#Linux kernel
github.com · ⭐️ 9/10 · 2026-07-07
Researchers disclosed Januscape (CVE-2026-53359), a use-after-free vulnerability in KVM's shadow MMU that allows a guest VM to escape to the host on both Intel and AMD platforms. The bug has existed in the Linux kernel for approximately 16 years, from 2010 to June 2026. This is the first publicly known guest-to-host escape exploit that works on both Intel VMX and AMD SVM, making it a critical threat to multi-tenant cloud environments using KVM. The vulnerability was used as a 0-day in Google's kvmCTF and could compromise isolation boundaries of cloud providers. The flaw resides in the function kvmmmugetchildsp() within the shadow MMU code shared by both Intel and AMD x86 KVM implementations. PoC code has been released that triggers host kernel panic from a guest, and on RHEL-like distributions, a local unprivileged user can also escalate to root.
lwn.net · ⭐️ 8/10 · 2026-07-08
At the 2026 Linux Security Summit North America, Eric Biggers presented ongoing efforts to replace the traditional Linux kernel crypto API with new library APIs that are safer and simpler to use. This modernization reduces complexity and potential security bugs in kernel cryptography, benefiting all kernel subsystems that rely on encryption, hashing, and authentication. The traditional crypto API, introduced in 2002, has become complex, slow, and poorly optimized for modern CPU-based acceleration, leading to maintenance and performance issues.
lwn.net · ⭐️ 8/10 · 2026-07-07
Puranjay Mohan presented work on improving RCU performance by allowing normal RCU callbacks to be executed after expedited grace periods, and a new kmallocnolock() function for lockless memory allocation from any kernel context was discussed at LSFMM+BPF 2026. These developments significantly enhance kernel scalability by reducing memory allocation latency and speeding up RCU grace period completion, benefiting high-performance workloads under memory pressure. The RCU improvement involves tracking both non-expedited and expedited grace-period numbers to allow callbacks to run when either completes, while kmallocnolock() enables lockless allocation without needing to hold locks.
lwn.net · ⭐️ 8/10 · 2026-07-06
Jonathan Corbet published an in-depth article on LWN explaining the iomap layer in the Linux kernel, which handles mapping between filesystem space and storage space, introduced in kernel 4.8 by Christoph Hellwig. This article fills a knowledge gap about a core filesystem component, enabling kernel developers to better understand and use iomap for efficient I/O and reducing boilerplate code in filesystem implementations. The iomap structure uses a single struct to represent large extents, replacing the older buffer-head mechanism, and supports both block devices and DAX persistent memory. It consists of a low-level mapping layer and a higher-level operation layer.
lwn.net · ⭐️ 8/10 · 2026-07-04
Greg Kroah-Hartman announced the release of seven stable Linux kernels (versions 7.1.3, 6.18.38, 6.12.95, 6.6.144, 6.1.177, 5.15.211, and 5.10.260), which include fixes for two security vulnerabilities: CVE-2026-53362 and CVE-2026-53359. These fixes address critical vulnerabilities, including a container escape vulnerability (CVE-2026-53362) that could allow attackers to gain root access on the host system, and a use-after-free bug in KVM (CVE-2026-53359) that has existed since the 2.6.36 kernel. Users are strongly advised to upgrade to protect against potential exploitation. CVE-2026-53362 was introduced in kernel 6.0 in IPv6 handling, while CVE-2026-53359 is a use-after-free bug in KVM present since kernel 2.6.36. Each stable kernel also includes numerous other fixes throughout the tree.
lwn.net · ⭐️ 8/10 · 2026-07-03
At the 2026 Linux Storage, Filesystem, Memory Management, and BPF Summit, a session led by Miklos Szeredi discussed problems caused by excessive negative dentries in directories, including soft lockups, reference count overflow, and long hash chains. Negative dentries are a key optimization for filesystem lookups, but when a directory accumulates millions of them, they can cause severe performance issues and even security side-channel problems. The proposals discussed could lead to kernel patches that improve filesystem reliability and memory management. Proposed solutions include moving negative dentries to the end of the dchildren list so iterators can stop early, adding condresched() calls to avoid soft lockups, or switching to a more suitable data structure. Concerns were raised about ordering issues with getdents() and potential complications when a negative dentry becomes positive.
lwn.net · ⭐️ 8/10 · 2026-07-02
Two large memory-management patch sets, developed with LLM assistance by established kernel developers, are being reviewed by the Linux kernel community. This marks a shift in how AI-generated contributions are received, as patches from respected developers are taken seriously, potentially setting a precedent for future LLM-assisted work. One patch set by Rik van Riel introduces 'super page blocks' to reliably allocate 1GB huge pages without the inflexible hugetlbfs reservation system, addressing memory fragmentation challenges.
lwn.net · ⭐️ 8/10 · 2026-06-27
At the OSPM 2026 Linux kernel summit, a new schedext-based approach for GPU-aware auto-affinitization was presented, achieving up to 80 frames per second on a RegNet workload, outperforming both the default fair scheduler (56fps) and manual numactl pinning (77fps). This work promises to simplify GPU workload management on NUMA systems by automatically optimizing CPU-GPU locality, reducing the need for manual tuning and potentially improving performance for AI and accelerator-heavy applications. The prototype uses a Rust user-space component that queries NVIDIA's NVML library to track per-task GPU utilization, then feeds a BPF map that the schedext scheduler (scxcosmos) uses to migrate tasks to the preferred NUMA node. Caveats include that task memory is not migrated automatically, and aggressive packing may conflict with load balancing.