Amazon Linux 2 内核 --advisory ALAS2KERNEL-5。10-2026-114 (ALASKERNEL-5.10-2026-114)
high Nessus 插件 ID 303103
语言:
简介
远程 Amazon Linux 2 主机缺少安全更新。描述
远程主机上安装的内核版本低于 5.10.251-248.983。因此,会受到 ALAS2KERNEL-5.10-2026-114 公告中提及的多个漏洞影响。在 Linux 内核中,以下漏洞已修复:
HIDuclogic修正 hidinput input_dev 名称的 devm 设备引用 (CVE-2023-54207)
在 Linux 内核中,以下漏洞已修复:
driver 核心修复 device_add() 中潜在的 null-ptr-deref (CVE-2023-54321)
在 Linux 内核中,以下漏洞已修复:
bpf拒绝对指针 ctx 字段更窄的访问权限 (CVE-2025-38591)
在 Linux 内核中,以下漏洞已修复:
ksm使用 range-walk 函数跳过 scan_get_next_rmap_item 中的漏洞 (CVE-2025-68211)
在 Linux 内核中,以下漏洞已修复:
bpf不要让 BPF 测试基础设施向堆栈发出无效 GSO 类型CVE-2025-68725]
在 Linux 内核中,以下漏洞已修复:
btrfs修复 wait_current_trans() 中由于忽略事务类型导致的死锁 (CVE-2025-71194)
在 Linux 内核中,以下漏洞已修复:scsi: qla2xxx: Free sp in error path to fix system crash System crash seen during load/unload test in a loop, [61110.449331] qla2xxx [0000:27:00.0]-0042:0: Disabled MSI-X. [61110.467494] ============================================================================= [61110.467498] BUG qla2xxx_srbs (Tainted: G OE -------- --- ): Objects remaining in qla2xxx_srbs on __kmem_cache_shutdown() [61110.467501] ----------------------------------------------------------------------------- [61110.467502] Slab 0x000000000ffc8162 objects=51 used=1 fp=0x00000000e25d3d85 flags=0x57ffffc0010200(slab|head|node=1|zone=2|lastcpupid=0x1fffff) [61110.467509] CPU: 53 PID: 455206 Comm: rmmod Kdump: loaded Tainted: G OE -------- --- 5.14.0-284.11.1.el9_2.x86_64 #1 [61110.467513] Hardware name: HPE ProLiant DL385 Gen10 Plus v2/ProLiant DL385 Gen10 Plus v2, BIOS A42 08/17/2023 [61110.467515] Call Trace: [61110.467516] <TASK> [61110.467519] dump_stack_lvl+0x34/0x48 [61110.467526] slab_err.cold+0x53/0x67 [61110.467534] __kmem_cache_shutdown+0x16e/0x320 [61110.467540] kmem_cache_destroy+0x51/0x160 [61110.467544] qla2x00_module_exit+0x93/0x99 [qla2xxx] [61110.467607] ?
__do_sys_delete_module.constprop.0+0x178/0x280 [61110.467613] ? syscall_trace_enter.constprop.0+0x145/0x1d0 [61110.467616] ? do_syscall_64+0x5c/0x90 [61110.467619] ? exc_page_fault+0x62/0x150 [61110.467622] ? entry_SYSCALL_64_after_hwframe+0x63/0xcd [61110.467626] </TASK> [61110.467627] Disabling lock debugging due to kernel taint [61110.467635] Object 0x0000000026f7e6e6 @offset=16000 [61110.467639] ------------[ cut here ]------------ [61110.467639] kmem_cache_destroy qla2xxx_srbs: Slab cache still has objects when called from qla2x00_module_exit+0x93/0x99 [qla2xxx] [61110.467659] WARNING: CPU: 53 PID: 455206 at mm/slab_common.c:520 kmem_cache_destroy+0x14d/0x160 [61110.467718] CPU: 53 PID: 455206 Comm: rmmod Kdump: loaded Tainted: G B OE -------- --- 5.14.0-284.11.1.el9_2.x86_64 #1 [61110.467720] Hardware name: HPE ProLiant DL385 Gen10 Plus v2/ProLiant DL385 Gen10 Plus v2, BIOS A42 08/17/2023 [61110.467721] RIP: 0010:kmem_cache_destroy+0x14d/0x160 [61110.467724] Code: 99 7d 07 00 48 89 ef e8 e1 6a 07 00 eb b3 48 8b 55 60 48 8b 4c 24 20 48 c7 c6 70 fc 66 90 48 c7 c7 f8 ef a1 90 e8 e1 ed 7c 00 <0f> 0b eb 93 c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 55 48 89 [61110.467725] RSP: 0018:ffffa304e489fe80 EFLAGS: 00010282 [61110.467727] RAX: 0000000000000000 RBX:
ffffffffc0d9a860 RCX: 0000000000000027 [61110.467729] RDX: ffff8fd5ff9598a8 RSI: 0000000000000001 RDI:
ffff8fd5ff9598a0 [61110.467730] RBP: ffff8fb6aaf78700 R08: 0000000000000000 R09: 0000000100d863b7 [61110.467731] R10: ffffa304e489fd20 R11: ffffffff913bef48 R12: 0000000040002000 [61110.467731] R13:
0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [61110.467733] FS: 00007f64c89fb740(0000) GS:ffff8fd5ff940000(0000) knlGS:0000000000000000 [61110.467734] CS: 0010 DS: 0000 ES: 0000 CR0:
0000000080050033 [61110.467735] CR2: 00007f0f02bfe000 CR3: 00000020ad6dc005 CR4: 0000000000770ee0 [61110.467736] PKRU: 55555554 [61110.467737] Call Trace: [61110.467738] <TASK> [61110.467739] qla2x00_module_exit+0x93/0x99 [qla2xxx] [61110.467755] ? __do_sys_delete_module.constprop.0+0x178/0x280 Free sp in the error path to fix the crash. (CVE-2025-71232)
在 Linux 内核中,以下漏洞已修复:scsi: qla2xxx: Delay module unload while fabric scan in progress System crash seen during load/unload test in a loop. [105954.384919] RBP:
ffff914589838dc0 R08: 0000000000000000 R09: 0000000000000086 [105954.384920] R10: 000000000000000f R11:
ffffa31240904be5 R12: ffff914605f868e0 [105954.384921] R13: ffff914605f86910 R14: 0000000000008010 R15:
00000000ddb7c000 [105954.384923] FS: 0000000000000000(0000) GS:ffff9163fec40000(0000) knlGS:0000000000000000 [105954.384925] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [105954.384926] CR2: 000055d31ce1d6a0 CR3: 0000000119f5e001 CR4: 0000000000770ee0 [105954.384928] PKRU: 55555554 [105954.384929] Call Trace: [105954.384931] <IRQ> [105954.384934] qla24xx_sp_unmap+0x1f3/0x2a0 [qla2xxx] [105954.384962] ? qla_async_scan_sp_done+0x114/0x1f0 [qla2xxx] [105954.384980] ? qla24xx_els_ct_entry+0x4de/0x760 [qla2xxx] [105954.384999] ? __wake_up_common+0x80/0x190 [105954.385004] ? qla24xx_process_response_queue+0xc2/0xaa0 [qla2xxx] [105954.385023] ? qla24xx_msix_rsp_q+0x44/0xb0 [qla2xxx] [105954.385040] ? __handle_irq_event_percpu+0x3d/0x190 [105954.385044] ? handle_irq_event+0x58/0xb0 [105954.385046] ? handle_edge_irq+0x93/0x240 [105954.385050] ?
__common_interrupt+0x41/0xa0 [105954.385055] ? common_interrupt+0x3e/0xa0 [105954.385060] ? asm_common_interrupt+0x22/0x40 The root cause of this was that there was a free (dma_free_attrs) in the interrupt context. There was a device discovery/fabric scan in progress. A module unload was issued which set the UNLOADING flag. As part of the discovery, after receiving an interrupt a work queue was scheduled (which involved a work to be queued). Since the UNLOADING flag is set, the work item was not allocated and the mapped memory had to be freed. The free occurred in interrupt context leading to system crash. Delay the driver unload until the fabric scan is complete to avoid the crash. (CVE-2025-71235)
在 Linux 内核中,以下漏洞已修复:scsi: qla2xxx: Validate sp before freeing associated memory System crash with the following signature [154563.214890] nvme nvme2: NVME-FC{1}: controller connect complete [154564.169363] qla2xxx [0000:b0:00.1]-3002:2: nvme: Sched: Set ZIO exchange threshold to 3. [154564.169405] qla2xxx [0000:b0:00.1]-ffffff:2: SET ZIO Activity exchange threshold to 5. [154565.539974] qla2xxx [0000:b0:00.1]-5013:2: RSCN database changed - 0078 0080 0000.
[154565.545744] qla2xxx [0000:b0:00.1]-5013:2: RSCN database changed - 0078 00a0 0000. [154565.545857] qla2xxx [0000:b0:00.1]-11a2:2: FEC=enabled (data rate). [154565.552760] qla2xxx [0000:b0:00.1]-11a2:2:
FEC=enabled (data rate). [154565.553079] BUG: kernel NULL pointer dereference, address: 00000000000000f8 [154565.553080] #PF: supervisor read access in kernel mode [154565.553082] #PF: error_code(0x0000) - not-present page [154565.553084] PGD 80000010488ab067 P4D 80000010488ab067 PUD 104978a067 PMD 0 [154565.553089] Oops: 0000 1 PREEMPT SMP PTI [154565.553092] CPU: 10 PID: 858 Comm: qla2xxx_2_dpc Kdump:
loaded Tainted: G OE ------- --- 5.14.0-503.11.1.el9_5.x86_64 #1 [154565.553096] Hardware name: HPE Synergy 660 Gen10/Synergy 660 Gen10 Compute Module, BIOS I43 09/30/2024 [154565.553097] RIP:
0010:qla_fab_async_scan.part.0+0x40b/0x870 [qla2xxx] [154565.553141] Code: 00 00 e8 58 a3 ec d4 49 89 e9 ba 12 20 00 00 4c 89 e6 49 c7 c0 00 ee a8 c0 48 c7 c1 66 c0 a9 c0 bf 00 80 00 10 e8 15 69 00 00 <4c> 8b 8d f8 00 00 00 4d 85 c9 74 35 49 8b 84 24 00 19 00 00 48 8b [154565.553143] RSP: 0018:ffffb4dbc8aebdd0 EFLAGS: 00010286 [154565.553145] RAX: 0000000000000000 RBX: ffff8ec2cf0908d0 RCX: 0000000000000002 [154565.553147] RDX: 0000000000000000 RSI: ffffffffc0a9c896 RDI: ffffb4dbc8aebd47 [154565.553148] RBP:
0000000000000000 R08: ffffb4dbc8aebd45 R09: 0000000000ffff0a [154565.553150] R10: 0000000000000000 R11:
000000000000000f R12: ffff8ec2cf0908d0 [154565.553151] R13: ffff8ec2cf090900 R14: 0000000000000102 R15:
ffff8ec2cf084000 [154565.553152] FS: 0000000000000000(0000) GS:ffff8ed27f800000(0000) knlGS:0000000000000000 [154565.553154] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [154565.553155] CR2: 00000000000000f8 CR3: 000000113ae0a005 CR4: 00000000007706f0 [154565.553157] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [154565.553158] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [154565.553159] PKRU: 55555554 [154565.553160] Call Trace: [154565.553162] <TASK> [154565.553165] ? show_trace_log_lvl+0x1c4/0x2df [154565.553172] ? show_trace_log_lvl+0x1c4/0x2df [154565.553177] ? qla_fab_async_scan.part.0+0x40b/0x870 [qla2xxx] [154565.553215] ?
__die_body.cold+0x8/0xd [154565.553218] ? page_fault_oops+0x134/0x170 [154565.553223] ? snprintf+0x49/0x70 [154565.553229] ? exc_page_fault+0x62/0x150 [154565.553238] ? asm_exc_page_fault+0x22/0x30 Check for sp being non NULL before freeing any associated memory (CVE-2025-71236)
在 Linux 内核中,以下漏洞已修复:nilfs2: Fix potential block overflow that cause system hang When a user executes the FITRIM command, an underflow can occur when calculating nblocks if end_block is too small. Since nblocks is of type sector_t, which is u64, a negative nblocks value will become a very large positive integer. This ultimately leads to the block layer function
__blkdev_issue_discard() taking an excessively long time to process the bio chain, and the ns_segctor_sem lock remains held for a long period. This prevents other tasks from acquiring the ns_segctor_sem lock, resulting in the hang reported by syzbot in [1]. If the ending block is too small, typically if it is smaller than 4KiB range, depending on the usage of the segment 0, it may be possible to attempt a discard request beyond the device size causing the hang. Exiting successfully and assign the discarded size (0 in this case) to range->len. Although the start and len values in the user input range are too small, a conservative strategy is adopted here to safely ignore them, which is equivalent to a no-op; it will not perform any trimming and will not throw an error. [1] task:segctord state:D stack:28968 pid:6093 tgid:6093 ppid:2 task_flags:0x200040 flags:0x00080000 Call Trace: rwbase_write_lock+0x3dd/0x750 kernel/locking/rwbase_rt.c:272 nilfs_transaction_lock+0x253/0x4c0 fs/nilfs2/segment.c:357 nilfs_segctor_thread_construct fs/nilfs2/segment.c:2569 [inline] nilfs_segctor_thread+0x6ec/0xe00 fs/nilfs2/segment.c:2684 [ryusuke: corrected part of the commit message about the consequences] (CVE-2025-71237)
在 Linux 内核中,以下漏洞已修复:scsi: qla2xxx: Fix bsg_done() causing double free Kernel panic observed on system, [5353358.825191] BUG: unable to handle page fault for address: ff5f5e897b024000 [5353358.825194] #PF: supervisor write access in kernel mode [5353358.825195] #PF: error_code(0x0002) - not-present page [5353358.825196] PGD 100006067 P4D 0 [5353358.825198] Oops:
0002 [#1] PREEMPT SMP NOPTI [5353358.825200] CPU: 5 PID: 2132085 Comm: qlafwupdate.sub Kdump: loaded Tainted: G W L ------- --- 5.14.0-503.34.1.el9_5.x86_64 #1 [5353358.825203] Hardware name: HPE ProLiant DL360 Gen11/ProLiant DL360 Gen11, BIOS 2.44 01/17/2025 [5353358.825204] RIP: 0010:memcpy_erms+0x6/0x10 [5353358.825211] RSP: 0018:ff591da8f4f6b710 EFLAGS: 00010246 [5353358.825212] RAX: ff5f5e897b024000 RBX:
0000000000007090 RCX: 0000000000001000 [5353358.825213] RDX: 0000000000001000 RSI: ff591da8f4fed090 RDI:
ff5f5e897b024000 [5353358.825214] RBP: 0000000000010000 R08: ff5f5e897b024000 R09: 0000000000000000 [5353358.825215] R10: ff46cf8c40517000 R11: 0000000000000001 R12: 0000000000008090 [5353358.825216] R13:
ff591da8f4f6b720 R14: 0000000000001000 R15: 0000000000000000 [5353358.825218] FS: 00007f1e88d47740(0000) GS:ff46cf935f940000(0000) knlGS:0000000000000000 [5353358.825219] CS: 0010 DS: 0000 ES: 0000 CR0:
0000000080050033 [5353358.825220] CR2: ff5f5e897b024000 CR3: 0000000231532004 CR4: 0000000000771ef0 [5353358.825221] PKRU: 55555554 [5353358.825222] Call Trace: [5353358.825223] <TASK> [5353358.825224] ? show_trace_log_lvl+0x1c4/0x2df [5353358.825229] ? show_trace_log_lvl+0x1c4/0x2df [5353358.825232] ? sg_copy_buffer+0xc8/0x110 [5353358.825236] ? __die_body.cold+0x8/0xd [5353358.825238] ? page_fault_oops+0x134/0x170 [5353358.825242] ? kernelmode_fixup_or_oops+0x84/0x110 [5353358.825244] ? exc_page_fault+0xa8/0x150 [5353358.825247] ? asm_exc_page_fault+0x22/0x30 [5353358.825252] ? memcpy_erms+0x6/0x10 [5353358.825253] sg_copy_buffer+0xc8/0x110 [5353358.825259] qla2x00_process_vendor_specific+0x652/0x1320 [qla2xxx] [5353358.825317] qla24xx_bsg_request+0x1b2/0x2d0 [qla2xxx] Most routines in qla_bsg.c call bsg_done() only for success cases. However a few invoke it for failure case as well leading to a double free. Validate before calling bsg_done(). (CVE-2025-71238)
在 Linux 内核中,以下漏洞已修复:
net/schedsch_qfq不释放 qfq_change_class() 中的现有类 (CVE-2026-22999)
在 Linux 内核中,以下漏洞已修复:
macvlan修复 macvlan_forward_source() 中可能的 UAF (CVE-2026-23001)
在 Linux 内核中,以下漏洞已修复:
ip6_tunnel在 __ip6_tnl_rcv() 中使用 skb_vlan_inet_prepare() (CVE-2026-23003)
在 Linux 内核中,以下漏洞已修复:
ipv4ip_gre增强 ipgre_header()CVE-2026-23011
在 Linux 内核中,以下漏洞已修复:
pnfs/flexfiles修复 nfs4_ff_alloc_deviceid_node() 中的内存泄漏 (CVE-2026-23038)
在 Linux 内核中,以下漏洞已修复:
cryptoauthencesn - 拒绝过短的 AAD (assoclen<8) 以匹配 ESP/ESN 规范CVE-2026-23060]
在 Linux 内核中,以下漏洞已修复:
regmap修复 hwspinlock irqsave 例程中的争用条件 (CVE-2026-23071)
在 Linux 内核中,以下漏洞已修复:
net/sched强制 teql 只能用作根 qdisc (CVE-2026-23074)
在 Linux 内核中,以下漏洞已修复:
fou不允许 FOU_ATTR_IPPROTO 设置为 0。 (CVE-2026-23083)
在 Linux 内核中,以下漏洞已修复:
irqchip/gic-v3-its避免截断内存地址 (CVE-2026-23085)
在 Linux 内核中,以下漏洞已修复:
gue修复内部 IP 协议 0 的 skb 内存泄漏。(CVE-2026-23095
在 Linux 内核中,以下漏洞已修复:
migrate修正 hugetlb 文件作品集的锁定顺序 (CVE-2026-23097)
在 Linux 内核中,以下漏洞已修复:
ledsled-class仅在完全就绪时将 LED 添加到 leds_list (CVE-2026-23101)
在 Linux 内核中,以下漏洞已修复:
ipvlan使 addrs_lock 针对每个端口 (CVE-2026-23103)
在 Linux 内核中,以下漏洞已修复:
net/schedqfq使用 cl_is_active 确定类在 qfq_rm_from_ag 中是否处于活动状态 (CVE-2026-23105)
在 Linux 内核中,以下漏洞已修复:
scsicore最终完成相互争用时唤醒错误处理程序 (CVE-2026-23110)
在 Linux 内核中,以下漏洞已修复:
bonding提供指向 __skb_flow_dissect() 的网络指针 (CVE-2026-23119)
在 Linux 内核中,以下漏洞已修复:
sctp将 SCTP_CMD_ASSOC_SHKEY 移动到 SCTP_CMD_PEER_INIT 之后向右 (CVE-2026-23125)
在 Linux 内核中,以下漏洞已修复:
ext4修复 ext4_xattr_inode_update_ref 中的 iloc.bh 泄漏 (CVE-2026-23145)
在 Linux 内核中,以下漏洞已修复:
rocker修复 rocker_world_port_post_fini() 中的内存泄漏 (CVE-2026-23164)
在 Linux 内核中,以下漏洞已修复:
scsitargetiscsi修复 iscsit_dec_session_usage_count() 中的释放后使用 (CVE-2026-23193)
在 Linux 内核中,以下漏洞已修复:
KVM取消分配 irqfd 时不破坏 irqfd 路由类型 (CVE-2026-23198)
在 Linux 内核中,以下漏洞已修复:
macvlan修复 macvlan_common_newlink() 中的错误恢复 (CVE-2026-23209)
在 Linux 内核中,以下漏洞已修复:
scsitargetiscsi修复 iscsit_dec_conn_usage_count() 中的释放后使用 (CVE-2026-23216)
在 Linux 内核中,以下漏洞已修复:crypto: virtio - Add spinlock protection with virtqueue notification When VM boots with one virtio-crypto PCI device and builtin backend, run openssl benchmark command with multiple processes, such as openssl speed -evp aes-128-cbc
-engine afalg -seconds 10 -multi 32 openssl processes will hangup and there is error reported like this:
virtio_crypto virtio0: dataq.0:id 3 is not a head! It seems that the data virtqueue need protection when it is handled for virtio done notification. If the spinlock protection is added in virtcrypto_done_task(), openssl benchmark with multiple processes works well. (CVE-2026-23229)
在 Linux 内核中,以下漏洞已修复:romfs: check sb_set_blocksize() return value romfs_fill_super() ignores the return value of sb_set_blocksize(), which can fail if the requested block size is incompatible with the block device's configuration. This can be triggered by setting a loop device's block size larger than PAGE_SIZE using ioctl(LOOP_SET_BLOCK_SIZE, 32768), then mounting a romfs filesystem on that device. When sb_set_blocksize(sb, ROMBSIZE) is called with ROMBSIZE=4096 but the device has logical_block_size=32768, bdev_validate_blocksize() fails because the requested size is smaller than the device's logical block size. sb_set_blocksize() returns 0 (failure), but romfs ignores this and continues mounting. The superblock's block size remains at the device's logical block size (32768). Later, when sb_bread() attempts I/O with this oversized block size, it triggers a kernel BUG in folio_set_bh():
kernel BUG at fs/buffer.c:1582! BUG_ON(size > PAGE_SIZE); Fix by checking the return value of sb_set_blocksize() and failing the mount with -EINVAL if it returns 0. (CVE-2026-23238)
Tenable 已直接从测试产品的安全公告中提取上述描述块。
请注意,Nessus 尚未测试这些问题,而是只依据应用程序自我报告的版本号进行判断。
解决方案
运行“yum update kernel”或“yum update --advisory ALAS2KERNEL-5.10-2026-114“ 以更新系统。另见
https://alas.aws.amazon.com//AL2/ALAS2KERNEL-5.10-2026-114.html
https://alas.aws.amazon.com/faqs.html
https://explore.alas.aws.amazon.com/CVE-2023-54207.html
https://explore.alas.aws.amazon.com/CVE-2023-54321.html
https://explore.alas.aws.amazon.com/CVE-2025-38591.html
https://explore.alas.aws.amazon.com/CVE-2025-68211.html
https://explore.alas.aws.amazon.com/CVE-2025-68725.html
https://explore.alas.aws.amazon.com/CVE-2025-71194.html
https://explore.alas.aws.amazon.com/CVE-2025-71232.html
https://explore.alas.aws.amazon.com/CVE-2025-71235.html
https://explore.alas.aws.amazon.com/CVE-2025-71236.html
https://explore.alas.aws.amazon.com/CVE-2025-71237.html
https://explore.alas.aws.amazon.com/CVE-2025-71238.html
https://explore.alas.aws.amazon.com/CVE-2026-22999.html
https://explore.alas.aws.amazon.com/CVE-2026-23001.html
https://explore.alas.aws.amazon.com/CVE-2026-23003.html
https://explore.alas.aws.amazon.com/CVE-2026-23011.html
https://explore.alas.aws.amazon.com/CVE-2026-23038.html
https://explore.alas.aws.amazon.com/CVE-2026-23060.html
https://explore.alas.aws.amazon.com/CVE-2026-23071.html
https://explore.alas.aws.amazon.com/CVE-2026-23074.html
https://explore.alas.aws.amazon.com/CVE-2026-23083.html
https://explore.alas.aws.amazon.com/CVE-2026-23085.html
https://explore.alas.aws.amazon.com/CVE-2026-23095.html
https://explore.alas.aws.amazon.com/CVE-2026-23097.html
https://explore.alas.aws.amazon.com/CVE-2026-23101.html
https://explore.alas.aws.amazon.com/CVE-2026-23103.html
https://explore.alas.aws.amazon.com/CVE-2026-23105.html
https://explore.alas.aws.amazon.com/CVE-2026-23110.html
https://explore.alas.aws.amazon.com/CVE-2026-23119.html
https://explore.alas.aws.amazon.com/CVE-2026-23125.html
https://explore.alas.aws.amazon.com/CVE-2026-23145.html
https://explore.alas.aws.amazon.com/CVE-2026-23164.html
https://explore.alas.aws.amazon.com/CVE-2026-23193.html
https://explore.alas.aws.amazon.com/CVE-2026-23198.html
https://explore.alas.aws.amazon.com/CVE-2026-23209.html
https://explore.alas.aws.amazon.com/CVE-2026-23216.html
插件详情
严重性: High
ID: 303103
文件名: al2_ALASKERNEL-5_10-2026-114.nasl
版本: 1.1
类型: local
代理: unix
发布时间: 2026/3/19
最近更新时间: 2026/3/19
支持的传感器: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Nessus Agent, Nessus
风险信息
VPR
风险因素: Medium
分数: 6.7
CVSS v2
风险因素: Medium
基本分数: 6.8
时间分数: 5
矢量: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C
CVSS 分数来源: CVE-2026-23216
CVSS v3
风险因素: High
基本分数: 7.8
时间分数: 6.8
矢量: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
时间矢量: CVSS:3.0/E:U/RL:O/RC:C
漏洞信息
CPE: p-cpe:/a:amazon:linux:perf, p-cpe:/a:amazon:linux:bpftool, p-cpe:/a:amazon:linux:perf-debuginfo, p-cpe:/a:amazon:linux:kernel-tools-debuginfo, p-cpe:/a:amazon:linux:kernel-debuginfo-common-aarch64, p-cpe:/a:amazon:linux:kernel-tools, p-cpe:/a:amazon:linux:kernel-devel, p-cpe:/a:amazon:linux:python-perf-debuginfo, p-cpe:/a:amazon:linux:kernel, p-cpe:/a:amazon:linux:kernel-debuginfo, p-cpe:/a:amazon:linux:kernel-headers, cpe:/o:amazon:linux:2, p-cpe:/a:amazon:linux:kernel-livepatch-5.10.251-248.983, p-cpe:/a:amazon:linux:bpftool-debuginfo, p-cpe:/a:amazon:linux:kernel-tools-devel, p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64, p-cpe:/a:amazon:linux:python-perf
必需的 KB 项: Host/local_checks_enabled, Host/AmazonLinux/release, Host/AmazonLinux/rpm-list
易利用性: No known exploits are available
补丁发布日期: 2026/3/19
漏洞发布日期: 2023/3/22
参考资料信息
CVE: CVE-2023-54207, CVE-2023-54321, CVE-2025-38591, CVE-2025-68211, CVE-2025-68725, CVE-2025-71194, CVE-2025-71232, CVE-2025-71235, CVE-2025-71236, CVE-2025-71237, CVE-2025-71238, CVE-2026-22999, CVE-2026-23001, CVE-2026-23003, CVE-2026-23011, CVE-2026-23038, CVE-2026-23060, CVE-2026-23071, CVE-2026-23074, CVE-2026-23083, CVE-2026-23085, CVE-2026-23095, CVE-2026-23097, CVE-2026-23101, CVE-2026-23103, CVE-2026-23105, CVE-2026-23110, CVE-2026-23119, CVE-2026-23125, CVE-2026-23145, CVE-2026-23164, CVE-2026-23193, CVE-2026-23198, CVE-2026-23209, CVE-2026-23216, CVE-2026-23229, CVE-2026-23238