CODEWITHSUNDEEP
amazon-web-servicesyumamazon-linux-2
DrkStr
DrkStr

Reputation: 1932

Unable to update kernel in Amazon Linux 2 as per Security Advisory: ALAS-2021-1719

I am trying to update the kernel of an Amazon EC2 instance running Amazon Linux 2 as per Security Advisory: ALAS-2021-1719. (https://alas.aws.amazon.com/AL2/ALAS-2021-1719.html)

Trouble is when I run yum update kernel I get a message that says No packages marked for update. I have checked the kernel package version I have installed using yum list installed and I am still on 4.14.238-182.422 when I need to be on 4.14.252-195.481 as per the advisory.

Why is yum update kernel not downloading and installing the latest version?

Upvotes: 1

Views: 6149

Answers (2)

Mai Elshiashi
Mai Elshiashi

Reputation: 371

You can use the amazon-linux-extras repository to upgrade the kernel

First, run this command to get all available kernel versions sudo amazon-linux-extras |grep kernel

you will see a response similar to this

  _  kernel-5.4               available    [ =stable ]
 55  kernel-5.10=latest       enabled      [ =stable ]
 62  kernel-5.15              available    [ =stable ]

the kernel version marked as enabled is the one installed on your machine

To upgrade to the newer version (for example, to upgrade to kernel-5.15), run this command sudo amazon-linux-extras install kernel-5.15 -y

Now, you need to reboot the server with sudo reboot

After rebooting, run the command uname -r to see the kernel version installed. It should be the same version that you chose above.

for more information, please refer to this link

Upvotes: 1

KayD
KayD

Reputation: 826

You can try to clean the cache first using

yum clean all

then you should update the kernel

yum update

Your repositories may not be correct.

To define a new repository, you can either add a [repository] section to the /etc/yum.conf file, or to a .repo file in the /etc/yum.repos.d/ directory. All files with the .repo file extension in this directory are read by yum, and it is recommended to define your repositories here instead of in /etc/yum.conf

The "yum repolist" command can be used to list installed and enabled repositories.

yum repolist

You should check your network firewall, Security group, subnets...

  • Make sure that security group is whitelisted all inbound and outbound.
  • Public subnets:
    • Make sure the route table for the public subnet is associated with this subnet
    • Route 0.0.0.0/0 pointing to internet gateway.
  • Private subnets:
    • Created a NAT Gateway in a Public subnet.
    • Make sure the route table has a route 0.0.0.0/0 pointing to NAT

Upvotes: 1

Related Questions