Updating the Linux Kernel on AL2023 - Amazon Linux 2023
Linux Kernel Versions on AL2023Updating AL2023 to a Newer Kernel VersionAL2023 kernels - Frequently Asked Questions
Services or capabilities described in AWS documentation might vary by Region. To see the differences applicable to the AWS European Sovereign Cloud Region, see the AWS European Sovereign Cloud User Guide.

Updating the Linux Kernel on AL2023

Linux Kernel Versions on AL2023

AL2023 regularly includes new kernel versions based on Long-Term Support (LTS) versions of the Linux kernel.

AL2023 was originally released in March 2023 with kernel 6.1.

In April 2025, AL2023 added support for Linux kernel 6.12. This kernel added new features including EEVDF scheduling, FUSE passthrough I/O support, a new Futex API, and improvements in eBPF. Kernel 6.12 also allows a userspace program to secure itself at runtime using user-space shadow stacks and memory sealing.

In March 2026, AL2023 added support for Linux kernel 6.18. The updated kernel 6.18 brings additional improvements in processor support, virtualization, security, and performance. Notable features include improved IOMMU capabilities across architectures and Attack Vector Controls for managing CPU vulnerability mitigations. Performance enhancements come through cryptography optimizations with faster FSCRYPT operations, memory management improvements, and the introduction of Sheaves as a new opt-in, per-CPU array-based caching layer.

Updating AL2023 to a Newer Kernel Version

Starting in June 2026, AL2023 will update the default kernel annually. The al2023-ami-kernel-default set of AMIs will be updated to the latest LTS kernel, so that newly launched instances will automatically come up with the new kernel version — this is the simplest way to stay current with the latest security fixes and performance improvements.

If you prefer to choose a specific kernel version, you can run AL2023 with kernel 6.12 or 6.18 either by selecting an AMI with the desired kernel pre-installed or by upgrading an existing AL2023 EC2 instance.

Running an AL2023 AMI with a specific kernel version

You may select to run an AL2023 AMI with a specific kernel pre-installed through the AWS Console or by querying SSM for specific parameters. The SSM keys to query start with /aws/service/ami-amazon-linux-latest/ followed by one of

For kernel 6.12

  • al2023-ami-kernel-6.12-arm64 for arm64 architecture

  • al2023-ami-minimal-kernel-6.12-arm64 for arm64 architecture (minimal AMI)

  • al2023-ami-kernel-6.12-x86_64 for x86_64 architecture

  • al2023-ami-minimal-kernel-6.12-x86_64 for x86_64 architecture (minimal AMI)

For kernel 6.18

  • al2023-ami-kernel-6.18-arm64 for arm64 architecture

  • al2023-ami-minimal-kernel-6.18-arm64 for arm64 architecture (minimal AMI)

  • al2023-ami-kernel-6.18-x86_64 for x86_64 architecture

  • al2023-ami-minimal-kernel-6.18-x86_64 for x86_64 architecture (minimal AMI)

Please see Launching AL2023 using the SSM parameter and AWS CLI for details on selecting AL2023 AMIs.

Updating an AL2023 instance to a newer kernel

You can in-place upgrade a running AL2023 instance to kernel 6.12 or 6.18 with the following steps:

  1. Detect current kernel and set target version:

    # Automatically detect current kernel version BEFORE upgrade
$ CURRENT_KERNEL=$(uname -r)
$ SOURCE_VERSION=""

$ if [[ $CURRENT_KERNEL == *"6.12"* ]]; then
    SOURCE_VERSION="6.12"
else
    SOURCE_VERSION=""
fi

# Save the source version to a persistent location for use after reboot
$ echo "${SOURCE_VERSION}" | sudo tee /var/lib/source_kernel_version > /dev/null
    # Set your target version (change this to your desired kernel: 6.12 or 6.18)
$ TARGET_VERSION="6.12"
    $ echo "Current kernel: ${SOURCE_VERSION:-6.1}"
$ echo "Upgrading to kernel ${TARGET_VERSION}"

  2. Install the target kernel package:

    $ sudo dnf install -y kernel${TARGET_VERSION}

  3. Get the latest version of the target kernel package:

    $ version=$(rpm -q --qf '%{version}-%{release}.%{arch}\n' kernel${TARGET_VERSION} | sort -V | tail -1)

  4. Make the new kernel your default kernel:

    $ sudo grubby --set-default "/boot/vmlinuz-$version"

  5. Reboot your system:

    $ sudo reboot

  6. Uninstall the previous kernel:

    # Read the source kernel version from the saved file
$ SOURCE_VERSION=$(sudo cat /var/lib/source_kernel_version)

# Uninstall the source kernel
$ sudo dnf remove -y kernel${SOURCE_VERSION}

  7. Replace extra kernel packages with their target kernel equivalents:

    # Set your target version (change this to your desired kernel: 6.12 or 6.18)
$ TARGET_VERSION="6.12"
    $ declare -A pkgs
$ pkgs=(
[bpftool${SOURCE_VERSION}]=bpftool${TARGET_VERSION}
[kernel${SOURCE_VERSION}-debuginfo]=kernel${TARGET_VERSION}-debuginfo
[kernel${SOURCE_VERSION}-debuginfo-common]=kernel${TARGET_VERSION}-debuginfo-common
[kernel${SOURCE_VERSION}-headers]=kernel${TARGET_VERSION}-headers
[kernel${SOURCE_VERSION}-libbpf]=kernel${TARGET_VERSION}-libbpf
[kernel${SOURCE_VERSION}-libbpf-devel]=kernel${TARGET_VERSION}-libbpf-devel
[kernel${SOURCE_VERSION}-libbpf-static]=kernel${TARGET_VERSION}-libbpf-static
[kernel${SOURCE_VERSION}-modules-extra-common]=kernel${TARGET_VERSION}-modules-extra-common
[kernel${SOURCE_VERSION}-tools]=kernel${TARGET_VERSION}-tools
[kernel${SOURCE_VERSION}-tools-devel]=kernel${TARGET_VERSION}-tools-devel
[perf${SOURCE_VERSION}]=perf${TARGET_VERSION}
[python3-perf${SOURCE_VERSION}]=python3-perf${TARGET_VERSION}
)
$ for pkg in "${!pkgs[@]}"; do 
  rpm -q $pkg && sudo dnf -y swap $pkg "${pkgs["$pkg"]}" ;
done

  8. (Optional) Uninstall kernel-devel for previous kernel version:

    $ rpm -q kernel${SOURCE_VERSION}-devel && sudo dnf remove -y kernel${SOURCE_VERSION}-devel

Downgrading to an earlier kernel version

If at any point in time you need to downgrade back to an earlier kernel version, use the following steps:

  1. Detect current kernel and set target version:

    # Automatically detect current kernel version BEFORE downgrade
$ CURRENT_KERNEL=$(uname -r)
$ SOURCE_VERSION=""

$ if [[ $CURRENT_KERNEL == *"6.12"* ]]; then
    SOURCE_VERSION="6.12"
elif [[ $CURRENT_KERNEL == *"6.18"* ]]; then
    SOURCE_VERSION="6.18"
fi

# Save the source version to a persistent location for use after reboot
$ echo "${SOURCE_VERSION}" | sudo tee /var/lib/source_kernel_version > /dev/null
    # Set your target version (change this to your desired kernel)
# Use "" for kernel 6.1, "6.12" for kernel 6.12
$ TARGET_VERSION=""
    $ echo "Downgrading from kernel ${SOURCE_VERSION:-6.1} to kernel ${TARGET_VERSION:-6.1}"

  2. Replace extra kernel packages with their target kernel equivalents:

    $ declare -A pkgs
$ pkgs=(
[bpftool${TARGET_VERSION}]=bpftool${SOURCE_VERSION}
[kernel${TARGET_VERSION}-debuginfo]=kernel${SOURCE_VERSION}-debuginfo
[kernel${TARGET_VERSION}-debuginfo-common]=kernel${SOURCE_VERSION}-debuginfo-common
[kernel${TARGET_VERSION}-headers]=kernel${SOURCE_VERSION}-headers
[kernel${TARGET_VERSION}-libbpf]=kernel${SOURCE_VERSION}-libbpf
[kernel${TARGET_VERSION}-libbpf-devel]=kernel${SOURCE_VERSION}-libbpf-devel
[kernel${TARGET_VERSION}-libbpf-static]=kernel${SOURCE_VERSION}-libbpf-static
[kernel${TARGET_VERSION}-modules-extra-common]=kernel${SOURCE_VERSION}-modules-extra-common
[kernel${TARGET_VERSION}-tools]=kernel${SOURCE_VERSION}-tools
[kernel${TARGET_VERSION}-tools-devel]=kernel${SOURCE_VERSION}-tools-devel
[perf${TARGET_VERSION}]=perf${SOURCE_VERSION}
[python3-perf${TARGET_VERSION}]=python3-perf${SOURCE_VERSION}
)
$ for pkg in "${!pkgs[@]}"; do 
  rpm -q "${pkgs["$pkg"]}" && sudo dnf -y swap "${pkgs["$pkg"]}" $pkg ;
done

  3. Install the target kernel package:

    $ sudo dnf install -y kernel${TARGET_VERSION}

  4. Get the latest version of the target kernel package:

    $ version=$(rpm -q --qf '%{version}-%{release}.%{arch}\n' kernel${TARGET_VERSION} | sort -V | tail -1)

  5. Make the target kernel your default kernel:

    $ sudo grubby --set-default "/boot/vmlinuz-$version"

  6. Reboot your system:

    $ sudo reboot

  7. Uninstall the source kernel:

    # Read the source kernel version from the saved file
$ SOURCE_VERSION=$(sudo cat /var/lib/source_kernel_version)

# Uninstall the source kernel
$ sudo dnf remove -y kernel${SOURCE_VERSION}

AL2023 kernels - Frequently Asked Questions

1. Do I need to reboot after a kernel update?

Every change to the running kernel requires a reboot.

2. How do I keep kernels up-to-date across multiple instances?

Amazon Linux does not provide facilities to manage fleets of instances. We recommend you patch large fleets using tools like AWS Systems Manager.

3. How do I check which kernel version I am running right now?

Execute this command on your AL2023 instance:

$ uname -r

4. Which kernel does AL2023 recommend me to use?

It is recommended to upgrade to latest AL2023 kernel 6.18 while all the other AL2023 kernels are still supported. Customers are recommended to test their workloads before they upgrade.

5. Will my existing applications work with any AL2023 kernel?

AL2023 supports a newer kernel (6.12 or 6.18) the same way as kernel 6.1. Applications will work and improvements are happening under the hood. Customers should in any case test their specific workloads before switching to a newer kernel.

6. How do I install kernel headers, development packages, and extra modules for kernel 6.12 or 6.18?

Please run:

$ version=$(uname -r | grep -oP '^\d+\.\d+')
$ sudo dnf install -y kernel${version}-modules-extra-$(uname -r) kernel${version}-headers-$(uname -r) kernel${version}-devel-$(uname -r)

7. How long kernel 6.12 and 6.18 will be supported?

Kernel 6.12 and 6.18 will be supported until the planned end of life of Amazon Linux 2023, which is 2029-06-30.