Walking through Dirty Pipe (CVE-2022-0847) from a 2026 angle: one uninitialized pipe_buffer.flags bit kept PIPE_BUF_FLAG_CAN_MERGE alive into splice'd pages, plus patched-kernel checks for distros and containers.
DirtyDecrypt PoC proves local root via Linux RxGK page cache writes on Fedora, Arch, and Tumbleweed with CONFIG_RXGK=y. NVD describes CVE-2026-31635 only as a DoS; Ubuntu LTS and Debian stable stock kernels are not affected. Check commands and container mitigation included.
Based on the 2025 Maintainers Summit consensus, coding-assistants.rst was merged into the Linux kernel, establishing rules for AI-assisted contributions: no Signed-off-by for AI, Assisted-by tag attribution, and full human responsibility.
Linux kernel 7.0-rc removes PREEMPT_NONE, causing a ~49% PostgreSQL throughput regression. The scheduler maintainer refuses to revert the change, demanding PostgreSQL adopt the new RSEQ timeslice extension instead. Ubuntu 26.04 LTS ships with this kernel.
An Anthropic researcher used Claude Code to scan the entire Linux kernel source and unearthed a 23-year-old remotely exploitable heap overflow in NFSv4.0. Technical breakdown plus a reality check on what it costs for ordinary users to replicate this.
