devtake.dev
AI Security Hardware Open Source Policy Apple

#linux

RSS
Related: #kernel · 4 #security · 4 #open-source · 3 #ubuntu · 3 #canonical · 2 #dev-tools · 2 #privilege-escalation · 2 #supply-chain · 2 #ai-security · 1 #alpine-linux · 1
The microsoft/coreutils GitHub repository page
Open Source·

Microsoft is shipping Linux's core commands on Windows, built in Rust

Microsoft's Coreutils for Windows brings native ls, cp, and grep to Windows, built on the Rust uutils project. Here's what it is and why the Rust rewrite matters.

An Adapteva Parallella development board with an AMD/Xilinx Zynq FPGA SoC, representative of the hobbyist hardware the Vivado free tier targets.
Hardware·

AMD walled off Linux Vivado behind a paid tier. The free FPGA tier is now Windows only.

Vivado 2026.1 introduces a five-tier licensing model. The free BASIC tier supports Windows only; Linux requires the paid CORE tier. FPGA hobbyists are pushing back.

A Linux boot screen with kernel messages scrolling, used here as visual shorthand for the init-system layer where the Flatpak/systemd argument is happening.
Open Source·

Flatpak's next sandboxing milestone bolts it to systemd. Alpine and Void users get the bill.

Sebastian Wick and Adrian Vovk pitched systemd-appd at Linux App Summit on May 17. The cost of nested sandboxing is a hard systemd dependency in mainline Flatpak.

Doom running on Bazzite Linux on a handheld gaming device
Open Source·

Elizabeth Figura's NTSYNC driver shipped in Linux 6.14. Wine 11 retired esync and fsync over it.

Linux 6.14 merged the NTSYNC driver Elizabeth Figura wrote at CodeWeavers. SteamOS 3.7.20 loads it by default; Wine 11 went mainline on it. Here's what changed.

Wiz Research's disclosure page for the Dirty Frag Linux kernel privilege escalation vulnerability
Security·

A nine-year-old Linux kernel bug gives root in one command. No patch exists yet.

Dirty Frag chains two page-cache flaws in the ESP and RxRPC subsystems into a deterministic privilege escalation that hits every major distro. A PoC exploit is public.

Canonical Ubuntu logo on the canonical.com homepage, illustrating the company affected by the May 2026 DDoS attack.
Security·

A DDoS knocked Ubuntu's update servers offline. The Copy Fail patch landed in the same 24-hour window.

The 313 Team flooded Canonical's infrastructure starting May 1, blocking apt updates and the Ubuntu security API just as admins needed both.

The Copy Fail launch graphic showing a stylized terminal prompt and the title text on a dark background.
Security·

'Copy Fail' lets a 732-byte script grab root on Ubuntu, RHEL, and SUSE. Patched April 29.

CVE-2026-31431 chains AF_ALG and splice() to write into the page cache of /usr/bin/su. Xint Code disclosed it on April 29, nine years after the bug shipped.

Illustration accompanying Tom's Hardware coverage of the Linux kernel driver removal.
Open Source·

Linux 7.1 is yanking ham radio, ISDN, and ATM. The reason: AI bug-report spam.

Jakub Kicinski's networking pull request removes 138,161 lines of decades-old code. Kernel maintainers say LLM-generated bug reports made the old subsystems un-maintainable.

Ubuntu 26.04 LTS Resolute Raccoon desktop with GNOME 50
Open Source·

Ubuntu 26.04 LTS ships Wayland-only, Rust coreutils, and post-quantum SSH by default

Canonical released Ubuntu 26.04 'Resolute Raccoon' on April 23. It's the first LTS without X11, ships kernel 7.0 and GNOME 50, and sets post-quantum SSH on by default.