Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.10-2026-124 (ALASKERNEL-5.10-2026-124)

high Nessus Plugin ID 325574

Synopsis

The remote Amazon Linux 2 host is missing a security update.

Description

The version of kernel installed on the remote host is prior to 5.10.259-258.1043. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2026-124 advisory.

In the Linux kernel, the following vulnerability has been resolved:

net/sched: teql: Fix double-free in teql_master_xmit (CVE-2026-23449)

In the Linux kernel, the following vulnerability has been resolved:

ext4: validate p_idx bounds in ext4_ext_correct_indexes (CVE-2026-31449)

In the Linux kernel, the following vulnerability has been resolved:

smb: client: fix OOB read in smb2_ioctl_query_info QUERY_INFO path (CVE-2026-31708)

In the Linux kernel, the following vulnerability has been resolved:

smb: client: require a full NFS mode SID before reading mode bits (CVE-2026-43350)

In the Linux kernel, the following vulnerability has been resolved:

lib/crypto: mpi: Fix integer underflow in mpi_read_raw_from_sgl() (CVE-2026-43492)

In the Linux kernel, the following vulnerability has been resolved:

ipvs: skip ipv6 extension headers for csum checks (CVE-2026-45850)

In the Linux kernel, the following vulnerability has been resolved:

thermal: core: Fix thermal zone governor cleanup issues (CVE-2026-46021)

In the Linux kernel, the following vulnerability has been resolved:

ceph: only d_add() negative dentries when they are unhashed (CVE-2026-46052)

In the Linux kernel, the following vulnerability has been resolved:

net: bridge: use a stable FDB dst snapshot in RCU readers (CVE-2026-46086)

In the Linux kernel, the following vulnerability has been resolved:

dm-thin: fix metadata refcount underflow (CVE-2026-46107)

In the Linux kernel, the following vulnerability has been resolved:

mptcp: pm: ADD_ADDR rtx: fix potential data-race (CVE-2026-46137)

In the Linux kernel, the following vulnerability has been resolved:

btrfs: fix btrfs_ioctl_space_info() slot_count TOCTOU which can lead to info-leak (CVE-2026-46159)

In the Linux kernel, the following vulnerability has been resolved:

btrfs: fix missing last_unlink_trans update when removing a directory (CVE-2026-46160)

In the Linux kernel, the following vulnerability has been resolved:

hfsplus: fix uninit-value by validating catalog record size (CVE-2026-46169)

In the Linux kernel, the following vulnerability has been resolved:

fbcon: Avoid OOB font access if console rotation fails (CVE-2026-46191)

In the Linux kernel, the following vulnerability has been resolved:

tracepoint: balance regfunc() on func_add() failure in tracepoint_add_func() (CVE-2026-46196)

In the Linux kernel, the following vulnerability has been resolved:

pmdomain: core: Fix detach procedure for virtual devices in genpd (CVE-2026-46292)

In the Linux kernel, the following vulnerability has been resolved:

hfsplus: fix held lock freed on hfsplus_fill_super() (CVE-2026-46299)

In the Linux kernel, the following vulnerability has been resolved:

tap: free page on error paths in tap_get_user_xdp() (CVE-2026-46320)

In the Linux kernel, the following vulnerability has been resolved:

tun: free page on build_skb failure in tun_xdp_one() (CVE-2026-46322)

In the Linux kernel, the following vulnerability has been resolved:

bpf: Free reuseport cBPF prog after RCU grace period. (CVE-2026-52910)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nf_queue: hold bridge skb->dev while queued (CVE-2026-52912)

In the Linux kernel, the following vulnerability has been resolved:

ipc: limit next_id allocation to the valid ID range (CVE-2026-52923)

In the Linux kernel, the following vulnerability has been resolved:

sctp: purge outqueue on stale COOKIE-ECHO handling (CVE-2026-52924)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: ebtables: fix OOB read in compat_mtw_from_user (CVE-2026-52927)

In the Linux kernel, the following vulnerability has been resolved:

sctp: stream: fully roll back denied add-stream state (CVE-2026-52929)

In the Linux kernel, the following vulnerability has been resolved:

ipc/shm: serialize orphan cleanup with shm_nattch updates (CVE-2026-52930)

In the Linux kernel, the following vulnerability has been resolved:

net: skbuff: fix missing zerocopy reference in pskb_carve helpers (CVE-2026-52943)

In the Linux kernel, the following vulnerability has been resolved:

fs/fcntl: fix SOFTIRQ-unsafe lock order in fasync signaling (CVE-2026-52946)

In the Linux kernel, the following vulnerability has been resolved:

i2c: dev: prevent integer overflow in I2C_TIMEOUT ioctl (CVE-2026-52948)

In the Linux kernel, the following vulnerability has been resolved:

net/sched: cls_fw: fix NULL dereference of old filters before change() (CVE-2026-53080)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nft_fib: fix stale stack leak via the OIFNAME register (CVE-2026-53134)

In the Linux kernel, the following vulnerability has been resolved:

fuse: reject fuse_notify() pagecache ops on directories (CVE-2026-53168)

In the Linux kernel, the following vulnerability has been resolved:

IB/isert: Reject login PDUs shorter than ISER_HEADERS_LEN (CVE-2026-53176)

In the Linux kernel, the following vulnerability has been resolved:

RDMA/srp: bound SRP_RSP sense copy by the received length (CVE-2026-53186)

In the Linux kernel, the following vulnerability has been resolved:

mm/huge_memory: update file PMD counter before folio_put() (CVE-2026-53189)

In the Linux kernel, the following vulnerability has been resolved:

USB: serial: kl5kusb105: fix bulk-out buffer overflow (CVE-2026-53194)

In the Linux kernel, the following vulnerability has been resolved:

USB: serial: io_ti: fix heap overflow in build_i2c_fw_hdr() (CVE-2026-53195)

In the Linux kernel, the following vulnerability has been resolved:

USB: serial: io_ti: fix heap overflow in get_manuf_info() (CVE-2026-53196)

In the Linux kernel, the following vulnerability has been resolved:

hv_netvsc: use kmap_local_page in netvsc_copy_to_send_buf (CVE-2026-53199)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nft_tunnel: fix use-after-free on object destroy (CVE-2026-53212)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nft_exthdr: fix register tracking for F_PRESENT flag (CVE-2026-53218)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: x_tables: avoid leaking percpu counter pointers (CVE-2026-53219)

In the Linux kernel, the following vulnerability has been resolved:

ip6_vti: fix incorrect tunnel matching in vti6_tnl_lookup() (CVE-2026-53221)

In the Linux kernel, the following vulnerability has been resolved:

sctp: fix uninit-value in __sctp_rcv_asconf_lookup() (CVE-2026-53225)

In the Linux kernel, the following vulnerability has been resolved:

net: openvswitch: fix possible kfree_skb of ERR_PTR (CVE-2026-53227)

In the Linux kernel, the following vulnerability has been resolved:

ipv6: sit: reload inner IPv6 header after GSO offloads (CVE-2026-53228)

In the Linux kernel, the following vulnerability has been resolved:

netlabel: validate unlabeled address and mask attribute lengths (CVE-2026-53238)

In the Linux kernel, the following vulnerability has been resolved:

xfrm: policy: fix use-after-free on inexact bin in xfrm_policy_bysel_ctx() (CVE-2026-53239)

In the Linux kernel, the following vulnerability has been resolved:

net/802/mrp: fix vector attribute parsing in mrp_pdu_parse_vecattr (CVE-2026-53245)

In the Linux kernel, the following vulnerability has been resolved:

ipv4: restrict IPOPT_SSRR and IPOPT_LSRR options (CVE-2026-53249)

In the Linux kernel, the following vulnerability has been resolved:

net/sched: act_api: use RCU with deferred freeing for action lifecycle (CVE-2026-53264)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: conntrack_irc: fix possible out-of-bounds read (CVE-2026-53268)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: synproxy: add mutex to guard hook reference counting (CVE-2026-53269)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Run 'yum update kernel' or or 'yum update --advisory ALAS2KERNEL-5.10-2026-124' to update your system.

See Also

https://alas.aws.amazon.com//AL2/ALAS2KERNEL-5.10-2026-124.html

https://alas.aws.amazon.com/faqs.html

https://explore.alas.aws.amazon.com/CVE-2026-23449.html

https://explore.alas.aws.amazon.com/CVE-2026-31449.html

https://explore.alas.aws.amazon.com/CVE-2026-31708.html

https://explore.alas.aws.amazon.com/CVE-2026-43350.html

https://explore.alas.aws.amazon.com/CVE-2026-43492.html

https://explore.alas.aws.amazon.com/CVE-2026-45850.html

https://explore.alas.aws.amazon.com/CVE-2026-46021.html

https://explore.alas.aws.amazon.com/CVE-2026-46052.html

https://explore.alas.aws.amazon.com/CVE-2026-46086.html

https://explore.alas.aws.amazon.com/CVE-2026-46107.html

https://explore.alas.aws.amazon.com/CVE-2026-46137.html

https://explore.alas.aws.amazon.com/CVE-2026-46159.html

https://explore.alas.aws.amazon.com/CVE-2026-46160.html

https://explore.alas.aws.amazon.com/CVE-2026-46169.html

https://explore.alas.aws.amazon.com/CVE-2026-46191.html

https://explore.alas.aws.amazon.com/CVE-2026-46196.html

https://explore.alas.aws.amazon.com/CVE-2026-46292.html

https://explore.alas.aws.amazon.com/CVE-2026-46299.html

https://explore.alas.aws.amazon.com/CVE-2026-46320.html

https://explore.alas.aws.amazon.com/CVE-2026-46322.html

https://explore.alas.aws.amazon.com/CVE-2026-52910.html

https://explore.alas.aws.amazon.com/CVE-2026-52912.html

https://explore.alas.aws.amazon.com/CVE-2026-52923.html

https://explore.alas.aws.amazon.com/CVE-2026-52924.html

https://explore.alas.aws.amazon.com/CVE-2026-52927.html

https://explore.alas.aws.amazon.com/CVE-2026-52929.html

https://explore.alas.aws.amazon.com/CVE-2026-52930.html

https://explore.alas.aws.amazon.com/CVE-2026-52943.html

https://explore.alas.aws.amazon.com/CVE-2026-52946.html

https://explore.alas.aws.amazon.com/CVE-2026-52948.html

https://explore.alas.aws.amazon.com/CVE-2026-53080.html

https://explore.alas.aws.amazon.com/CVE-2026-53134.html

https://explore.alas.aws.amazon.com/CVE-2026-53168.html

https://explore.alas.aws.amazon.com/CVE-2026-53176.html

https://explore.alas.aws.amazon.com/CVE-2026-53186.html

https://explore.alas.aws.amazon.com/CVE-2026-53189.html

https://explore.alas.aws.amazon.com/CVE-2026-53194.html

https://explore.alas.aws.amazon.com/CVE-2026-53195.html

https://explore.alas.aws.amazon.com/CVE-2026-53196.html

https://explore.alas.aws.amazon.com/CVE-2026-53199.html

https://explore.alas.aws.amazon.com/CVE-2026-53212.html

https://explore.alas.aws.amazon.com/CVE-2026-53218.html

https://explore.alas.aws.amazon.com/CVE-2026-53219.html

https://explore.alas.aws.amazon.com/CVE-2026-53221.html

https://explore.alas.aws.amazon.com/CVE-2026-53225.html

https://explore.alas.aws.amazon.com/CVE-2026-53227.html

https://explore.alas.aws.amazon.com/CVE-2026-53228.html

https://explore.alas.aws.amazon.com/CVE-2026-53238.html

https://explore.alas.aws.amazon.com/CVE-2026-53239.html

https://explore.alas.aws.amazon.com/CVE-2026-53245.html

https://explore.alas.aws.amazon.com/CVE-2026-53249.html

https://explore.alas.aws.amazon.com/CVE-2026-53264.html

https://explore.alas.aws.amazon.com/CVE-2026-53268.html

https://explore.alas.aws.amazon.com/CVE-2026-53269.html

Plugin Details

Severity: High

ID: 325574

File Name: al2_ALASKERNEL-5_10-2026-124.nasl

Version: 1.1

Type: Local

Agent: unix

Published: 7/8/2026

Updated: 7/8/2026

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Nessus Agent, Tenable Cloud Security, Tenable Self-Hosted Container Security, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.6

Percentile: 98.46

CVSS v2

Risk Factor: High

Base Score: 7.2

Temporal Score: 5.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2026-53196

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 7

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

CVSS Score Source: CVE-2026-53195

Vulnerability Information

CPE: p-cpe:/a:amazon:linux:perf, p-cpe:/a:amazon:linux:bpftool, p-cpe:/a:amazon:linux:perf-debuginfo, p-cpe:/a:amazon:linux:kernel-tools-debuginfo, p-cpe:/a:amazon:linux:kernel-debuginfo-common-aarch64, p-cpe:/a:amazon:linux:kernel-tools, p-cpe:/a:amazon:linux:kernel-devel, p-cpe:/a:amazon:linux:python-perf-debuginfo, p-cpe:/a:amazon:linux:kernel, p-cpe:/a:amazon:linux:kernel-debuginfo, p-cpe:/a:amazon:linux:kernel-headers, p-cpe:/a:amazon:linux:kernel-livepatch-5.10.259-258.1043, cpe:/o:amazon:linux:2, p-cpe:/a:amazon:linux:bpftool-debuginfo, p-cpe:/a:amazon:linux:kernel-tools-devel, p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64, p-cpe:/a:amazon:linux:python-perf

Required KB Items: Host/local_checks_enabled, Host/AmazonLinux/release, Host/AmazonLinux/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 7/8/2026

Vulnerability Publication Date: 4/3/2026

Reference Information

CVE: CVE-2026-23449, CVE-2026-31449, CVE-2026-31708, CVE-2026-43350, CVE-2026-43492, CVE-2026-45850, CVE-2026-46021, CVE-2026-46052, CVE-2026-46086, CVE-2026-46107, CVE-2026-46137, CVE-2026-46159, CVE-2026-46160, CVE-2026-46169, CVE-2026-46191, CVE-2026-46196, CVE-2026-46292, CVE-2026-46299, CVE-2026-46320, CVE-2026-46322, CVE-2026-52910, CVE-2026-52912, CVE-2026-52923, CVE-2026-52924, CVE-2026-52927, CVE-2026-52929, CVE-2026-52930, CVE-2026-52943, CVE-2026-52946, CVE-2026-52948, CVE-2026-53080, CVE-2026-53134, CVE-2026-53168, CVE-2026-53176, CVE-2026-53186, CVE-2026-53189, CVE-2026-53194, CVE-2026-53195, CVE-2026-53196, CVE-2026-53199, CVE-2026-53212, CVE-2026-53218, CVE-2026-53219, CVE-2026-53221, CVE-2026-53225, CVE-2026-53227, CVE-2026-53228, CVE-2026-53238, CVE-2026-53239, CVE-2026-53245, CVE-2026-53249, CVE-2026-53264, CVE-2026-53268, CVE-2026-53269