# Amazon Linux 2 version 2.0.20211223.0 release notes
<a name="relnotes-20211223"></a>

These are the release notes for Amazon Linux 2 version 2.0.20211223.0.

## Major updates
<a name="major-updates-20211223"></a>

None.

## Package updates
<a name="package-updates-20211223"></a>

Amazon Linux 2 includes the following packages.


| Updated packages | 
| --- | 
|  curl-7.79.1-1.amzn2.0.1.aarch64  | 
|  curl-7.79.1-1.amzn2.0.1.x86\$164  | 
|  kernel-4.14.256-197.484.amzn2.aarch64  | 
|  kernel-4.14.256-197.484.amzn2.x86\$164  | 
|  kernel-5.10.82-83.359.amzn2.aarch64  | 
|  kernel-5.10.82-83.359.amzn2.x86\$164  | 
|  kernel-devel-4.14.256-197.484.amzn2.x86\$164  | 
|  kernel-headers-4.14.256-197.484.amzn2.x86\$164  | 
|  kernel-tools-4.14.256-197.484.amzn2.aarch64  | 
|  kernel-tools-4.14.256-197.484.amzn2.x86\$164  | 
|  kernel-tools-5.10.82-83.359.amzn2.aarch64  | 
|  kernel-tools-5.10.82-83.359.amzn2.x86\$164  | 
|  kpatch-runtime-0.9.4-3.amzn2.noarch  | 
|  libcurl-7.79.1-1.amzn2.0.1.aarch64  | 
|  libcurl-7.79.1-1.amzn2.0.1.x86\$164  | 
|  nspr-4.32.0-1.amzn2.0.1.aarch64  | 
|  nspr-4.32.0-1.amzn2.0.1.x86\$164  | 
|  nss-3.67.0-4.amzn2.0.2.aarch64  | 
|  nss-3.67.0-4.amzn2.0.2.x86\$164  | 
|  nss-softokn-3.67.0-3.amzn2.0.1.aarch64  | 
|  nss-softokn-3.67.0-3.amzn2.0.1.x86\$164  | 
|  nss-softokn-freebl-3.67.0-3.amzn2.0.1.aarch64  | 
|  nss-softokn-freebl-3.67.0-3.amzn2.0.1.x86\$164  | 
|  nss-sysinit-3.67.0-4.amzn2.0.2.aarch64  | 
|  nss-sysinit-3.67.0-4.amzn2.0.2.x86\$164  | 
|  nss-tools-3.67.0-4.amzn2.0.2.aarch64  | 
|  nss-tools-3.67.0-4.amzn2.0.2.x86\$164  | 
|  nss-util-3.67.0-1.amzn2.0.1.aarch64  | 
|  nss-util-3.67.0-1.amzn2.0.1.x86\$164  | 
|  vim-common-8.2.3642-1.amzn2.0.1.aarch64  | 
|  vim-common-8.2.3642-1.amzn2.0.1.x86\$164  | 
|  vim-enhanced-8.2.3642-1.amzn2.0.1.aarch64  | 
|  vim-enhanced-8.2.3642-1.amzn2.0.1.x86\$164  | 
|  vim-filesystem-8.2.3642-1.amzn2.0.1.noarch  | 
|  vim-minimal-8.2.3642-1.amzn2.0.1.aarch64  | 
|  vim-minimal-8.2.3642-1.amzn2.0.1.x86\$164  | 

## Kernel updates
<a name="kernel-updates-20211223"></a>

Rebase kernel to upstream stable 4.14.256.

CVEs fixed:
+ CVE-2021-4002 [hugetlbfs: flush TLBs correctly after huge\$1pmd\$1unshare]
+ CVE-2021-3640 [Bluetooth: sco: Fix lock\$1sock() blockage by memcpy\$1from\$1msg()]
+ CVE-2021-3752 [Bluetooth: fix use-after-free error in lock\$1sock\$1nested()]
+ CVE-2021-3772 [sctp: use init\$1tag from inithdr for ABORT chunk]

Amazon EFA Driver: update to version v1.14.1

Amazon Features and Backports:
+ Revert "PCI/MSI: Enforce that MSI-X table entry is masked for update"

Other Fixes:
+ ARM: dts: at91: sama5d2\$1som1\$1ek: disable ISC node by default
+ NFSD: Keep existing listeners on portlist error
+ vfs: check fd has read access in kernel\$1read\$1file\$1from\$1fd()
+ ARM: dts: spear3xx: Fix gmac node
+ platform/x86: intel\$1scu\$1ipc: Update timeout value in comment
+ net: mdiobus: Fix memory leak in mdiobus\$1register
+ tracing: Have all levels of checks prevent recursion