All articles tagged with #kernel
Intel is adding USB4STREAM to Linux 7.2 that lets two hosts swap raw data directly over a USB4/Thunderbolt cable via /dev/tbstreamX, bypassing the networking stack. The feature, implemented in the thunderbolt_stream driver and configurable via ConfigFS, supports multiple bidirectional streams and enables use cases like host backups, peripheral sharing, and initramfs-based recovery without network tooling.
Linux is moving to retire the outdated DTLK ISA speech-synthesizer driver (Double Talk) as part of the 7.2 kernel cycle. The driver hasn’t seen meaningful work in years, and the same hardware is supported by a separate accessibility path (Speakup), making the legacy driver largely unused. The commit argues removing it will reduce future maintenance, noting RC Systems’ DoubleTalk page remains outdated and the hardware should be retired with Linux 7.2.
Linux 7.1-rc5 launches with AI-assisted fixes across graphics, security, sound, and various drivers, plus improved HP/ASUS laptop x86 support and CPU power driver updates; Linus Torvalds criticizes the unusually large rc5 for late-cycle churn and hints that non-critical fixes may belong in linux-next, with a mid-June target for the stable 7.1 release.
Linus Torvalds cautions that AI-assisted bug reporting in the Linux kernel is valuable only if it actually helps; the current flood of AI-generated security reports duplicates existing findings and creates pointless churn, so responsible AI use is urged and reporters are encouraged to contribute real value like patches rather than drive-by reports.
Linux 7.1-rc4 fixes Intel/AMD laptop quirks, adds a microphone fix for Framework Laptop 13 Pro, enables HID++ keyboard support, and provides an option to disable CET virtualization in KVM; it also includes security patches (notably ssh-keysign-pwn) and new docs clarifying what counts as a security bug and how to handle AI responsibly in kernel development, with the stable 7.1 expected by mid-June.
A Linux kernel vulnerability named ssh-keysign-pwn allowed unprivileged users to read root-owned files; a mainline patch adjusting ptrace behavior has been released to fix all affected kernel releases.
AI-assisted disclosure reveals Fragnesia, the third major Linux kernel local root vulnerability in two weeks, which lets an unprivileged user corrupt the kernel page cache via ESP-in-TCP and escalate to root; a PoC exists and Red Hat assigns a CVSS of 7.8. Upstream patches are available but not yet in distros as of May 13, and mitigations include disabling esp4/esp6/rxrpc or constraining user namespaces—though these can break IPsec or rootless containers. Patches are expected soon (around May 14) as AI bug detection accelerates the discovery of new flaws.
A high-severity Linux kernel local privilege-escalation flaw, Fragnasia (CVE-2026-46300), lets an unprivileged attacker write to the kernel page cache via the XFRM ESP-in-TCP subsystem to gain root; patches are rolling out for all affected kernels, and a PoC exists. Mitigations include removing vulnerable modules esp4, esp6, and rxrpc with modprobe.d, though this can disrupt AFS and IPsec VPNs. The bug is part of the Dirty Frag family; CISA has also flagged Copy Fail as actively exploited in the wild.
Linux is hit by a second major kernel vulnerability in weeks, dubbed Dirty Frag, which chains two flaws to allow untrusted users to gain root access by manipulating page caches. Patches are rolling out from Debian, AlmaLinux, and Fedora, but many distributions haven’t yet applied fixes and a reboot may be required. The exploits target esp4/esp6 and rxrpc paths, with public PoCs and signs of limited in-the-wild activity. Administrators should apply patches and mitigations promptly, especially in shared environments or virtual machines, to prevent potential root compromise.
At the LSFMM summit, Jens Axboe unveiled PoC patches that pre-map buffers and attach a ready-to-use bio to registered buffers, allowing O_DIRECT to submit bios directly and reducing hot-path IO overhead for IO_uring, NVMe, and block code, achieving about a 60% per-core I/O performance uplift; the work is in the io_uring-io-slots branch with potential upstreaming into the mainline kernel.
A new Rust-based tool named Kconfirm is being developed to detect misuses and issues in the Linux kernel's Kconfig configuration system, including dead code, constant conditions, and invalid ranges, as well as dead links in help text. It has already helped surface problems like hundreds of duplicate dependencies in Linux 7.0, and, as of 7.1-rc2, raises alarms under its default checks (489 or 1,789 with extra checks) while patches for mainline consideration (RFC v2) are circulating on the Linux kernel mailing list.
A new Linux local privilege escalation called Dirty Frag chains two kernel page-cache write flaws (xfrm-ESP and RxRPC) to gain root on most major distributions; a PoC and full documentation were released after an embargo was breached. Patches are not yet available; mitigations involve disabling esp4, esp6, and rxrpc modules (which breaks IPsec VPNs). CVEs are CVE-2026-43284 and CVE-2026-43500; CISA warns about similar risks and urges patching and mitigation where possible.
A Linux local privilege escalation named 'Dirty Frag' was publicly disclosed early, enabling local users to obtain root by exploiting decryption fast paths in the esp4, esp6, and rxrpc kernel code; with no CVEs or patches yet due to the embargo break, a workaround exists to disable the affected modules via: sh -c "printf 'install esp4 /bin/false\ninstall esp6 /bin/false\ninstall rxrpc /bin/false\n' > /etc/modprobe.d/dirtyfrag.conf; rmmod esp4 esp6 rxrpc 2>/dev/null; true"; Alma Linux has released early patches for testing, and oss-security has more details; this situation means risk on most major distros until patches are issued.
Linux 7.1-rc2 brings an upstream AMD ASoC/ACP fix paired with a Steam Deck OLED-specific DMI quirk, restoring audio that has been broken on the OLED model for about two years; Valve’s SteamOS patch was carried downstream, and the fixes are now landing upstream with potential backports to stable.
Security researchers disclosed Copy Fail (CVE-2026-31431), a Linux local privilege-escalation flaw in the algif_aead kernel module that lets an unprivileged user corrupt a page cache and elevate to root across major distributions since 2017. The issue is portable, cross-container, and can be triggered with a small Python script, prompting advisories from major distros. Exploitation is local (not remote) but remains highly dangerous due to its ease and wide impact.