Linus Torvalds on How AI is Impacting the Hunt for Linux Kernel Bugs
Linus Torvalds spoke this week at the Linux Foundation’s Open Source Summit North America, reports ZDNet — and described how AI is impacting Linux kernel development:
“In the last six months, we’ve seen a lot more commits,” Torvalds noted, estimating that “the last two releases, it’s been about 20% more commits than we had in the previo … ⌘ Read more
Today’s Linux Networking Fixes: “Craziness Continues With No End In Sight”
Driven by AI/LLM bots like Shashiko uncovering new issues within the Linux kernel source tree, including various security vulnerabilities like Dirty Frag, the mailing list has been wild with bug reports and fixes. Today’s networking fixes pull request for Linux 7.1 continues to highlight the ongoing craziness and fears that the worst may be yet to come… ⌘ Read more
Greg KH Calls For More Rust Linux Developers
Greg Kroah-Hartman took time away from his duties as Linux’s second-in-command as stable maintainer, various subsystem maintainer, and recent hobby of using AI/LLMs for uncovering Linux kernel bugs to present at the Rust Week conference… ⌘ Read more
New Windows ‘MiniPlasma’ Zero-Day Exploit Gives SYSTEM Access, PoC Released
A researcher known as Chaotic Eclipse has released a proof-of-concept exploit for a new Windows zero-day dubbed MiniPlasma, which BleepingComputer confirmed can grant SYSTEM privileges on fully patched Windows 11 systems. The researcher claims the bug is effectively a still-exploitable version of a 2020 flaw Microsoft said it had … ⌘ Read more
Linux AF_ALG Crypto Code Removing Zero-Copy Support Out Of Security Concerns
Given all the recent Linux kernel security concerns and new bugs being discovered, the Linux cryptographic subsystem is proactively dropping zero-copy functionality from AF_ALG due to growing security concerns… ⌘ Read more
gkh_clanker_t1000 & gkh_clanker_2000 Continue Uncovering Linux Kernel Bugs
As first reported on Phoronix in early April, Linux’s second-in-command Greg Kroah-Hartman has been leveraging new AI fuzzing tools for uncovering Linux kernel bugs. Prominent due to his position within the Linux kernel community and also being the primary Linux stable maintainer. His AI-assistance for fixing Linux kernel bugs is based on a Framework Desktop powered by AMD Ryzen AI Max. The “gkh_clanker_t1000” continues assisting in Linux … ⌘ Read more
Linus Torvalds: AI-Detected Bug Reports Make Kernel Security List ‘Almost Entirely Unmanageable’
Today Linus Torvalds announced another Linux release candidate on the kernel mailing list. But he also highlighted “documentation updates” to address a new problem.
“The continued flood of AI reports has basically made the security list almost entirely unmanageable, with enormous dupl … ⌘ Read more
Linux Kernel Outlines What Qualifies As A Security Bug, Responsible AI Use
The Linux 7.1 kernel has added new documentation clarifying what qualifies as a security bug and how AI-assisted vulnerability reports should be handled. Phoronix reports: Stemming from the recent influx of security bugs to the Linux kernel as well as an uptick in bug and security reports from discoveries made in full or in pa … ⌘ Read more
Linux Kernel Adds Documentation For What Qualifies As A Security Bug, Responsible AI Use
Merged today for the Linux 7.1 kernel is some new documentation surrounding what qualifies as a security bug as well as around responsible use of AI for finding kernel bugs… ⌘ Read more
Mystery Microsoft Bug Leaker Keeps the Zero-Days Coming
An anonymous researcher known as Nightmare-Eclipse, who has already leaked several Windows zero-days this year, has disclosed two more: YellowKey and GreenPlasma. The Register reports: Nightmare-Eclipse described YellowKey as “one of the most insane discoveries I ever found.” They provided the files, which have to be loaded onto a USB drive, and if the attacker co … ⌘ Read more
Fragnesia Made Public As Latest Linux Local Privilege Escalation Vulnerability
A new Linux local privilege escalation flaw called Fragnesia has been disclosed as a Dirty Frag-like vulnerability, allowing arbitrary byte writes into the kernel page cache of read-only files through a separate ESP/XFRM logic bug. Phoronix reports: Proof of concept code for Fragnesia is already out there. There is a … ⌘ Read more
Yet another Dirty Frag type vulnerability: Fragnesia
Sam James has sent an announcement
to the OSS Security mailing list about another
local-privilege-escalation (LPE) exploit in the same class as Dirty Frag, called
“Fragnesia”. From the disclosure:
This is a separate bug in the ESP/XFRM from dirtyfrag which has received its own patch. However, it is in the same surface … ⌘ Read more
OpenZFS 2.4.2 Released With Linux 7.0 Kernel Support, Many Bug Fixes
For those making use of OpenZFS on Linux or FreeBSD, OpenZFS 2.4.2 is out today as the newest stable release of this ZFS file-system implementation… ⌘ Read more
Anthropic’s Bug-Hunting Mythos Was Greatest Marketing Stunt Ever, Says cURL Creator
cURL creator Daniel Stenberg says Anthropic’s hyped Mythos bug-hunting model found only one confirmed low-severity vulnerability in cURL, plus a few non-security bugs, after he expected a much longer list. He argues Mythos may be useful, but not meaningfully beyond other modern AI code-analysis tools. “My personal … ⌘ Read more
Fiber Optic Cables Can Eavesdrop On Nearby Conversations
sciencehabit shares a report from Science Magazine: Cold War spies planted bugs in walls, lamps, and telephones. Now, scientists warn, the cables themselves could listen in. A fiber optic technique used to detect earthquakes can also pick up the faint vibrations of nearby speech, researchers reported this week here at the general assembly of the European Geos … ⌘ Read more
FreeBSD 15.1 Beta 2 Brings Updated Zstd, Bug Fixes
FreeBSD 15.1 continues working its way toward a stable release in June. Out today is FreeBSD 15.1 Beta 2… ⌘ Read more
New Linux ‘Dirty Frag’ Zero-Day Gives Root On All Major Distros
mrspoonsi shares a report: Dirty Frag is a vulnerability class, first discovered and reported by Hyunwoo Kim (@v4bel), that can obtain root privileges on major Linux distributions by chaining the xfrm-ESP Page-Cache Write vulnerability and the RxRPC Page-Cache Write vulnerability. Dirty Frag extends the bug class to which Dirty Pipe and Copy Fail be … ⌘ Read more
Dirty Frag Vulnerability Made Public Early: Root Privilege On All Distributions
One week after the Copy Fail vulnerability, a new Linux local privilege escalation bug has been made public. This time around there are no patches or CVEs yet for this “Dirty Frag” vulnerability as the embargo was broken early and thus the security researcher went ahead and published earlier than anticipated… ⌘ Read more
Best Bug Spray (2026), Tested and Reviewed
Our writer tried some of the most popular insect repellents during runs, hikes, and evening walks. These are the ones we recommend. ⌘ Read more
[$] LWN.net Weekly Edition for May 7, 2026
Inside this week’s LWN.net Weekly Edition:
Front: LLMs and security; restartable sequences and TCMalloc; Fedora and GNOME bug reports; Prolly trees; Arm on s390.
Briefs: NHS open source; Alpine outage; GCC 16.1; Incus 7.0 LTS; NetHack 5.0.0; PHP license; Quotes; …
Announcements: Newsletters, conferences, security updates, patches, and more. ⌘ Read more
US Government Warns of Severe CopyFail Bug Affecting Major Versions of Linux
An anonymous reader quotes a report from TechCrunch: A severe security vulnerability affecting almost every version of the Linux operating system has caught defenders off-guard and scrambling to patch after security researchers publicly released exploit code that allows attackers to take complete control of vulnerable sys … ⌘ Read more
[$] Bug-monitoring expectations and Fedora GNOME packages
For a number of years, users submitting bugs reports against GNOME packages in Fedora have
received an auto-reply saying that the reports were not actively
monitored; users were encouraged to file bugs with GNOME upstream instead. However,
that practice seems to be in conflict with the Fedora Engineering Steering\
Committee (FESCo) [policy](https://docs.fedoraproject.org/en-US/fesco/Package_maintainer_responsibilities/#_deal_with_ … ⌘ Read more
NetHack 5.0.0 released
Version 5.0.0
of the NetHack
dungeon-exploration game, a distant relative of Rogue and
Hack, has been released. NetHack’s code is now compliant with the
C99 standard, and the release includes more than 3,100
bug fixes and changes, detailed in doc/fixes5-0-0.txt
… ⌘ Read more
Linux 7.1-rc2 Released With Audio Fix For Steam Deck OLED, Other Fixes
Linux 7.1-rc2 is out for testing with its accumulation of initial bug and regression fixes that have been collected over the past week since the Linux 7.1 merge window was capped off… ⌘ Read more
AI tool ‘too dangerous to release’ could wreak havoc on businesses
It found a 27-year-old bug in software used in routers worldwide. Experts fear Anthropic’s Mythos model could trigger the next wave of major breaches. ⌘ Read more
Hackers Are Actively Exploiting a Bug In cPanel, Used By Millions of Websites
Hackers are actively exploiting a critical cPanel and WHM vulnerability, tracked as CVE-2026-41940, that allows remote attackers to bypass the login screen and gain full administrative access to affected web servers. Major hosts including Namecheap, HostGator, and KnownHost have taken mitigation steps or patched systems, bu … ⌘ Read more
New Linux ‘Copy Fail’ Vulnerability Enables Root Access On Major Distros
A newly disclosed Linux kernel flaw dubbed “Copy Fail” can let a local, unprivileged attacker gain root access on major Linux distributions, with researchers claiming the bug affects kernels shipped since 2017. “The POC exploit works out of the box today, but a future version that can escape from containers like Docker is promised soon … ⌘ Read more
A security bug in AEAD sockets
Security analysis firm Xint has disclosed a security bug in the Linux kernel
that allows for arbitrary 4-byte writes to the page cache, and which has been
present since 2017.
The vulnerability has
been fixed in mainline kernels. A proof-of-concept script demons … ⌘ Read more
Linux’s sched_ext Sees A Bunch Of Bug Fixes Following Increased AI Code Review
Just days after the Linux 7.1-rc1 kernel release, the Linux kernel’s extensible scheduler class “sched_ext” is seeing a lot of bug fixes. Many of these bug fixes aren’t just from the Linux 7.1 merge window but a number date back many kernel cycles. This uptick in bug fixes for sched_ext is coming due to increased AI code review… ⌘ Read more
XWayland 24.1.11 Brings Crash Fixes
Red Hat’s Olivier Fourdan announced today the availability of XWayland 24.1.11 that brings a few bug/regression fixes… ⌘ Read more
The New Linux Kernel AI Bot Uncovering Bugs Is A Local LLM On Framework Desktop + AMD Ryzen AI Max
Earlier this month on Phoronix we were the first to draw attention to a new fuzzing tool / AI bot uncovering kernel bugs by Greg Kroah-Hartman, the “second in command” for Linux kernel development and stable maintainer. Greg has now shared more light on the “gregkh_clanker_t1000” for this tool that has been uncovering more Linux kernel bugs the past few weeks… ⌘ Read more
Legacy NVIDIA xf86-video-nv Driver Sees First Release In Years
The legacy xf86-video-nv driver for user-space mode-setting on old NVIDIA GPUs is out with a rather rare release and the first in over two years with a collection of different bug fixes… ⌘ Read more
Discord Sleuths Gained Unauthorized Access to Anthropic’s Mythos
Plus: Spy firms tap into a global telecom weakness to track targets, 500,000 UK health records go up for sale on Alibaba, Apple patches a revealing notification bug, and more. ⌘ Read more
Farewell ISDN, Ham Radio & Old Network Drivers: Linus Torvalds Merges 138k L.O.C. Removal
Linus Torvalds did it! He merged the pull request to rid the Linux kernel of the old Integrated Services Digital Network (ISDN) subsystem and various other old network drivers largely for PCMCIA era network adapters. This was the code suggested for removal given the recent influx of AI/LLM-generated bug reports against this dated code that likely has no active upstream users remaining… ⌘ Read more
GnuPG 2.5.19 released
Werner Koch has announced
the release of GnuPG 2.5.19. This release includes a few new options
and a number of bug fixes, and comes with the reminder that the
GnuPG 2.4 series will reach end-of-life soon
The main features in the 2.5 series are improvements for 64 bit Windows
and the introduction of Kyber (aka ML-KEM or FIPS-203) as PQC encryption
algorithm. Other than PQC support the 2.6 series will not differ a lot
from 2.4 because th … ⌘ Read more
Linux 7.1 Removes Drivers For Long Obsolete Input Hardware: Bye Bus Mouse Support
Beyond Linux looking to remove old drivers due to the surge of AI/LLM bug reports, the Linux 7.1 kernel is also removing some old hardware drivers simply on the basis of long obsolete hardware. The input subsystem saw several drivers removed this week for decades old hardware… ⌘ Read more
Pull Request For Linux To Remove Old Network Drivers, ISDN Subsystem Due To AI/LLM Noise
It was just days ago we reported on a proposal to drop old network drivers due to AI-driven bug reports becoming a burden on upstream kernel developers. Last night that culminated with an initial pull request to clear out some old, unused networking drivers plus also clearing out the entire ISDN subsystem and more… ⌘ Read more
Apple Stops Weirdly Storing Data That Let Cops Spy On Signal Chats
Apple has fixed a bug that could cause parts of Signal notifications to remain stored on iPhones even after messages disappeared and the app was deleted. “Affected users concerned about push notifications can update their devices to stop what Apple characterized as ‘notifications marked for deletion’ that ‘could be unexpectedly retained on the … ⌘ Read more
Linux 7.1 Removes Some Obsolete PCMCIA Drivers That Likely Haven’t Been Used In Years
In addition to some network drivers on the chopping block due to AI bug reports for obsolete hardware/drivers and Linux 7.1 dropping various drivers for Russia’s Baikal CPUs, the Linux 7.1 kernel as of today also dropped some obsolete PCMCIA host controller drivers… ⌘ Read more
[$] LWN.net Weekly Edition for April 23, 2026
Inside this week’s LWN.net Weekly Edition:
Front: LLMs and Python bugs; scheduler regression; new Rust traits; dependency cooldowns; 7.1 merge window; Shor’s algorithm; drama at The Document Foundation.
Briefs: Firefox zero-days; kernel code removal; reproduceible Arch; Debian election; Firefox 150; Forgejo 15.0; Git 2.54.0; KDE Gear 26.04; LillyPond 2.26.0; Rust 1.95.0; Quotes; …
[Announcements](https:/ … ⌘ Read more
Kernel code removals driven by LLM-created security reports
There are a number of ongoing efforts to remove kernel code, mostly from
the networking subsystem, as an alternative to dealing with the increase in
security-bug reports from large language models. The proposed removals
include ISA\
and PCMCIA Ethernet drivers, a pair\
of PCI drivers, the [ax25 and amat … ⌘ Read more
Firefox: The zero-days are numbered
This\
Firefox blog post reports that the Firefox 150 release includes
fixes for 271 vulnerabilities found by the Claude Mythos preview.
Elite security researchers find bugs that fuzzers can’t largely by
reasoning through the source code. This is effective, but
time-consuming and bottlenecked on scarce human
expertise. Computers were completely incapable of doing this a few
months ago, and now they excel at i … ⌘ Read more
Mozilla Uses Anthropic’s Mythos To Fix 271 Bugs In Firefox
BrianFagioli writes: Mozilla says it used an early version of Anthropic’s Claude Mythos Preview to comb through Firefox’s code, and the results were hard to ignore. In Firefox 150, the team fixed 271 vulnerabilities identified during this effort, a number that would have been unthinkable not long ago. Instead of relying only on fuzzing tools or human review, … ⌘ Read more
Linux May Drop Old Network Drivers Now That AI-Driven Bug Reports Are Causing A Burden
Old network maintenance drivers are becoming a maintenance burden in the era of fuzzing and predominantly AI-driven bug detection causing an uptick in possible bug/security reports to upstream Linux kernel developers but with these drivers potentially having no actual users… ⌘ Read more
[$] Using LLMs to find Python C-extension bugs
The open-source world is currently awash in\
reports of LLM-discovered bugs and vulnerabilities, which makes for a lot more
work for maintainers, but many of the current crop are being reported
responsibly with an eye toward minimizing that impact. A recent report
on an effort to systematically find bugs in [Python extensions\
written in C](h … ⌘ Read more
Linux 7.1 Lands Workaround For Arm C1-Pro Erratum
Merged yesterday to the Linux 7.1 kernel is a workaround for an Arm C1-Pro CPU hardware bug around its Scalable Matrix Extension implementation… ⌘ Read more
Git 2.54.0 released
Git maintainer Junio Hamano has announced
Git 2.54.0, which includes contributions from 137 people; 66 of those
people are first-time contributors to the project. Changes include the
addition of Git history rewriting, Git’s web interface (gitweb)
“has been taught to be mobile friendly”, and much more. See the
announcement for all improvements, additions, and bug fixes. Hamano
is now taking a short break:
I will go offline for a couple of weeks starting thi … ⌘ Read more
Fedora 44 Will Not Be Released Next Week
Fedora 44 final had been aiming for an early release target of 21 April, but due to outstanding blocker bugs, it’s now revised to target a release on 28 April… ⌘ Read more
Is Linux Mint In Trouble?
BrianFagioli writes: The developers behind Linux Mint say the project is rethinking its release strategy and moving toward a longer development cycle, with the next version now expected around Christmas 2026. In a monthly update, project lead Clement Lefebvre said the team reached a “crossroads” and needs more flexibility to fix bugs, improve the desktop, and adapt to rapid changes across the Linux ecosystem. The upcoming … ⌘ Read more
免安装 OpenClaw!复旦 NLP 团队把🦞搬进科研神器,复现论文竟然能全自动了!
复现一篇论文,你通常要花多久?配环境、装依赖、改 Bug,一通折腾下来,一周起步。现在,这件事,已经可以交给 AI 自动完成了。而且,是一只“龙虾”。 最近 AI 圈最火的莫过于那只无所不能的龙虾 OpenClaw,已经被复旦 NLP 团队悄悄塞进了一个科研工具里: 不少人还在苦恼如何配置复杂的环境 ⌘ Read more