Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2026-1752)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1752 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: validate pidx bounds in ext4extcorrectindexes CVE-2026-31449 In the Linux kernel, the following vulnerability has been...

Important: kernel-livepatch-6.12.83-111.159

Issue Overview: PinTheft is a Linux local privilege escalation exploit for an RDS zerocopy double-free that can be turned into a page-cache overwrite through iouring fixed buffers. Affected Packages: kernel-livepatch-6.12.83-111.159 Issue Correction: Please ensure you have live patching enabled...

Important: kernel-livepatch-6.12.80-106.156

Issue Overview: PinTheft is a Linux local privilege escalation exploit for an RDS zerocopy double-free that can be turned into a page-cache overwrite through iouring fixed buffers. Affected Packages: kernel-livepatch-6.12.80-106.156 Issue Correction: Please ensure you have live patching enabled...

Important: kernel-livepatch-6.18.25-55.108

Issue Overview: PinTheft is a Linux local privilege escalation exploit for an RDS zerocopy double-free that can be turned into a page-cache overwrite through iouring fixed buffers. Affected Packages: kernel-livepatch-6.18.25-55.108 Issue Correction: Please ensure you have live patching enabled. R...

Important: kernel-livepatch-6.12.83-115.161

Issue Overview: PinTheft is a Linux local privilege escalation exploit for an RDS zerocopy double-free that can be turned into a page-cache overwrite through iouring fixed buffers. Affected Packages: kernel-livepatch-6.12.83-115.161 Issue Correction: Please ensure you have live patching enabled...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: ext4: validate pidx bounds in ext4extcorrectindexes CVE-2026-31449 In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'getdumpable' logic CVE-2026-46333 PinTheft is a Linux...

Important: kernel-livepatch-6.12.80-105.147

Issue Overview: PinTheft is a Linux local privilege escalation exploit for an RDS zerocopy double-free that can be turned into a page-cache overwrite through iouring fixed buffers. Affected Packages: kernel-livepatch-6.12.80-105.147 Issue Correction: Please ensure you have live patching enabled...

Important: kernel-livepatch-6.1.170-210.320

Issue Overview: PinTheft is a Linux local privilege escalation exploit for an RDS zerocopy double-free that can be turned into a page-cache overwrite through iouring fixed buffers. Affected Packages: kernel-livepatch-6.1.170-210.320 Issue Correction: Please ensure you have live patching enabled...

Important: kernel-livepatch-6.1.166-197.305

Issue Overview: PinTheft is a Linux local privilege escalation exploit for an RDS zerocopy double-free that can be turned into a page-cache overwrite through iouring fixed buffers. Affected Packages: kernel-livepatch-6.1.166-197.305 Issue Correction: Please ensure you have live patching enabled...

Important: kernel-livepatch-6.18.20-41.237

Issue Overview: PinTheft is a Linux local privilege escalation exploit for an RDS zerocopy double-free that can be turned into a page-cache overwrite through iouring fixed buffers. Affected Packages: kernel-livepatch-6.18.20-41.237 Issue Correction: Please ensure you have live patching enabled. R...