Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.10-2025-101 (ALASKERNEL-5.10-2025-101)

The version of kernel installed on the remote host is prior to 5.10.240-238.959. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2025-101 advisory. In the Linux kernel, the following vulnerability has been resolved: net: tap: NULL pointer derefence in...

kernel: /proc/PID/io infoleak

fs/proc/base.c in the Linux kernel before 2.6.39.4 does not properly restrict access to /proc//io files, which allows local users to obtain sensitive I/O statistics by polling a file, as demonstrated by discovering the length of another user's password...