AWS AL2 medium security documentation change
Summary
Removed kernel update notice and added known issue about runc tmpfs permissions causing container launch issues (fixed in later version)
Security assessment
The added known issue describes a security-relevant configuration problem (incorrect tmpfs permissions in runc) that could lead to container vulnerabilities, which was explicitly addressed in a security update
Diff
diff --git a/AL2/latest/relnotes/relnotes-20251105.md b/AL2/latest/relnotes/relnotes-20251105.md index 2fe38a2d3..ef590def9 100644 --- a//AL2/latest/relnotes/relnotes-20251105.md +++ b//AL2/latest/relnotes/relnotes-20251105.md @@ -40,4 +39,0 @@ These are the release notes for Amazon Linux 2 version 2.0.20251105.0. - * **On 2026-01-20, Amazon Linux will update its default kernel from 4.14 to 5.10 for the Amazon Linux 2 base AMI (`amzn2-ami-hvm-x86_64-gp2` and `amzn2-ami-hvm-arm64-gp2`), reflecting our long-standing recommendation that all AL2 customers use kernel 5.10 as their default** - - * **This means that customers launching new EC2 instances using these standard AMI names will automatically receive kernel 5.10, benefiting from enhanced performance, security improvements, and better hardware support without requiring any explicit action.** - @@ -79,0 +76,7 @@ This release of Amazon Linux 2 includes the latest security updates. +###### Known Issues + + * A change introduced in `runc-1.3.2-2.amzn2` that changed the default tmpfs directory permissions may cause issues when launching containers. This issue has been addressed in `runc-1.3.3-2.amzn2` released in Amazon Linux 2 version `2.0.20251110`. + + + + @@ -137 +140 @@ To use the Amazon Web Services Documentation, Javascript must be enabled. Please -Release notes for 2025 +2.0.20251110