# Amazon Linux 2 version 2.0.20211223.0 release notes
<a name="relnotes-20211223"></a>

These are the release notes for Amazon Linux 2 version 2.0.20211223.0.

## Major updates
<a name="major-updates-20211223"></a>

None.

## Package updates
<a name="package-updates-20211223"></a>

Amazon Linux 2 includes the following packages.


| Updated packages | 
| --- | 
| curl-7.79.1-1.amzn2.0.1.aarch64 | 
| curl-7.79.1-1.amzn2.0.1.x86\_64 | 
| kernel-4.14.256-197.484.amzn2.aarch64 | 
| kernel-4.14.256-197.484.amzn2.x86\_64 | 
| kernel-5.10.82-83.359.amzn2.aarch64 | 
| kernel-5.10.82-83.359.amzn2.x86\_64 | 
| kernel-devel-4.14.256-197.484.amzn2.x86\_64 | 
| kernel-headers-4.14.256-197.484.amzn2.x86\_64 | 
| kernel-tools-4.14.256-197.484.amzn2.aarch64 | 
| kernel-tools-4.14.256-197.484.amzn2.x86\_64 | 
| kernel-tools-5.10.82-83.359.amzn2.aarch64 | 
| kernel-tools-5.10.82-83.359.amzn2.x86\_64 | 
| kpatch-runtime-0.9.4-3.amzn2.noarch | 
| libcurl-7.79.1-1.amzn2.0.1.aarch64 | 
| libcurl-7.79.1-1.amzn2.0.1.x86\_64 | 
| nspr-4.32.0-1.amzn2.0.1.aarch64 | 
| nspr-4.32.0-1.amzn2.0.1.x86\_64 | 
| nss-3.67.0-4.amzn2.0.2.aarch64 | 
| nss-3.67.0-4.amzn2.0.2.x86\_64 | 
| nss-softokn-3.67.0-3.amzn2.0.1.aarch64 | 
| nss-softokn-3.67.0-3.amzn2.0.1.x86\_64 | 
| nss-softokn-freebl-3.67.0-3.amzn2.0.1.aarch64 | 
| nss-softokn-freebl-3.67.0-3.amzn2.0.1.x86\_64 | 
| nss-sysinit-3.67.0-4.amzn2.0.2.aarch64 | 
| nss-sysinit-3.67.0-4.amzn2.0.2.x86\_64 | 
| nss-tools-3.67.0-4.amzn2.0.2.aarch64 | 
| nss-tools-3.67.0-4.amzn2.0.2.x86\_64 | 
| nss-util-3.67.0-1.amzn2.0.1.aarch64 | 
| nss-util-3.67.0-1.amzn2.0.1.x86\_64 | 
| vim-common-8.2.3642-1.amzn2.0.1.aarch64 | 
| vim-common-8.2.3642-1.amzn2.0.1.x86\_64 | 
| vim-enhanced-8.2.3642-1.amzn2.0.1.aarch64 | 
| vim-enhanced-8.2.3642-1.amzn2.0.1.x86\_64 | 
| vim-filesystem-8.2.3642-1.amzn2.0.1.noarch | 
| vim-minimal-8.2.3642-1.amzn2.0.1.aarch64 | 
| vim-minimal-8.2.3642-1.amzn2.0.1.x86\_64 | 

## Kernel updates
<a name="kernel-updates-20211223"></a>

Rebase kernel to upstream stable 4.14.256.

CVEs fixed:
+ CVE-2021-4002 [hugetlbfs: flush TLBs correctly after huge\_pmd\_unshare]
+ CVE-2021-3640 [Bluetooth: sco: Fix lock\_sock() blockage by memcpy\_from\_msg()]
+ CVE-2021-3752 [Bluetooth: fix use-after-free error in lock\_sock\_nested()]
+ CVE-2021-3772 [sctp: use init\_tag from inithdr for ABORT chunk]

Amazon EFA Driver: update to version v1.14.1

Amazon Features and Backports:
+ Revert "PCI/MSI: Enforce that MSI-X table entry is masked for update"

Other Fixes:
+ ARM: dts: at91: sama5d2\_som1\_ek: disable ISC node by default
+ NFSD: Keep existing listeners on portlist error
+ vfs: check fd has read access in kernel\_read\_file\_from\_fd()
+ ARM: dts: spear3xx: Fix gmac node
+ platform/x86: intel\_scu\_ipc: Update timeout value in comment
+ net: mdiobus: Fix memory leak in mdiobus\_register
+ tracing: Have all levels of checks prevent recursion