Thank you for reaching out to AWS re:Post. I understand you want documentation on a specific CVE (CVE-2021-28041).
From my investigation there are no AWS documentations on CVE-2021-28041. CVE-2021-28041 does not affect OpenSSH on Amazon Linux 2. The bug was introduced in OpenSSH 8.2 and since it has not been backported it would not affect earlier versions.
Unfortunately, there are no details on this particular CVE as of now. For further details on Amazon Linux 2 security and privacy events you can refer to the Amazon Linux Security Center . Unfortunately, you would not be able to find any details regarding to your CVE here since it doesn’t pertain to Amazon Linux 2.
Please contact if you have any further questions, and feel free to reach out to us via a support case to facilitate a discussion on the specifics of your resources.
 Amazon Linux Security - https://alas.aws.amazon.com/
Linux 2 OpenSSH Failing Vulnerability Scanasked 2 months ago
Is there antivirus software recommended to install AWS Linux 2 system?asked 3 months ago
Amazon Linux 2022 ECR Basic Scanasked 14 days ago
awscli in Amazon Linux 2 is outdated and does not support the new Glacier Instant Retrieval (GLACIER_IR)asked 5 months ago
OpenSSH Last version in Amazon Linux 2asked a year ago
Amazon Linux 2 Apache package version updateasked 8 months ago
Beanstalk node.js amazon linux 2 running on nginx 1.20.0 which has critical vulnerability CVE-2021-23017asked 6 months ago
Before the amazon linux 2 kernel patch release, can I download it in advance?asked 4 months ago
Amazon Linux 2 - How can I know if a CVE has been patched?asked 6 days ago
Is AWS Linux / Linux 2 vulnerable to CVE-2021-4034?asked 7 months ago