Linux Kernel Outlines What Qualifies As A Security Bug, Responsible AI Use
The Linux 7.1 kernel has added new documentation clarifying what qualifies as a security bug and how AI-assisted vulnerability reports should be handled. Phoronix reports: Stemming from the recent influx of security bugs to the Linux kernel as well as an uptick in bug and security reports from discoveries made in full or in pa … ⌘ Read more

Linux Kernel Adds Documentation For What Qualifies As A Security Bug, Responsible AI Use
Merged today for the Linux 7.1 kernel is some new documentation surrounding what qualifies as a security bug as well as around responsible use of AI for finding kernel bugs… ⌘ Read more

Mystery Microsoft Bug Leaker Keeps the Zero-Days Coming
An anonymous researcher known as Nightmare-Eclipse, who has already leaked several Windows zero-days this year, has disclosed two more: YellowKey and GreenPlasma. The Register reports: Nightmare-Eclipse described YellowKey as “one of the most insane discoveries I ever found.” They provided the files, which have to be loaded onto a USB drive, and if the attacker co … ⌘ Read more

Fragnesia Made Public As Latest Linux Local Privilege Escalation Vulnerability
A new Linux local privilege escalation flaw called Fragnesia has been disclosed as a Dirty Frag-like vulnerability, allowing arbitrary byte writes into the kernel page cache of read-only files through a separate ESP/XFRM logic bug. Phoronix reports: Proof of concept code for Fragnesia is already out there. There is a … ⌘ Read more

OpenZFS 2.4.2 Released With Linux 7.0 Kernel Support, Many Bug Fixes
For those making use of OpenZFS on Linux or FreeBSD, OpenZFS 2.4.2 is out today as the newest stable release of this ZFS file-system implementation… ⌘ Read more

Anthropic’s Bug-Hunting Mythos Was Greatest Marketing Stunt Ever, Says cURL Creator
cURL creator Daniel Stenberg says Anthropic’s hyped Mythos bug-hunting model found only one confirmed low-severity vulnerability in cURL, plus a few non-security bugs, after he expected a much longer list. He argues Mythos may be useful, but not meaningfully beyond other modern AI code-analysis tools. “My personal … ⌘ Read more

Fiber Optic Cables Can Eavesdrop On Nearby Conversations
sciencehabit shares a report from Science Magazine: Cold War spies planted bugs in walls, lamps, and telephones. Now, scientists warn, the cables themselves could listen in. A fiber optic technique used to detect earthquakes can also pick up the faint vibrations of nearby speech, researchers reported this week here at the general assembly of the European Geos … ⌘ Read more

FreeBSD 15.1 Beta 2 Brings Updated Zstd, Bug Fixes
FreeBSD 15.1 continues working its way toward a stable release in June. Out today is FreeBSD 15.1 Beta 2… ⌘ Read more

New Linux ‘Dirty Frag’ Zero-Day Gives Root On All Major Distros
mrspoonsi shares a report: Dirty Frag is a vulnerability class, first discovered and reported by Hyunwoo Kim (@v4bel), that can obtain root privileges on major Linux distributions by chaining the xfrm-ESP Page-Cache Write vulnerability and the RxRPC Page-Cache Write vulnerability. Dirty Frag extends the bug class to which Dirty Pipe and Copy Fail be … ⌘ Read more

Dirty Frag Vulnerability Made Public Early: Root Privilege On All Distributions
One week after the Copy Fail vulnerability, a new Linux local privilege escalation bug has been made public. This time around there are no patches or CVEs yet for this “Dirty Frag” vulnerability as the embargo was broken early and thus the security researcher went ahead and published earlier than anticipated… ⌘ Read more

US Government Warns of Severe CopyFail Bug Affecting Major Versions of Linux
An anonymous reader quotes a report from TechCrunch: A severe security vulnerability affecting almost every version of the Linux operating system has caught defenders off-guard and scrambling to patch after security researchers publicly released exploit code that allows attackers to take complete control of vulnerable sys … ⌘ Read more

Linux 7.1-rc2 Released With Audio Fix For Steam Deck OLED, Other Fixes
Linux 7.1-rc2 is out for testing with its accumulation of initial bug and regression fixes that have been collected over the past week since the Linux 7.1 merge window was capped off… ⌘ Read more

Hackers Are Actively Exploiting a Bug In cPanel, Used By Millions of Websites
Hackers are actively exploiting a critical cPanel and WHM vulnerability, tracked as CVE-2026-41940, that allows remote attackers to bypass the login screen and gain full administrative access to affected web servers. Major hosts including Namecheap, HostGator, and KnownHost have taken mitigation steps or patched systems, bu … ⌘ Read more

New Linux ‘Copy Fail’ Vulnerability Enables Root Access On Major Distros
A newly disclosed Linux kernel flaw dubbed “Copy Fail” can let a local, unprivileged attacker gain root access on major Linux distributions, with researchers claiming the bug affects kernels shipped since 2017. “The POC exploit works out of the box today, but a future version that can escape from containers like Docker is promised soon … ⌘ Read more

Linux’s sched_ext Sees A Bunch Of Bug Fixes Following Increased AI Code Review
Just days after the Linux 7.1-rc1 kernel release, the Linux kernel’s extensible scheduler class “sched_ext” is seeing a lot of bug fixes. Many of these bug fixes aren’t just from the Linux 7.1 merge window but a number date back many kernel cycles. This uptick in bug fixes for sched_ext is coming due to increased AI code review… ⌘ Read more

XWayland 24.1.11 Brings Crash Fixes
Red Hat’s Olivier Fourdan announced today the availability of XWayland 24.1.11 that brings a few bug/regression fixes… ⌘ Read more

The New Linux Kernel AI Bot Uncovering Bugs Is A Local LLM On Framework Desktop + AMD Ryzen AI Max
Earlier this month on Phoronix we were the first to draw attention to a new fuzzing tool / AI bot uncovering kernel bugs by Greg Kroah-Hartman, the “second in command” for Linux kernel development and stable maintainer. Greg has now shared more light on the “gregkh_clanker_t1000” for this tool that has been uncovering more Linux kernel bugs the past few weeks… ⌘ Read more

Legacy NVIDIA xf86-video-nv Driver Sees First Release In Years
The legacy xf86-video-nv driver for user-space mode-setting on old NVIDIA GPUs is out with a rather rare release and the first in over two years with a collection of different bug fixes… ⌘ Read more

Farewell ISDN, Ham Radio & Old Network Drivers: Linus Torvalds Merges 138k L.O.C. Removal
Linus Torvalds did it! He merged the pull request to rid the Linux kernel of the old Integrated Services Digital Network (ISDN) subsystem and various other old network drivers largely for PCMCIA era network adapters. This was the code suggested for removal given the recent influx of AI/LLM-generated bug reports against this dated code that likely has no active upstream users remaining… ⌘ Read more

Linux 7.1 Removes Drivers For Long Obsolete Input Hardware: Bye Bus Mouse Support
Beyond Linux looking to remove old drivers due to the surge of AI/LLM bug reports, the Linux 7.1 kernel is also removing some old hardware drivers simply on the basis of long obsolete hardware. The input subsystem saw several drivers removed this week for decades old hardware… ⌘ Read more

Pull Request For Linux To Remove Old Network Drivers, ISDN Subsystem Due To AI/LLM Noise
It was just days ago we reported on a proposal to drop old network drivers due to AI-driven bug reports becoming a burden on upstream kernel developers. Last night that culminated with an initial pull request to clear out some old, unused networking drivers plus also clearing out the entire ISDN subsystem and more… ⌘ Read more

Apple Stops Weirdly Storing Data That Let Cops Spy On Signal Chats
Apple has fixed a bug that could cause parts of Signal notifications to remain stored on iPhones even after messages disappeared and the app was deleted. “Affected users concerned about push notifications can update their devices to stop what Apple characterized as ‘notifications marked for deletion’ that ‘could be unexpectedly retained on the … ⌘ Read more

Linux 7.1 Removes Some Obsolete PCMCIA Drivers That Likely Haven’t Been Used In Years
In addition to some network drivers on the chopping block due to AI bug reports for obsolete hardware/drivers and Linux 7.1 dropping various drivers for Russia’s Baikal CPUs, the Linux 7.1 kernel as of today also dropped some obsolete PCMCIA host controller drivers… ⌘ Read more

Mozilla Uses Anthropic’s Mythos To Fix 271 Bugs In Firefox
BrianFagioli writes: Mozilla says it used an early version of Anthropic’s Claude Mythos Preview to comb through Firefox’s code, and the results were hard to ignore. In Firefox 150, the team fixed 271 vulnerabilities identified during this effort, a number that would have been unthinkable not long ago. Instead of relying only on fuzzing tools or human review, … ⌘ Read more

Linux May Drop Old Network Drivers Now That AI-Driven Bug Reports Are Causing A Burden
Old network maintenance drivers are becoming a maintenance burden in the era of fuzzing and predominantly AI-driven bug detection causing an uptick in possible bug/security reports to upstream Linux kernel developers but with these drivers potentially having no actual users… ⌘ Read more

Linux 7.1 Lands Workaround For Arm C1-Pro Erratum
Merged yesterday to the Linux 7.1 kernel is a workaround for an Arm C1-Pro CPU hardware bug around its Scalable Matrix Extension implementation… ⌘ Read more

Fedora 44 Will Not Be Released Next Week
Fedora 44 final had been aiming for an early release target of 21 April, but due to outstanding blocker bugs, it’s now revised to target a release on 28 April… ⌘ Read more

Is Linux Mint In Trouble?
BrianFagioli writes: The developers behind Linux Mint say the project is rethinking its release strategy and moving toward a longer development cycle, with the next version now expected around Christmas 2026. In a monthly update, project lead Clement Lefebvre said the team reached a “crossroads” and needs more flexibility to fix bugs, improve the desktop, and adapt to rapid changes across the Linux ecosystem. The upcoming … ⌘ Read more

Eehhh, what the hell is going on here!?

SELECT
    printf("0x%x", (1 << 63) - 2),
    printf("0x%x", (1 << 63) - 1),
    printf("0x%x",  1 << 63     ),
    printf("0x%x", (1 << 63) + 1),
    printf("0x%x", (1 << 63) + 2)

SQLite yields:

0x8000000000000000 (instead of 0x7ffffffffffffffe)
0x8000000000000000 (instead of 0x7fffffffffffffff)
0x8000000000000000 (correct)
0x8000000000000001 (correct)
0x8000000000000002 (correct)

Huh!? O_o Am I stupid? What am I missing here? Or is this actually a bug? :-?

With 62 bits, everything is spot on:

0x3ffffffffffffffe
0x3fffffffffffffff
0x4000000000000000
0x4000000000000001
0x4000000000000002

And 64 bits rather unsurprisingly also yield:

0xfffffffffffffffe
0xffffffffffffffff
0x0
0x1
0x2

Linux’s Second-In-Command Turns To New Fuzzing Tools For Uncovering Kernel Bugs
Greg Kroah-Hartman, the main Linux stable kernel maintainer and typically viewed as the second-in-command to the Linux kernel development, has turned to new “gregkh_clanker_t1000” fuzzing tooling to help uncover new kernel bugs… ⌘ Read more

Internet Bug Bounty Pauses Payouts, Citing ‘Expanding Discovery’ From AI-Assisted Research
The Internet Bug Bounty program “has been paused for new submissions,” they announced last week.

Running since 2012, the program is funded by “a number of leading software companies,” reports InfoWorld, “and has awarded more than $1.5m to researchers who have reported bugs “

Up to now, 80% of its p … ⌘ Read more

Linux 7.0-rc7 Adding More Documentation For AI Tools To Send Better Security Bug Reports
For helping with the increase of AI tools scouring the Linux kernel source tree and sending security bug reports, a pull request sent today ahead of the Linux 7.0-rc7 improves the documentation to better guide AI agents – and anyone reading the documentation – how to send better quality bug reports… ⌘ Read more

Linux Fixes Performance Bug Affecting Qualcomm Ath11k & Ath12k WiFi Drivers
Sent out today were the networking subsystem fixes for the ongoing Linux 7.0 kernel. These networking fixes in time for Sunday’s Linux 7.0-rc7 release include addressing performance issues within the Qualcomm Ath11k and Ath12k WiFi drivers that have always existed ever since the drivers were upstreamed… ⌘ Read more

Linux 7.0-rc6 Released With The Fixes Still Coming In Heavy
Linux 7.0-rc6 was just released in quickly working toward the stable Linux 7.0 release in mid-April. This was another busy week with lots of bug fixes… ⌘ Read more

RadeonSI Driver Lands Fixes For EDuke32 For Those Wanting To Enjoy Duke Nukem 3D In 2026
It’s fairly rare for the RadeonSI Gallium3D driver to hit OpenGL rendering game bugs these days as besides more games going opting for Vulkan API use, RadeonSI is rather robust and very mature at this stage. Recently though a Linux gamer that upgraded to a Radeon RX 9070 XT RDNA4 graphics card noticed that the open-source EDuke32 Duke Nukem 3D build and its derivatives were failing to render properly with the RadeonSI driver… ⌘ Read more

GIMP 3.2.2 Released With Minor UI/UX Updates & Bug Fixes
It was just two weeks ago that GIMP 3.2 released, one year after the big GIMP 3.0 debut. Out today is GIMP 3.2.2 with various bug fixes, plug-in / file format handling updates, and some minor UI/UX work… ⌘ Read more

Linux Maintainer Greg Kroah-Hartman Says AI Tools Now Useful, Finding Real Bugs
Linux kernel maintainer Greg Kroah-Hartman tells The Register that AI-driven code review has “really jumped” for Linux. “There must have been some inflection point somewhere with the tools…”

“Something happened a month ago, and the world switched. Now we have real reports.” It’s not just Linux, he continued. “All … ⌘ Read more

ASUS Armoury & HP WMI Drivers Add More Laptops Ahead Of Linux 7.0-rc6
Merged today was another round of platform-drivers-x86 changes for the ongoing Linux 7.0 cycle. There are bug fixes plus some new hardware support additions that make this merge notable. Due to the new hardware support amounting to just device IDs and not risking existing hardware support, it’s fine for merging at this late stage of Linux 7.0 development… ⌘ Read more

AMD ROCm 7.2.1 Released With Ubuntu 24.04.4 LTS Support, Bug Fixes
Building off the release of ROCm 7.2 from January, ROCm 7.2.1 is now available with Ubuntu 24.04.4 LTS support as well as various bug fixes to this open-source AMD Radeon/Instinct GPU compute stack… ⌘ Read more

New Windows 11 Bug Breaks Samsung PCs, Blocking Access To C: Drive
Longtime Slashdot reader UnknowingFool writes: Users of Samsung PCs are reporting the inability to access the C: drive after the Windows 11 February update. The bug seems to be in connection with the Samsung Galaxy Connect app, which allows Samsung phones and tablets to connect to Windows machines. [A previous stable version of the app has been … ⌘ Read more

SaaS Apocalypse Could Be OpenSource’s Greatest Opportunity
Longtime Slashdot reader internet-redstar writes: Nearly a trillion dollars has been wiped from software stocks in 2026, with hedge funds making billions shorting Salesforce, HubSpot, and Atlassian. At FOSDEM 2026, cURL maintainer Daniel Stenberg shut down his bug bounty program after AI-generated slop overwhelmed his team. A new article on HackerNoon argues … ⌘ Read more

@rdlmda@rdlmda.me Oh boy, what a story! The infrastructure is indeed in need of overhaul. I’m glad you were so lucky in these circumstances.

(Btw. you posted the same message twice with just five seconds apart. I’m replying to the later one. Not sure if this is a client bug (like attempting to edit) or just operator error. ;-))

Debian 13.4 Released With Dozens Of Fixes
Debian 13.4 rolled out today with dozens of security fixes and other general bug fixes with the updated install media for Debian 13 Trixie… ⌘ Read more

Hmm I think it’s a bug in the Javascript. It’s meant to be ![title](url)

Claude AI Finds Bugs In Microsoft CTO’s 40-Year-Old Apple II Code
An anonymous reader quotes a report from The Register: AI can reverse engineer machine code and find vulnerabilities in ancient legacy architectures, says Microsoft Azure CTO Mark Russinovich, who used his own Apple II code from 40 years ago as an example. Russinovich wrote: “We are entering an era of automated, AI-accelerated vulnerability discov … ⌘ Read more

@movq@www.uninformativ.de Luckily, I’ve never encountered any bugs in Vim with my type of work and features I use.

@lyse@lyse.isobeef.org Yah, I don’t really know what to do about it. I’ll probably keep using Vim as it is – until there are bugs. And then we’ll see. Build an older version from source maybe?

I’ve been using Vim for such a long time now, I have very little motivation to switch. 🫤

How Anthropic’s Claude Helped Mozilla to Improve Firefox’s Security
“It took Anthropic’s most advanced artificial-intelligence model about 20 minutes to find its first Firefox browser bug during an internal test of its hacking prowess,” reports the Wall Street Journal.

The Anthropic team submitted it, and Firefox’s developers quickly wrote back: This bug was serious. Could they get on a call? “What else do yo … ⌘ Read more

KDE Plasma Saw A Lot Of Bug/Crash Fixing & UI Polishing This Week
Nate Graham and John Veness are out today with the newest issue of This Week in Plasma. Notable for KDE Plasma 6.6.x~6.7 development this week were a lot of bug fixing – including multiple crash fixes – and some UI polishing too… ⌘ Read more

AI Can Find Hundreds of Software Bugs – Fixing Them Is Another Story
Anthropic last week promoted Claude Code Security, a research preview capability that uses its Claude Opus 4.6 model to hunt for software vulnerabilities, claiming its red team had surfaced over 500 bugs in production open-source codebases – but security researchers say the real bottleneck was never discovery.

Guy Azari, a former securi … ⌘ Read more