AWS Security ChangesHomeSearch

AWS res high security documentation change

Service: res · 2026-06-22 · Security-related high

File: res/latest/ug/revisions.md

Summary

Added June 2026 release notes documenting security vulnerability fixes, enhancements, and bug fixes

Security assessment

Explicitly documents two security fixes: 1) Arbitrary file read vulnerability via symlink handling exploit 2) Linux kernel privilege escalation vulnerability in AMIs. These are concrete security vulnerabilities addressed in the release.

Diff

diff --git a/res/latest/ug/revisions.md b/res/latest/ug/revisions.md
index 6c83b1cf9..f7d6e8089 100644
--- a//res/latest/ug/revisions.md
+++ b//res/latest/ug/revisions.md
@@ -12,0 +13,18 @@ Date | Change
+June 2026 | 
+
+  * Release version 2026.06 Security fixes
+    * Fixed a security vulnerability where an authenticated user could exploit symlink handling in the File System API on the cluster manager host to read arbitrary files.
+Enhancements
+    * Replaced DCV broker infrastructure host with serverless Lambda-based session management, reducing infrastructure overhead and improving scalability.
+    * Included QUIC, default schedule, and other cluster settings in snapshot restore functionality.
+Changes
+    * Continued migration of VDC-related APIs from the VDC infra host to the backend Lambda.
+Bug fixes
+    * Fixed "Create Software Stack from Session" workflow failing due to stale AD credentials, missing IAM permissions, and incompatible EC2Launch version on Windows.
+    * Fixed Ubuntu VDI login failure caused by SSSD configuration parsing error with special characters in home directory paths.
+    * Fixed list project owners and members in the user drop-down when sharing a Virtual Desktop.
+    * Fixed VDI login failures on RHEL8, RHEL9, Ubuntu 22.04, and Ubuntu 24.04 caused by amazon-efs-utils build incompatibility preventing EFS /home directory mounting.
+    * Fixed IAM policies not appearing in "add policies" dropdown when account has more than 1000 policies.
+    * Updated default AMIs across all supported OS types and regions, resolving Linux kernel local privilege escalation vulnerability.
+
+