Tag

Kernel

All articles tagged with #kernel

Long-standing Linux kernel flaw lets guest VMs break out to hosts on Intel and AMD
technology2 days ago

Long-standing Linux kernel flaw lets guest VMs break out to hosts on Intel and AMD

Hyunwoo Kim disclosed CVE-2026-53359, a 16-year-old Linux kernel use-after-free in KVM/x86 shadow MMU that enables guest-to-host VM escape on both Intel and AMD CPUs. A successful exploit can grant root on the host and potentially take over all VMs on a multi-tenant machine or crash the host kernel; patch 81ccda30b4e8 was applied in June 2026. Administrators should ensure patched kernels on KVM/x86 hosts, especially in cloud environments, as the risk is real for Google Cloud and AWS users. A PoC and write-up exist, though full public exploitation is not released yet, and attackers could chain with other flaws like Dirty Frag.

technology19 days ago

Gemini AI Speeds Up Linux Boot on ASUS ROG Strix G16 G614

An AI-assisted kernel patch (via Google Gemini 3.5) shortens a 30+ second Linux boot on the ASUS ROG Strix G16 G614 by working around a firmware quirk that asserts a GPIO line at startup; the patch is expected to be upstreamed for systems without updated BIOS, while ASUS/AMD pursue a proper firmware fix, with discussions noting the root cause may involve ACPI/graphics-related GPIO behavior rather than the touchpad alone.

technology1 month ago

Intel's USB4STREAM Turns Thunderbolt Into a Direct Linux Data Channel

Intel is adding USB4STREAM to Linux 7.2 that lets two hosts swap raw data directly over a USB4/Thunderbolt cable via /dev/tbstreamX, bypassing the networking stack. The feature, implemented in the thunderbolt_stream driver and configurable via ConfigFS, supports multiple bidirectional streams and enables use cases like host backups, peripheral sharing, and initramfs-based recovery without network tooling.

technology1 month ago

Linux Set to Axe Obsolete ISA DoubleTalk Driver in 7.2

Linux is moving to retire the outdated DTLK ISA speech-synthesizer driver (Double Talk) as part of the 7.2 kernel cycle. The driver hasn’t seen meaningful work in years, and the same hardware is supported by a separate accessibility path (Speakup), making the legacy driver largely unused. The commit argues removing it will reduce future maintenance, noting RC Systems’ DoubleTalk page remains outdated and the hardware should be retired with Linux 7.2.

technology1 month ago

Linux 7.1-rc5 Arrives with AI-Powered Kernel Fixes and Late-Cycle Churn Caution

Linux 7.1-rc5 launches with AI-assisted fixes across graphics, security, sound, and various drivers, plus improved HP/ASUS laptop x86 support and CPU power driver updates; Linus Torvalds criticizes the unusually large rc5 for late-cycle churn and hints that non-critical fixes may belong in linux-next, with a mid-June target for the stable 7.1 release.

technology1 month ago

Linux 7.1-rc4 Brings Fixes, Hardware Tweaks, and New Security/AI Documentation

Linux 7.1-rc4 fixes Intel/AMD laptop quirks, adds a microphone fix for Framework Laptop 13 Pro, enables HID++ keyboard support, and provides an option to disable CET virtualization in KVM; it also includes security patches (notably ssh-keysign-pwn) and new docs clarifying what counts as a security bug and how to handle AI responsibly in kernel development, with the stable 7.1 expected by mid-June.

AI-Discovered Fragnesia: a new Linux kernel flaw that could grant root access
security1 month ago

AI-Discovered Fragnesia: a new Linux kernel flaw that could grant root access

AI-assisted disclosure reveals Fragnesia, the third major Linux kernel local root vulnerability in two weeks, which lets an unprivileged user corrupt the kernel page cache via ESP-in-TCP and escalate to root; a PoC exists and Red Hat assigns a CVSS of 7.8. Upstream patches are available but not yet in distros as of May 13, and mitigations include disabling esp4/esp6/rxrpc or constraining user namespaces—though these can break IPsec or rootless containers. Patches are expected soon (around May 14) as AI bug detection accelerates the discovery of new flaws.

Fragnasia flaw could grant root on many Linux kernels
security1 month ago

Fragnasia flaw could grant root on many Linux kernels

A high-severity Linux kernel local privilege-escalation flaw, Fragnasia (CVE-2026-46300), lets an unprivileged attacker write to the kernel page cache via the XFRM ESP-in-TCP subsystem to gain root; patches are rolling out for all affected kernels, and a PoC exists. Mitigations include removing vulnerable modules esp4, esp6, and rxrpc with modprobe.d, though this can disrupt AFS and IPsec VPNs. The bug is part of the Dirty Frag family; CISA has also flagged Copy Fail as actively exploited in the wild.

Linux Faces Second Major Kernel Flaw in Weeks: Dirty Frag Escalates Root Access Risk
security2 months ago

Linux Faces Second Major Kernel Flaw in Weeks: Dirty Frag Escalates Root Access Risk

Linux is hit by a second major kernel vulnerability in weeks, dubbed Dirty Frag, which chains two flaws to allow untrusted users to gain root access by manipulating page caches. Patches are rolling out from Debian, AlmaLinux, and Fedora, but many distributions haven’t yet applied fixes and a reboot may be required. The exploits target esp4/esp6 and rxrpc paths, with public PoCs and signs of limited in-the-wild activity. Administrators should apply patches and mitigations promptly, especially in shared environments or virtual machines, to prevent potential root compromise.