Amazon Linux 2 version 2.0.20211223.0 release notes - Amazon Linux 2

Amazon Linux 2 version 2.0.20211223.0 release notes

These are the release notes for Amazon Linux 2 version 2.0.20211223.0.

Major updates

None.

Package updates

Amazon Linux 2 includes the following packages.

Updated packages

curl-7.79.1-1.amzn2.0.1.aarch64

curl-7.79.1-1.amzn2.0.1.x86_64

kernel-4.14.256-197.484.amzn2.aarch64

kernel-4.14.256-197.484.amzn2.x86_64

kernel-5.10.82-83.359.amzn2.aarch64

kernel-5.10.82-83.359.amzn2.x86_64

kernel-devel-4.14.256-197.484.amzn2.x86_64

kernel-headers-4.14.256-197.484.amzn2.x86_64

kernel-tools-4.14.256-197.484.amzn2.aarch64

kernel-tools-4.14.256-197.484.amzn2.x86_64

kernel-tools-5.10.82-83.359.amzn2.aarch64

kernel-tools-5.10.82-83.359.amzn2.x86_64

kpatch-runtime-0.9.4-3.amzn2.noarch

libcurl-7.79.1-1.amzn2.0.1.aarch64

libcurl-7.79.1-1.amzn2.0.1.x86_64

nspr-4.32.0-1.amzn2.0.1.aarch64

nspr-4.32.0-1.amzn2.0.1.x86_64

nss-3.67.0-4.amzn2.0.2.aarch64

nss-3.67.0-4.amzn2.0.2.x86_64

nss-softokn-3.67.0-3.amzn2.0.1.aarch64

nss-softokn-3.67.0-3.amzn2.0.1.x86_64

nss-softokn-freebl-3.67.0-3.amzn2.0.1.aarch64

nss-softokn-freebl-3.67.0-3.amzn2.0.1.x86_64

nss-sysinit-3.67.0-4.amzn2.0.2.aarch64

nss-sysinit-3.67.0-4.amzn2.0.2.x86_64

nss-tools-3.67.0-4.amzn2.0.2.aarch64

nss-tools-3.67.0-4.amzn2.0.2.x86_64

nss-util-3.67.0-1.amzn2.0.1.aarch64

nss-util-3.67.0-1.amzn2.0.1.x86_64

vim-common-8.2.3642-1.amzn2.0.1.aarch64

vim-common-8.2.3642-1.amzn2.0.1.x86_64

vim-enhanced-8.2.3642-1.amzn2.0.1.aarch64

vim-enhanced-8.2.3642-1.amzn2.0.1.x86_64

vim-filesystem-8.2.3642-1.amzn2.0.1.noarch

vim-minimal-8.2.3642-1.amzn2.0.1.aarch64

vim-minimal-8.2.3642-1.amzn2.0.1.x86_64

Kernel updates

Rebase kernel to upstream stable 4.14.256.

CVEs fixed:

  • CVE-2021-4002 [hugetlbfs: flush TLBs correctly after huge_pmd_unshare]

  • CVE-2021-3640 [Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg()]

  • CVE-2021-3752 [Bluetooth: fix use-after-free error in lock_sock_nested()]

  • CVE-2021-3772 [sctp: use init_tag from inithdr for ABORT chunk]

Amazon EFA Driver: update to version v1.14.1

Amazon Features and Backports:

  • Revert "PCI/MSI: Enforce that MSI-X table entry is masked for update"

Other Fixes:

  • ARM: dts: at91: sama5d2_som1_ek: disable ISC node by default

  • NFSD: Keep existing listeners on portlist error

  • vfs: check fd has read access in kernel_read_file_from_fd()

  • ARM: dts: spear3xx: Fix gmac node

  • platform/x86: intel_scu_ipc: Update timeout value in comment

  • net: mdiobus: Fix memory leak in mdiobus_register

  • tracing: Have all levels of checks prevent recursion