Select your cookie preferences

We use essential cookies and similar tools that are necessary to provide our site and services. We use performance cookies to collect anonymous statistics, so we can understand how customers use our site and make improvements. Essential cookies cannot be deactivated, but you can choose “Customize” or “Decline” to decline performance cookies.

If you agree, AWS and approved third parties will also use cookies to provide useful site features, remember your preferences, and display relevant content, including relevant advertising. To accept or decline all non-essential cookies, choose “Accept” or “Decline.” To make more detailed choices, choose “Customize.”

Preferences
Contact Us
Feedback
AWS Documentation
Create an AWS Account

Amazon Linux 2 version 2.0.20210721.2 release notes

RSS
Focus mode
Amazon Linux 2 version 2.0.20210721.2 release notes - Amazon Linux 2
Major updatesPackage updatesKernel updates

These are the release notes for Amazon Linux 2 version 2.0.20210721.2.

Major updates

  • GRUB has been updated to 2.06 with some launch time improvements

Package updates

Amazon Linux 2 includes the following packages.

Packages

amazon-ssm-agent-3.0.1124.0-1.amzn2.aarch64

amazon-ssm-agent-3.0.1124.0-1.amzn2.x86_64

chrony-4.0-3.amzn2.0.2.aarch64

chrony-4.0-3.amzn2.0.2.x86_64

dracut-033-535.amzn2.1.4.aarch64

dracut-033-535.amzn2.1.4.x86_64

dracut-config-generic-033-535.amzn2.1.4.aarch64

dracut-config-generic-033-535.amzn2.1.4.x86_64

fuse-libs-2.9.2-11.amzn2.aarch64

fuse-libs-2.9.2-11.amzn2.x86_64

glibc-2.26-48.amzn2.aarch64

glibc-2.26-48.amzn2.x86_64

glibc-all-langpacks-2.26-48.amzn2.aarch64

glibc-all-langpacks-2.26-48.amzn2.x86_64

glibc-common-2.26-48.amzn2.aarch64

glibc-common-2.26-48.amzn2.x86_64

glibc-devel-2.26-48.amzn2.x86_64

glibc-headers-2.26-48.amzn2.x86_64

glibc-langpack-en-2.26-48.amzn2.aarch64

glibc-langpack-en-2.26-48.amzn2.x86_64

glibc-locale-source-2.26-48.amzn2.aarch64

glibc-locale-source-2.26-48.amzn2.x86_64

glibc-minimal-langpack-2.26-48.amzn2.aarch64

glibc-minimal-langpack-2.26-48.amzn2.x86_64

grub2-2.06-2.amzn2.0.1.aarch64

grub2-2.06-2.amzn2.0.1.x86_64

grub2-common-2.06-2.amzn2.0.1.noarch

grub2-efi-aa64-2.06-2.amzn2.0.1.aarch64

grub2-efi-aa64-ec2-2.06-2.amzn2.0.1.aarch64

grub2-efi-aa64-modules-2.06-2.amzn2.0.1.noarch

grub2-efi-x64-ec2-2.06-2.amzn2.0.1.x86_64

grub2-pc-2.06-2.amzn2.0.1.x86_64

grub2-pc-modules-2.06-2.amzn2.0.1.noarch

grub2-tools-2.06-2.amzn2.0.1.aarch64

grub2-tools-2.06-2.amzn2.0.1.x86_64

grub2-tools-minimal-2.06-2.amzn2.0.1.aarch64

grub2-tools-minimal-2.06-2.amzn2.0.1.x86_64

kernel-4.14.238-182.422.amzn2.aarch64

kernel-4.14.238-182.422.amzn2.x86_64

kernel-devel-4.14.238-182.422.amzn2.x86_64

kernel-headers-4.14.238-182.422.amzn2.x86_64

kernel-tools-4.14.238-182.422.amzn2.aarch64

kernel-tools-4.14.238-182.422.amzn2.x86_64

libcrypt-2.26-48.amzn2.aarch64

libcrypt-2.26-48.amzn2.x86_64

libwebp-0.3.0-10.amzn2.aarch64

libwebp-0.3.0-10.amzn2.x86_64

libX11-1.6.7-3.amzn2.0.2.x86_64

libX11-common-1.6.7-3.amzn2.0.2.noarch

libxml2-2.9.1-6.amzn2.5.4.aarch64

libxml2-2.9.1-6.amzn2.5.4.x86_64

libxml2-python-2.9.1-6.amzn2.5.4.aarch64

libxml2-python-2.9.1-6.amzn2.5.4.x86_64

openssl-1.0.2k-19.amzn2.0.7.aarch64

openssl-1.0.2k-19.amzn2.0.7.x86_64

openssl-libs-1.0.2k-19.amzn2.0.7.aarch64

openssl-libs-1.0.2k-19.amzn2.0.7.x86_64

python2-rpm-4.11.3-40.amzn2.0.6.aarch64

python2-rpm-4.11.3-40.amzn2.0.6.x86_64

python-urllib3-1.25.9-1.amzn2.0.2.noarch

rpm-4.11.3-40.amzn2.0.6.aarch64

rpm-4.11.3-40.amzn2.0.6.x86_64

rpm-build-libs-4.11.3-40.amzn2.0.6.aarch64

rpm-build-libs-4.11.3-40.amzn2.0.6.x86_64

rpm-libs-4.11.3-40.amzn2.0.6.aarch64

rpm-libs-4.11.3-40.amzn2.0.6.x86_64

rpm-plugin-systemd-inhibit-4.11.3-40.amzn2.0.6.aarch64

rpm-plugin-systemd-inhibit-4.11.3-40.amzn2.0.6.x86_64

systemtap-runtime-4.4-1.amzn2.0.1.aarch64

systemtap-runtime-4.4-1.amzn2.0.1.x86_64

tzdata-2021a-1.amzn2.noarch

Kernel updates

Rebase kernel to upstream stable 4.14.238.

Amazon EFA Driver: Updated to tversion v1.12.1

CVEs fixed:

  • CVE-2021-32399 [bluetooth: eliminate the potential race condition when removing the HCI controller]

  • CVE-2021-33034 [Bluetooth: verify AMP hci_chan before amp_destroy]

  • CVE-2020-26558 [Bluetooth: SMP: Fails if remote and local public keys are identical]

  • CVE-2021-0129 [Bluetooth: SMP: Fails if remote and local public keys are identical]

  • CVE-2020-24586 [mac80211: Prevents mixed key and fragment cache attacks]

  • CVE-2020-24587 [mac80211: Prevents mixed key and fragment cache attacks]

  • CVE-2020-24588 [cfg80211: Mitigates A-MSDU aggregation attacks]

  • CVE-2020-26139 [mac80211: Doesn't accept/forward invalid EAPOL frames]

  • CVE-2020-26147 [mac80211: Makes sure that all fragments are encrypted]

  • CVE-2021-29650 [netfilter: x_tables: Uses correct memory barriers.]

  • CVE-2021-3564 [Bluetooth: Fixes the erroneous flush_work() order]

  • CVE-2021-3573 [Bluetooth: Uses correct lock tprevent UAF of hdev object]

  • CVE-2021-3587 [nfc: Fixes NULL ptr dereference in llcp_sock_getname() after failed connect]

  • CVE-2021-34693 [can: bcm: Fixes infoleak in struct bcm_msg_head]

  • CVE-2021-33624 [bpf: Inherits expanded/patched seen count from old aux data]

  • CVE-2021-33909 [seq_file: Doesn't allow extremely large seq buffer allocations]

Amazon Features and Backports:

  • arm64/kernel: Doesn't ban ADRP twork around Cortex-A53 erratum #843419

  • arm64/errata: Adds REVIDR handling tframework

  • arm64/kernel: Enables A53 erratum #8434319 handling at runtime

  • arm64: Fixes undefined reference t'printk'

  • arm64/kernel: Renames module_emit_adrp_veneer→module_emit_veneer_for_adrp

  • arm64/kernel: kaslr: Reduces module randomization range t4 GB

  • Revert "arm64: acpi/pci: invoke _DSM whether tpreserve firmware PCI setup"

  • PCI/ACPI: Evaluates PCI Boot Configuration _DSM

  • PCI: Doesn't auto-realloc if we're preserving firmware config

  • arm64: PCI: Allows resource reallocation if necessary

  • arm64: PCI: Preserved firmware configuration when desired

  • bpf: Fixes subprog verifier bypass by div/mod by 0 exception

  • bpf, x86_64: Removes obsolete exception handling from div/mod

  • bpf, arm64: Removes obsolete exception handling from div/mod

  • bpf, s390x: Removes obsolete exception handling from div/mod

  • bpf, ppc64: Removes obsolete exception handling from div/mod

  • bpf, sparc64: Removes obsolete exception handling from div/mod

  • bpf, mips64: Removes obsolete exception handling from div/mod

  • bpf, mips64: Removes unneeded zercheck from div/mod with k

  • bpf, arm: Removes obsolete exception handling from div/mod

  • bpf: Fixes 32 bit src register truncation on div/mod

  • bpf: Inherits expanded/patched seen count from old aux data

  • bpf: Doesn't mark insn as seen under speculative path verification

  • bpf: Fixes leakage under speculation on mispredicted branches

  • seq_file: Doesn't allow extremely large seq buffer allocations

On this page

PrivacySite termsCookie preferences
© 2025, Amazon Web Services, Inc. or its affiliates. All rights reserved.