Amazon Linux 2023 Security Advisory: ALAS2023-2026-1881
Advisory Released Date: 2026-06-22
Advisory Updated Date: 2026-07-01
FAQs regarding Amazon Linux ALAS/CVE Severity
In the Linux kernel, the following vulnerability has been resolved:
fs/ntfs3: handle attr_set_size() errors when truncating files (CVE-2025-71289)
In the Linux kernel, the following vulnerability has been resolved:
smb: client: validate the whole DACL before rewriting it in cifsacl (CVE-2026-31709)
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nft_inner: Fix IPv6 inner_thoff desync (CVE-2026-46244)
In the Linux kernel, the following vulnerability has been resolved:
io_uring/waitid: clear waitid info before copying it to userspace (CVE-2026-46315)
In the Linux kernel, the following vulnerability has been resolved:
KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry (CVE-2026-46316)
In the Linux kernel, the following vulnerability has been resolved:
KVM: arm64: Reassign nested_mmus array behind mmu_lock (CVE-2026-46317)
In the Linux kernel, the following vulnerability has been resolved:
tun: free page on short-frame rejection in tun_xdp_one() (CVE-2026-46321)
In the Linux kernel, the following vulnerability has been resolved:
tun: free page on build_skb failure in tun_xdp_one() (CVE-2026-46322)
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nf_queue: hold bridge skb->dev while queued (CVE-2026-52912)
In the Linux kernel, the following vulnerability has been resolved:
netfilter: ip6t_hbh: reject oversized option lists (CVE-2026-52915)
In the Linux kernel, the following vulnerability has been resolved:
netfilter: ipset: stop hash:* range iteration at end (CVE-2026-52921)
In the Linux kernel, the following vulnerability has been resolved:
ipc: limit next_id allocation to the valid ID range (CVE-2026-52923)
In the Linux kernel, the following vulnerability has been resolved:
xfrm: ipcomp: Free destination pages on acomp errors (CVE-2026-52932)
In the Linux kernel, the following vulnerability has been resolved:
tap: fix stack info leak in tap_ioctl() SIOCGIFHWADDR (CVE-2026-52937)
In the Linux kernel, the following vulnerability has been resolved:
net: skbuff: fix missing zerocopy reference in pskb_carve helpers (CVE-2026-52943)
Affected Packages:
kernel6.18
Issue Correction:
Run dnf update kernel6.18 --releasever 2023.12.20260622 or dnf update --advisory ALAS2023-2026-1881 --releasever 2023.12.20260622 to update your system.
More information on how to update your system can be found on this page: Amazon Linux 2023 documentation
aarch64:
perf6.18-debuginfo-6.18.35-68.127.amzn2023.aarch64
bpftool6.18-6.18.35-68.127.amzn2023.aarch64
kernel6.18-tools-debuginfo-6.18.35-68.127.amzn2023.aarch64
kernel6.18-tools-devel-6.18.35-68.127.amzn2023.aarch64
bpftool6.18-debuginfo-6.18.35-68.127.amzn2023.aarch64
python3-perf6.18-debuginfo-6.18.35-68.127.amzn2023.aarch64
kernel6.18-modules-extra-common-6.18.35-68.127.amzn2023.aarch64
microvm-kernel6.18-6.18.35-68.127.amzn2023.aarch64
kernel-livepatch-6.18.35-68.127-1.0-0.amzn2023.aarch64
python3-perf6.18-6.18.35-68.127.amzn2023.aarch64
kernel6.18-tools-6.18.35-68.127.amzn2023.aarch64
kernel6.18-modules-extra-6.18.35-68.127.amzn2023.aarch64
perf6.18-6.18.35-68.127.amzn2023.aarch64
kernel6.18-headers-6.18.35-68.127.amzn2023.aarch64
kernel6.18-6.18.35-68.127.amzn2023.aarch64
kernel6.18-debuginfo-6.18.35-68.127.amzn2023.aarch64
kernel6.18-debuginfo-common-aarch64-6.18.35-68.127.amzn2023.aarch64
kernel6.18-devel-6.18.35-68.127.amzn2023.aarch64
src:
kernel6.18-6.18.35-68.127.amzn2023.src
x86_64:
kernel6.18-tools-6.18.35-68.127.amzn2023.x86_64
kernel6.18-tools-debuginfo-6.18.35-68.127.amzn2023.x86_64
microvm-kernel6.18-6.18.35-68.127.amzn2023.x86_64
bpftool6.18-debuginfo-6.18.35-68.127.amzn2023.x86_64
kernel6.18-headers-6.18.35-68.127.amzn2023.x86_64
kernel-livepatch-6.18.35-68.127-1.0-0.amzn2023.x86_64
perf6.18-debuginfo-6.18.35-68.127.amzn2023.x86_64
python3-perf6.18-debuginfo-6.18.35-68.127.amzn2023.x86_64
kernel6.18-modules-extra-6.18.35-68.127.amzn2023.x86_64
bpftool6.18-6.18.35-68.127.amzn2023.x86_64
kernel6.18-modules-extra-common-6.18.35-68.127.amzn2023.x86_64
kernel6.18-debuginfo-6.18.35-68.127.amzn2023.x86_64
kernel6.18-tools-devel-6.18.35-68.127.amzn2023.x86_64
perf6.18-6.18.35-68.127.amzn2023.x86_64
python3-perf6.18-6.18.35-68.127.amzn2023.x86_64
kernel6.18-6.18.35-68.127.amzn2023.x86_64
kernel6.18-debuginfo-common-x86_64-6.18.35-68.127.amzn2023.x86_64
kernel6.18-devel-6.18.35-68.127.amzn2023.x86_64
2026-07-01: CVE-2026-52923 was added to this advisory.
2026-07-01: CVE-2026-52912 was added to this advisory.
2026-07-01: CVE-2026-52932 was added to this advisory.
2026-07-01: CVE-2026-46316 was added to this advisory.
2026-07-01: CVE-2026-52937 was added to this advisory.
2026-07-01: CVE-2025-71289 was added to this advisory.
2026-07-01: CVE-2026-52915 was added to this advisory.
2026-07-01: CVE-2026-52921 was added to this advisory.
2026-07-01: CVE-2026-46321 was added to this advisory.
2026-07-01: CVE-2026-46315 was added to this advisory.
2026-07-01: CVE-2026-46317 was added to this advisory.
2026-07-01: CVE-2026-46244 was added to this advisory.
2026-07-01: CVE-2026-46322 was added to this advisory.
2026-07-01: CVE-2026-52943 was added to this advisory.