Linus Torvalds does not enjoy giving talks, but he does consent to
the occasional on-stage conversation with Dirk Hohndel at Linux
Foundation events. The pair held the 30th of their fire-less fireside
chats during a keynote session on May 20, at the 2026 Open
Source Summit North America. Topics incl…
Security updates have been issued by Debian (atril, evince, gnutls28, haproxy, haveged, jq, kernel, krb5, libgcrypt20, nodejs, and thunderbird), Fedora (aw-server-rust, awatcher, bind, bind-dyndb-ldap, chromium, composer, docker-buildkit, docker-buildx, dotnet10.0, dotnet8.0, dotnet9.0, evince, fire…
Joshua Hahn began his session in the memory-management track of the 2026 Linux Storage,
Filesystem, Memory Management, and BPF Summit by saying that the memory
controller for control groups is intended to provide resource allocation,
accounting, and protection from interference by other tasks. But
…
The Software Freedom Conservancy (SFC)
published a news
item on May 18 about its response to violations of the AGPLv3 by Bambu
Lab in its 3D printers. The company has not provided the source code to
its modifications to a 3D "slicer" program that was released under the
AGPLv3 and it has also threat…
The 7.1-rc5 kernel prepatch is out for
testing. Quoth Linus:
I'm not entirely happy about it - most of this is totally trivial
stuff to random drivers, which obviously makes it all less scary,
but at the same time I'm really not convinced the churn is worth it
at rc5 time. These things are "f…
The 7.0.10,
6.18.33,
6.12.91,
6.6.141,
6.1.174,
5.15.208, and
5.10.257
stable kernel updates have all been released. The first four are huge
(the 7.0.10
review version had 1,146 commits) while 6.1.174, 5.15.208, and 5.10.257
are small updates for the "Fragnesia" vulnerability.
Security updates have been issued by AlmaLinux (firefox), Debian (chromium, nss, openvpn, and thunderbird), Fedora (cockpit, kernel, and linux-firmware), Oracle (gdk-pixbuf2, kernel, and libsndfile), SUSE (container-suseconnect, cpp-httplib, dnsmasq, firefox, glibc, GraphicsMagick, java-1_8_0-openj9…
A major page fault occurs when a process attempts to access a page that is
not currently present in RAM; satisfying such faults usually involves I/O, and can thus take some time. When many threads
sharing an address space are generating page faults, the result can be
significant lock contention whi…
The kernel's page cache is charged with maintaining pages (or, more
correctly, folios) containing copies of
data from files in the filesystem; its performance has a big effect on the
performance of the system as a whole. One of the key decisions the kernel
must make is when to evict folios from the…
Michael Catanzaro has disclosed a
command-injection vulnerability affecting a number of GTK-based PDF
readers; exploits included:
They contain a script for building malicious polyglot PDFs that are
simultaneously both valid PDF files and also valid ELF
binaries. When the user opens the PDF in t…
The OpenBSD 7.9 release is
out, right on schedule. There is the usual long list of new features,
including improved architecture support, CPU scheduling on heterogeneous
systems, the ability to hibernate a suspended system after a configurable
delay, socket splicing, a
__pledge_open()
system call g…
José Marchesi and the GCC-BPF developers opened the BPF track at the 2026
Linux Storage,
Filesystem, Memory-management, and BPF Summit
with a 90-minute summary of what has changed for GCC's BPF support in the past year.
This kind of session has become something of a tradition. There were similar
u…
Security updates have been issued by AlmaLinux (kernel, kernel-rt, and libsndfile), Debian (bind9, evince, firefox-esr, openjpeg2, pdns, and rsync), Fedora (erlang-cowlib, evince, expat, firefox, kernel, mingw-expat, mysql8.0, mysql8.4, nss, opencryptoki, pgadmin4, proftpd, python-django5, python-dj…
Gregory Price started his session in the memory-management track of the
2026 Linux Storage,
Filesystem, Memory Management, and BPF Summit by saying that, in
current kernels, if a NUMA node has memory, the assumption is that anybody can
make use of it. He is trying to implement the opposite policy —…
Inside this week's LWN.net Weekly Edition:
Front: OpenSUSE site age restrictions; Lots of LSFMM+BPF coverage; The tenth OpenPGP email summit.
Briefs: Firefox 151.0; pgBackRest funding; RIP Peter G. Neumann; Quotes; ...
Announcements: Newsletters, conferences, sec…
Security updates have been issued by AlmaLinux (kernel, libpng, nginx, nginx:1.24, ruby, and ruby:3.3), Debian (gnutls28 and linux-6.1), Fedora (dnsmasq, kernel, keylime-agent-rust, perl-Net-CIDR-Lite, python-pysam, python-urllib3, rust-cargo-vendor-filterer, rust-ingredients, rust-oo7-cli, rust-rpk…
"Reclaim" is the task of finding memory that can be taken away from its
current user and put to better uses within the system; it is a core part of
the memory-management picture. The addition of the multi-generational LRU (MGLRU) was meant to
provide a better reclaim implementation than the "tradit…
The OpenPGP Email Summit is
an annual meeting for those who work on encrypted email and related
topics. The tenth
installment of this meeting took place in March 2026 and the minutes
have now been published. As usual, a wide range of topics were
discussed. Highlights included support for post-quantu…
In April, David Steele, maintainer of the popular pgBackRest backup and restore project for
PostgreSQL, announced that he had archived
the project and it would no longer be maintained due to lack of
sponsorship. On May 18, he announced
that a number of sponsors have stepped forward to ensure its con…
Security updates have been issued by AlmaLinux (libpng and nginx), Debian (erlang, netatalk, and nginx), Fedora (mod_md and SDL2_image), Mageia (perl-libwww-perl, perl-HTTP-Message, perl-WWW-Mechanize-Cached, perl-File-XDG, perl-Path-Tiny, perl-YAML-Syck, postgresql15, and rclone), SUSE (agama, allo…
There are many places in the kernel where performance can be improved by
using per-CPU data. But, as it turns out, the kernel's allocator for
per-CPU data has some performance problems of its own. Harry Yoo led a
session in the memory-management track of the 2026 Linux Storage,
Filesystem, Memory …
Compute
Express Link (CXL) is a technology intended to enable the provision of
"memory nodes" in data centers that provide (possibly shared) memory to
nearby CPUs. It has, Dan Williams said at the beginning of his
memory-management-track session on the topic at the 2026 Linux Storage,
Filesystem, M…
The kernel's this_cpu
operations are meant to speed access to per-CPU variables. They are
more optimal on some CPUs than others, though. During a
memory-management-track session at the 2026 Linux Storage,
Filesystem, Memory Management, and BPF Summit, Yang Shi proposed a
fundamental, and somewhat …
Many people in the Linux community began using the operating system—and
contributing to open source—at a tender age, often well before
their 16th birthday. Thus, a recent change in openSUSE's terms of site (ToS)
that required users of the project's web site to be "at least 16
years of age or the age…
Version
151.0 of the Firefox browser has been released. Significant changes
include the ability to clear and restart a private-browsing session, better
fingerprinting protection, control over the apparent location when using the
Firefox VPN, and more.
Security updates have been issued by AlmaLinux (freerdp, gimp:2.8, jq, kernel, and rsync), Debian (chromium, ffmpeg, firewalld, kernel, nginx, openjpeg2, openssh, php7.4, and redis), Fedora (apptainer, chromium, coturn, dnsmasq, firefox, kernel, libgit2_1.8, libmetal, nginx, nginx-mod-brotli, nginx-…
The kernel's swap subsystem is charged with managing anonymous pages in
secondary storage when those pages are (hopefully) not being used and the
memory they occupy is needed elsewhere. This long-unloved subsystem has
seen a resurgence of developer interest in recent times, so it is not
surprising …
We have received
word that Peter G. Neumann, who, among many other things, ran the RISKS Digest for decades, has
passed away. He will be much missed.
Update: the New York Times has published an
obituary of Dr. Neuman.
The 7.1-rc4 kernel prepatch is out for
testing.
Some of the documentation updates might be worth highlighting: the
continued flood of AI reports has basically made the security list
almost entirely unmanageable, with enormous duplication due to
different people finding the same things with the…
The 7.0.9,
6.18.32,
6.12.90, and
6.6.140 stable kernels have been released.
Each contains yet another set of important fixes.
Security updates have been issued by Debian (ffmpeg, gsasl, nodejs, postgresql-15, postgresql-17, python3.9, and thunderbird), Fedora (expat, firefox, freerdp, GitPython, kernel, php, rust-podman-sequoia, rust-rpm-sequoia, rust-sequoia-chameleon-gnupg, rust-sequoia-git, rust-sequoia-keystore-server,…
Recent times have seen a lot of effort put into the implementation of the kexec handover and live update orchestrator
features in the Linux kernel. But that work is not yet complete. At the
2026 Linux Storage,
Filesystem, Memory Management, and BPF Summit, Pratyush Yadav led a
memory-management-tr…
Greg Kroah-Hartman has announced the 7.0.8, 6.18.31, 6.12.89, 6.6.139, 6.1.173, 5.15.207, and 5.10.256 stable kernels. These kernels
contain a patch for CVE-2026-46333
a vulnerability reported
by the Qualys Security Advisory team, though Jann Horn proposed
a patch in 2020. The vulnerability has a pr…
Roman Gushchin began his session in the memory-management track of the
2026 Linux Storage,
Filesystem, Memory Management, and BPF Summit by saying that the
community has seen a lot of proposals adding BPF-based interfaces for
memory management. None of them have made their way into the mainline,
th…