Hardware leftovers/projects

Red Hat leftovers

Little community left

Instructionals/Technical posts

Stack for displays and more

Linux news

poor coverage

A new Linux local privilege escalation flaw called Fragnesia has been disclosed as a Dirty Frag-like vulnerability, allowing arbitrary byte writes into the kernel page cache of read-only files through a separate ESP/XFRM logic bug. Phoronix reports: Proof of concept code for Fragnesia is already out there. There is a two-line patch for addressing the issue within the Linux kernel's skbuff.c code. That patch hasn't yet been mainlined or picked up by any mainline kernel releases but presumably will be in short order for addressing this local privilege escalation issue. More details can be found here.

Read more of this story at Slashdot.

The upcoming Debian 14 “Forky” operating system series will ship with reproducible package builds and official support for the LoongArch64 architecture.

Evropska komisija v boju proti zasvojljivim platformam napoveduje akt o digitalni poštenosti

• Matej Huš :: 13. maj 2026 ob 20:42
• Tožbe

Slo-Tech - Predsednica Evropske komisije je včeraj dejala, da bo EU ukrepala proti zasvojljivim dizajnom platform, kot so Instagram, TikTok in X. Nekatere države v regiji, denimo Francija, Norveška in Turčija, se že pripravljajo na uvedbo starostnih omejitev za uporabo teh platform, napoveduje pa se tudi panevropska ureditev. Ursula von der Leyen pravi, da ni vprašanje, ali naj imajo mladi dostop do družbenih omrežij, temveč ali naj imajo družbena omrežja dostop do mladih. Tveganja so znana in resna: pomanjkanje spanja, depresija, anksioznost, zasvojenost, trpinčenje, nadlegovanje, izkoriščanje, zlorabe, (samo)poškodvanje in samomori. Več na Slo-Techu.

Južna Koreja razmišlja o digitalni dividendi

• Matej Huš :: 13. maj 2026 ob 20:42
• Industrijska lastnina

Slo-Tech - Južnokorejsko gospodarstvo je zaradi naraščajočih cen pomnilnika dobilo pospešek, saj gre Samsungu in SK Hynixu nepričakovano odlično, od česar bodo spočetka največ imeli zaposleni v teh dveh podjetjih. A pomnilnik ni edini motor rasti, saj razmah umetne inteligence k dobičkom prispeva tudi širše, zato se postavlja vprašanje, kako jih pravično deliti: naj imajo od novonastalega bogastva kaj tudi prebivalci ali pretežno lastniki kapitala. Več na Slo-Techu.

Google predstavil Googlebook

• Matej Huš :: 13. maj 2026 ob 20:41
• Android

Slo-Tech - Google je napovedal novo linijo prenosnih računalnikov, ki bodo nadomestili chromebooke ter združujejo tudi operacijska sistema ChromeOS in Android. Nova družina se imenuje preprosto Googlebook in predstavlja stavo na enovit ekosistem, ki je bil roko na srce že sedaj precej dobro integriran. Več informacij bodo razkrili prihodnji teden na dogodku Google I/O, že sedaj pa so znane osnove. Več na Slo-Techu.

Since Intel Meteor Lake has been the Intel Silicon Security Engine to serve as a silicon root-of-trust for secure firmware loading, boot measurements, and similar functionality. This Intel Silicon Security Engine has been built on with Lunar Lake and Panther Lake as well as set to take on more importance with future Intel hardware platforms. We are now seeing a Linux driver come for this silicon RoT with the Intel Silicon Security Engine Interface (ISSEI)...

A push by Red Hat employees to create a Fedora "AI Developer Desktop" with support for out-of-tree kernel drivers and AI toolkits has been met with objections from some long-time members of the Fedora community. After more than a month of sometimes heated discussion, the Fedora Council had voted to approve the initiative; however, a last-minute change to vote against the proposal by council member Justin Wheeler has (at least temporarily) sent it back to the drawing board.

Following last week's disclosure of the Dirty Frag vulnerability for the Linux kernel, which only finished being patched up in mainline on Monday, Fragnesia is now public as a similar local privilege escalation (LPE) vulnerability...

Sam James has sent an announcement to the OSS Security mailing list about another local-privilege-escalation (LPE) exploit in the same class as Dirty Frag, called "Fragnesia". From the disclosure:

This is a separate bug in the ESP/XFRM from dirtyfrag which has received its own patch. However, it is in the same surface and the mitigation is the same as for dirtyfrag.

It abuses a logic bug in the Linux XFRM ESP-in-TCP subsystem to achieve arbitrary byte writes into the kernel page cache of read-only files, without requiring any race condition.

James noted that there is a patch in the works, but it has not yet been pulled into Linus Torvalds's tree nor into any of the stable kernels. A proof of concept exploit is also available.

not looking inspiring

When Brendan Jackman proposed a session for the 2026 Linux Storage, Filesystem, Memory Management, and BPF Summit, his topic was "a pagetable library for the kernel". During the actual memory-management-track session, though, he stated that the idea had "fizzled" and he was going to cover related topics instead. What resulted was a session on ways to efficiently manage pages that are not present in the kernel's direct map.

GCC 16.1 released at the end of April as the latest major, annual feature release to the GNU Compiler Collection. Early benchmarks showed some nice leads for GCC 16 over GCC 15. Continued testing of the new GCC 16 compiler has continued to show overall better performance of the resulting binaries than using GCC 15 on the same hardware and same compiler flags. That led many to wonder about the GCC 16 performance up against the latest LLVM/Clang open-source compiler, which is the focus of today's benchmarking showdown.

RC3 is ready