amazon.com/CVE-2026-46070.html

https://explore.alas.aws.amazon.com/CVE-2026-46101.html

https://explore.alas.aws.amazon.com/CVE-2026-46102.html

https://explore.alas.aws.amazon.com/CVE-2026-46108.html

https://explore.alas.aws.amazon.com/CVE-2026-46109.html

https://explore.alas.aws.amazon.com/CVE-2026-46113.html

https://explore.alas.aws.amazon.com/CVE-2026-46120.html

https://explore.alas.aws.amazon.com/CVE-2026-46124.html

https://explore.alas.aws.amazon.com/CVE-2026-46128.html

https://explore.alas.aws.amazon.com/CVE-2026-46132.html

https://explore.alas.aws.amazon.com/CVE-2026-46133.html

https://explore.alas.aws.amazon.com/CVE-2026-46149.html

https://explore.alas.aws.amazon.com/CVE-2026-46150.html

https://explore.alas.aws.amazon.com/CVE-2026-46151.html

https://explore.alas.aws.amazon.com/CVE-2026-46161.html

https://explore.alas.aws.amazon.com/CVE-2026-46167.html

https://explore.alas.aws.amazon.com/CVE-2026-46172.html

https://explore.alas.aws.amazon.com/CVE-2026-46177.html

https://explore.alas.aws.amazon.com/CVE-2026-46178.html

https://explore.alas.aws.amazon.com/CVE-2026-46209.html

https://explore.alas.aws.amazon.com/CVE-2026-46214.html

https://explore.alas.aws.amazon.com/CVE-2026-46227.html

https://explore.alas.aws.amazon.com/CVE-2026-46234.html

https://explore.alas.aws.amazon.com/CVE-2026-46274.html

https://explore.alas.aws.amazon.com/CVE-2026-46294.html

https://explore.alas.aws.amazon.com/CVE-2026-46304.html

https://explore.alas.aws.amazon.com/CVE-2026-52915.html

https://explore.alas.aws.amazon.com/CVE-2026-52920.html

https://explore.alas.aws.amazon.com/CVE-2026-52921.html

https://explore.alas.aws.amazon.com/CVE-2026-52925.html

https://explore.alas.aws.amazon.com/CVE-2026-52954.html

https://explore.alas.aws.amazon.com/CVE-2026-52955.html

https://explore.alas.aws.amazon.com/CVE-2026-52957.html

https://explore.alas.aws.amazon.com/CVE-2026-52958.html

https://explore.alas.aws.amazon.com/CVE-2026-52970.html

https://explore.alas.aws.amazon.com/CVE-2026-52972.html

https://explore.alas.aws.amazon.com/CVE-2026-52982.html

https://explore.alas.aws.amazon.com/CVE-2026-52985.html

https://explore.alas.aws.amazon.com/CVE-2026-52986.html

https://explore.alas.aws.amazon.com/CVE-2026-52993.html

https://explore.alas.aws.amazon.com/CVE-2026-52998.html

https://explore.alas.aws.amazon.com/CVE-2026-52999.html

https://explore.alas.aws.amazon.com/CVE-2026-53001.html

https://explore.alas.aws.amazon.com/CVE-2026-53002.html

https://explore.alas.aws.amazon.com/CVE-2026-53003.html

https://explore.alas.aws.amazon.com/CVE-2026-53006.html

https://explore.alas.aws.amazon.com/CVE-2026-53011.html

https://explore.alas.aws.amazon.com/CVE-2026-53012.html

https://explore.alas.aws.amazon.com/CVE-2026-53016.html

https://explore.alas.aws.amazon.com/CVE-2026-53021.html

https://explore.alas.aws.amazon.com/CVE-2026-53037.html

https://explore.alas.aws.amazon.com/CVE-2026-53047.html

https://explore.alas.aws.amazon.com/CVE-2026-53050.html

https://explore.alas.aws.amazon.com/CVE-2026-53059.html

https://explore.alas.aws.amazon.com/CVE-2026-53060.html

https://explore.alas.aws.amazon.com/CVE-2026-53061.html

https://explore.alas.aws.amazon.com/CVE-2026-53074.html

https://explore.alas.aws.amazon.com/CVE-2026-53075.html

https://explore.alas.aws.amazon.com/CVE-2026-53128.html

Plugin Details

Severity: High

ID: 321988

File Name: al2_ALASKERNEL-5_10-2026-123.nasl

Version: 1.4

Type: Local

Agent: unix

Published: 6/22/2026

Updated: 7/10/2026

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Nessus Agent, Tenable Cloud Security, Tenable Self-Hosted Container Security, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.8

Percentile: 99.34

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.3

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2026-46294

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 7

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:amazon:linux:perf, p-cpe:/a:amazon:linux:kernel-livepatch-5.10.258-257.1041, p-cpe:/a:amazon:linux:bpftool, p-cpe:/a:amazon:linux:perf-debuginfo, p-cpe:/a:amazon:linux:kernel-tools-debuginfo, p-cpe:/a:amazon:linux:kernel-debuginfo-common-aarch64, p-cpe:/a:amazon:linux:kernel-tools, p-cpe:/a:amazon:linux:kernel-devel, p-cpe:/a:amazon:linux:python-perf-debuginfo, p-cpe:/a:amazon:linux:kernel, p-cpe:/a:amazon:linux:kernel-debuginfo, p-cpe:/a:amazon:linux:kernel-headers, cpe:/o:amazon:linux:2, p-cpe:/a:amazon:linux:bpftool-debuginfo, p-cpe:/a:amazon:linux:kernel-tools-devel, p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64, p-cpe:/a:amazon:linux:python-perf

Required KB Items: Host/local_checks_enabled, Host/AmazonLinux/release, Host/AmazonLinux/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 6/22/2026

Vulnerability Publication Date: 6/27/2023

Reference Information

CVE: CVE-2022-50472, CVE-2022-50493, CVE-2022-50552, CVE-2023-53178, CVE-2023-53421, CVE-2025-38129, CVE-2025-38710, CVE-2025-39877, CVE-2026-23204, CVE-2026-23272, CVE-2026-23340, CVE-2026-23442, CVE-2026-31407, CVE-2026-31419, CVE-2026-31532, CVE-2026-31577, CVE-2026-31580, CVE-2026-31586, CVE-2026-31588, CVE-2026-31590, CVE-2026-31607, CVE-2026-31624, CVE-2026-31634, CVE-2026-31656, CVE-2026-31663, CVE-2026-31664, CVE-2026-31673, CVE-2026-31676, CVE-2026-31681, CVE-2026-31684, CVE-2026-31685, CVE-2026-31692, CVE-2026-31700, CVE-2026-43085, CVE-2026-43089, CVE-2026-43093, CVE-2026-43111, CVE-2026-43114, CVE-2026-43116, CVE-2026-43117, CVE-2026-43281, CVE-2026-43493, CVE-2026-43496, CVE-2026-43502, CVE-2026-45838, CVE-2026-45840, CVE-2026-45841, CVE-2026-45842, CVE-2026-45843, CVE-2026-45844, CVE-2026-45987, CVE-2026-46002, CVE-2026-46023, CVE-2026-46033, CVE-2026-46040, CVE-2026-46043, CVE-2026-46046, CVE-2026-46051, CVE-2026-46053, CVE-2026-46070, CVE-2026-46101, CVE-2026-46102, CVE-2026-46108, CVE-2026-46109, CVE-2026-46113, CVE-2026-46120, CVE-2026-46124, CVE-2026-46128, CVE-2026-46132, CVE-2026-46133, CVE-2026-46149, CVE-2026-46150, CVE-2026-46151, CVE-2026-46161, CVE-2026-46167, CVE-2026-46172, CVE-2026-46177, CVE-2026-46178, CVE-2026-46209, CVE-2026-46214, CVE-2026-46227, CVE-2026-46234, CVE-2026-46274, CVE-2026-46294, CVE-2026-46304, CVE-2026-52915, CVE-2026-52920, CVE-2026-52921, CVE-2026-52925, CVE-2026-52954, CVE-2026-52955, CVE-2026-52957, CVE-2026-52958, CVE-2026-52970, CVE-2026-52972, CVE-2026-52982, CVE-2026-52985, CVE-2026-52986, CVE-2026-52993, CVE-2026-52998, CVE-2026-52999, CVE-2026-53001, CVE-2026-53002, CVE-2026-53003, CVE-2026-53006, CVE-2026-53011, CVE-2026-53012, CVE-2026-53016, CVE-2026-53021, CVE-2026-53037, CVE-2026-53047, CVE-2026-53050, CVE-2026-53059, CVE-2026-53060, CVE-2026-53061, CVE-2026-53074, CVE-2026-53075, CVE-2026-53128