LWN.net

The kernel's page cache is charged with maintaining pages (or, morecorrectly, folios) containing copies ofdata from files in the filesystem; its performance has a big effect on theperformance of the system as a whole. One of the key decisions the kernelmust make is when to evict folios from the page cache. At the 2026 Linux Storage,Filesystem, Memory Management, and BPF Summit, Tal Zussman ran amemory-management-track session on how the page cache could be bettercustomized for specific workloads. It will not be much of a spoiler to saythat it involves BPF.

A major page fault occurs when a process attempts to access a page that isnot currently present in RAM; satisfying such faults usually involves I/O, and can thus take some time. When many threadssharing an address space are generating page faults, the result can besignificant lock contention while that I/Otakes place. During the memory-management track at the 2026 Linux Storage,Filesystem, Memory Management, and BPF Summit, Barry Song led a sessionto try, yet again, to find an enduring solution to this problem.

Security updates have been issued by AlmaLinux (firefox), Debian (chromium, nss, openvpn, and thunderbird), Fedora (cockpit, kernel, and linux-firmware), Oracle (gdk-pixbuf2, kernel, and libsndfile), SUSE (container-suseconnect, cpp-httplib, dnsmasq, firefox, glibc, GraphicsMagick, java-1_8_0-openj9, kernel, mozjs115, php8, python-urllib3, rekor, rootlesskit, rsync, tiff, ucode-intel, util-linux, and xz), and Ubuntu (bind9, bubblewrap, libarchive, linux-intel-iot-realtime, postgresql-14, postgresql-16, postgresql-17, postgresql-18, and xdg-desktop-portal).

Michael Catanzaro has disclosed acommand-injection vulnerability affecting a number of GTK-based PDFreaders; exploits included:

Jose Marchesi and the GCC-BPF developers opened the BPF track at the 2026Linux Storage,Filesystem, Memory-management, and BPF Summitwith a 90-minute summary of what has changed for GCC's BPF support in the past year.This kind of session has become something of a tradition. There were similarupdates in2025 and2024. This time around, GCC seems to be closing in onfeature parity with the LLVM toolchain - as the slides detail.

The OpenBSD 7.9 release isout, right on schedule. There is the usual long list of new features,including improved architecture support, CPU scheduling on heterogeneoussystems, the ability to hibernate a suspended system after a configurabledelay, socket splicing, a__pledge_open()system call giving special access to the C library, and much more. See theannouncement and the fullchangelog for details.

Gregory Price started his session in the memory-management track of the2026 Linux Storage,Filesystem, Memory Management, and BPF Summit by saying that, incurrent kernels, if a NUMA node has memory, the assumption is that anybody canmake use of it. He is trying to implement the opposite policy - to makesome memory off-limits for all processes except those designed specificallyto use it. The session was used to present his goals and to discuss howthey might be implemented.

Security updates have been issued by AlmaLinux (kernel, kernel-rt, and libsndfile), Debian (bind9, evince, firefox-esr, openjpeg2, pdns, and rsync), Fedora (erlang-cowlib, evince, expat, firefox, kernel, mingw-expat, mysql8.0, mysql8.4, nss, opencryptoki, pgadmin4, proftpd, python-django5, python-django6, python-dotenv, rsync, rust-nu, rustup, and strongswan), Oracle (nginx, nginx:1.24, ruby, ruby:3.3, and squid), Slackware (bind and rsync), SUSE (buildah, distribution, distribution-registry, docker, firefox-esr, helm, libpainter0, libsdb2_4_2, postgresql-jdbc, runc, and vim), and Ubuntu (gnutls28, gst-plugins-good1.0, jq, linux-nvidia, linux-nvidia-lowlatency, openvpn, rsync, and unbound).

Inside this week's LWN.net Weekly Edition:

"Reclaim" is the task of finding memory that can be taken away from itscurrent user and put to better uses within the system; it is a core part ofthe memory-management picture. The addition of the multi-generational LRU (MGLRU) was meant toprovide a better reclaim implementation than the "traditional LRU" thatpreceded it, but MGLRU has complicated the situation instead. No fewer thanthree memory-management-track sessions at the 2026 Linux Storage,Filesystem, Memory Management, and BPF Summit were focused on MGLRU,with an eye toward integrating it more fully, improving its performance,and addressing some problems encountered with Android systems.

Security updates have been issued by AlmaLinux (kernel, libpng, nginx, nginx:1.24, ruby, and ruby:3.3), Debian (gnutls28 and linux-6.1), Fedora (dnsmasq, kernel, keylime-agent-rust, perl-Net-CIDR-Lite, python-pysam, python-urllib3, rust-cargo-vendor-filterer, rust-ingredients, rust-oo7-cli, rust-rpki, rust-sevctl, and rust-tealdeer), Mageia (bind), Oracle (bind, giflib, gimp:2.8, kernel, libpng, rsync, ruby, and vim), Slackware (haveged and mozilla), SUSE (cockpit, dnsmasq, erlang26, freeipmi, git-bug, glibc, GraphicsMagick, haveged, ImageMagick, iproute2, kernel, openssh, perl-CryptX, perl-HTTP-Tiny, postgresql14, postgresql15, postgresql16, python-Pillow, rsync, tiff, and traefik), and Ubuntu (Highlight.js, linux, linux-aws, linux-aws-5.15, linux-aws-fips, linux-fips, linux-gcp, linux-gcp-fips, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-intel-iotg, linux-intel-iotg-5.15, linux-kvm, linux-nvidia, linux-nvidia-tegra, linux-nvidia-tegra-5.15, linux-oracle, linux-raspi, linux-realtime, linux, linux-aws, linux-aws-fips, linux-bluefield, linux-fips, linux-gcp, linux-gcp-5.4, linux-gcp-fips, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-xilinx-zynqmp, linux, linux-aws, linux-aws-fips, linux-fips, linux-gcp-4.15, linux-gcp-fips, linux-kvm, linux-oracle, linux, linux-aws, linux-aws-fips, linux-gcp, linux-gcp-fips, linux-gke, linux-gkeop, linux-ibm, linux-ibm-6.8, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-raspi, linux-raspi-realtime, linux-realtime, linux-realtime-6.8, linux, linux-aws, linux-hwe-6.17, linux-oem-6.17, linux-oracle, linux-raspi, linux-realtime, linux-realtime-6.17, and smarty3).

The OpenPGP Email Summit isan annual meeting for those who work on encrypted email and relatedtopics. The tenthinstallment of this meeting took place in March 2026 and the minuteshave now been published. As usual, a wide range of topics werediscussed. Highlights included support for post-quantum cryptography(PQC) with multiple actors planning rollouts within this year, apromising new approach for making email signatures ubiquitous with theplan of making OpenPGP signed email a default, a new draft that bringsreliable deletion (or "forward secrecy") features to OpenPGP, as wellas a plan for transferring ownership of the OpenPGP.org domain.

Version151.0 of the Firefox browser has been released. Significant changesinclude the ability to clear and restart a private-browsing session, betterfingerprinting protection, control over the apparent location when using theFirefox VPN, and more.

Many people in the Linux community began using the operating system-andcontributing to open source-at a tender age, often well beforetheir 16th birthday. Thus, a recent change in openSUSE's terms of site (ToS)that required users of the project's web site to be "at least 16years of age or the age of majority" in their jurisdiction hasraised objections. The terms have since been modified, though usersmust still have parental approval to create accounts if they areyounger than 16.

The kernel's this_cpuoperations are meant to speed access to per-CPU variables. They aremore optimal on some CPUs than others, though. During amemory-management-track session at the 2026 Linux Storage,Filesystem, Memory Management, and BPF Summit, Yang Shi proposed afundamental, and somewhat controversial, change to how these operationswork in order to provide better performance on a wider range of architectures.

ComputeExpress Link (CXL) is a technology intended to enable the provision of"memory nodes" in data centers that provide (possibly shared) memory tonearby CPUs. It has, Dan Williams said at the beginning of hismemory-management-track session on the topic at the 2026 Linux Storage,Filesystem, Memory Management, and BPF Summit, "been makingmemory-management problems worse since 2021". He used the session toprovide an overview of the ways in which CXL can be expected to extend thatrecord into the future.

There are many places in the kernel where performance can be improved byusing per-CPU data. But, as it turns out, the kernel's allocator forper-CPU data has some performance problems of its own. Harry Yoo led asession in the memory-management track of the 2026 Linux Storage,Filesystem, Memory Management, and BPF Summit to explore ways toaddress those problems and accelerate the allocation and initialization ofper-CPU data.

Security updates have been issued by AlmaLinux (libpng and nginx), Debian (erlang, netatalk, and nginx), Fedora (mod_md and SDL2_image), Mageia (perl-libwww-perl, perl-HTTP-Message, perl-WWW-Mechanize-Cached, perl-File-XDG, perl-Path-Tiny, perl-YAML-Syck, postgresql15, and rclone), SUSE (agama, alloy, cacti, cloud-init, dnsmasq, emacs, firefox, glibc, go1.25, go1.26, google-cloud-sap-agent, google-guest-agent, ibus-rime, librime, imagemagick, kernel, libsndfile, nginx, ongres-scram, ongres-stringprep, plexus-testing,, openexr, openssh, PackageKit, perl-Text-CSV_XS, php-composer2, php8, postgresql16, postgresql18, python-lxml, python-python-multipart, python3, python311-urllib3, rmt-server, rsync, tiff, tree-sitter, util-linux, and xen), and Ubuntu (linux, linux-aws, linux-aws-5.4, linux-aws-fips, linux-azure, linux-azure-5.4, linux-azure-fips, linux-bluefield, linux-fips, linux-gcp, linux-gcp-5.4, linux-gcp-fips, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-iot, linux-kvm, linux-oracle, linux-oracle-5.4, linux-xilinx-zynqmp, linux, linux-aws, linux-kvm, linux-lts-xenial, linux-nvidia-tegra, linux-nvidia-tegra-5.15, linux-raspi, and linux-xilinx-zynqmp).

In April, David Steele, maintainer of the popular pgBackRest backup and restore project forPostgreSQL, announced that he had archivedthe project and it would no longer be maintained due to lack ofsponsorship. On May18, he announcedthat a number of sponsors have stepped forward to ensure its continueddevelopment:

The kernel's swap subsystem is charged with managing anonymous pages insecondary storage when those pages are (hopefully) not being used and thememory they occupy is needed elsewhere. This long-unloved subsystem hasseen a resurgence of developer interest in recent times, so it is notsurprising that it was the topic of three separate sessions in thememory-management track at the2026 Linux Storage,Filesystem, Memory Management, and BPF Summit. Two of those sessionswere concerned with improving the performance and maintainability of theswap code, while one (shared with the storage track) was about how swappingcould be friendlier to solid-state storage devices.

Security updates have been issued by AlmaLinux (freerdp, gimp:2.8, jq, kernel, and rsync), Debian (chromium, ffmpeg, firewalld, kernel, nginx, openjpeg2, openssh, php7.4, and redis), Fedora (apptainer, chromium, coturn, dnsmasq, firefox, kernel, libgit2_1.8, libmetal, nginx, nginx-mod-brotli, nginx-mod-fancyindex, nginx-mod-headers-more, nginx-mod-js-challenge, nginx-mod-modsecurity, nginx-mod-naxsi, nginx-mod-vts, open-amp, perl-Net-CIDR-Lite, pgbouncer, pypy, python-jupytext, python-uv-build, rsync, rust-astral-tokio-tar, uriparser, uv, valkey, and yelp), Mageia (dpkg, firefox, thunderbird, golang, haproxy, and samba), Slackware (dnsmasq and kernel), and SUSE (apache-commons-configuration2, apache2, apptainer, chromedriver, cups-filters, curl, dnsmasq, expat, ffmpeg-4, ffmpeg-7, firebird, firewalld, flux2-cli, glibc, go1.25, go1.26, gosec, grub2, ImageMagick, java-11-openj9, java-17-openj9, java-1_8_0-openj9, java-1_8_0-openjdk, java-21-openj9, java-25-openj9, kdenlive, kernel, kernel-devel, keylime-config, krb5, libIex-3_4-33, mozjs115, mozjs78, nginx, openssh, openvswitch, ovmf, PackageKit, perl-Crypt-URandom, perl-CryptX, perl-libwww-perl, perl-Net-CIDR-Lite, perl-Text-CSV_XS, podman, postgresql17, postgresql18, python-pyOpenSSL, python310, rsync, sed, tekton-cli, valkey, xen, and zypper-docker).

The 7.1-rc4 kernel prepatch is out fortesting.

We have receivedword that Peter G. Neumann, who, among many other things, ran the RISKS Digest for decades, haspassed away. He will be much missed.Update: the New York Times has published anobituary of Dr. Neumann.

The 7.0.9,6.18.32,6.12.90, and6.6.140 stable kernels have been released.Each contains yet another set of important fixes.

Roman Gushchin began his session in the memory-management track of the2026 Linux Storage,Filesystem, Memory Management, and BPF Summit by saying that thecommunity has seen a lot of proposals adding BPF-based interfaces formemory management. None of them have made their way into the mainline,though. He wanted to explore the ways in which BPF might be helpful andthe obstacles that have kept BPF-based solutions out so far. This sessionwas followed by a discussion led by Shakeel Butt on what the requirementsfor a new, BPF-based interface for memory control groups might look like.

Greg Kroah-Hartman has announced the 7.0.8, 6.18.31, 6.12.89, 6.6.139, 6.1.173, 5.15.207, and 5.10.256 stable kernels. These kernelscontain a patch for CVE-2026-46333a vulnerability reportedby the Qualys Security Advisory team, though Jann Horn proposeda patch in 2020. The vulnerability has a proof-of-conceptexploit published already. Some of the kernels have additionalpatches for other bugs; as always, users are advised to upgrade.

Recent times have seen a lot of effort put into the implementation of the kexec handover and live update orchestratorfeatures in the Linux kernel. But that work is not yet complete. At the2026 Linux Storage,Filesystem, Memory Management, and BPF Summit, Pratyush Yadav led amemory-management-track session on adding the ability to preserve hugetlbfs-providedmemory during the live-update process.

Security updates have been issued by Debian (ffmpeg, gsasl, nodejs, postgresql-15, postgresql-17, python3.9, and thunderbird), Fedora (expat, firefox, freerdp, GitPython, kernel, php, rust-podman-sequoia, rust-rpm-sequoia, rust-sequoia-chameleon-gnupg, rust-sequoia-git, rust-sequoia-keystore-server, rust-sequoia-octopus-librnp, rust-sequoia-openpgp, rust-sequoia-sop, rust-sequoia-sq, and rust-sequoia-sqv), Mageia (awstats, libreoffice, perl-HTTP-Tiny, and tomcat), Oracle (corosync, freerdp, gimp, git-lfs, glib2, jq, kernel, krb5, libsoup3, libtiff, openexr, thunderbird, uek-kernel, and yggdrasil), Red Hat (podman and skopeo), SUSE (amazon-ssm-agent, avahi, c-ares, cairo, containerd, cpp-httplib, dnsmasq, dovecot24, ffmpeg-4, firefox, helm, ImageMagick, iproute2, kernel, krb5, libtpms, ongres-scram, ongres-stringprep, plexus-testing, maven, maven-doxia, mojo-parent, sisu, openCryptoki, openssh, perl-Text-CSV_XS, php8, python-lxml, python-Twisted-doc, python311-click, python311-GitPython, rclone, regclient, and syncthing), and Ubuntu (avahi).

The kernel's control-groupsubsystem works well for resource management, Chris Li said at thebeginning of his memory-management-track session at the 2026 Linux Storage,Filesystem, Memory Management, and BPF Summit. Control groups workless well for other use cases, though. He was there to present hisproposed enhancement, called "policy groups", that would address some ofthe shortcomings that he has encountered. A consensus on how this featureshould look still seems distant, though.

In back-to-back sessions at the start of the 2026 Linux Storage,Filesystem, Memory Management, and BPF Summit (which spilled over intoa third slot), the atomic-buffered-writesfeature was discussed. In the first session, Pankaj Raghav and AndresFreund set the stage with an introduction to the problem, along with a usecase for its solution: the PostgreSQL database system. In the second, Ojaswin Mujoodescribed a potential way forward for the feature using an approach basedon writethrough, which effectively means that the kernel immediately writesthe data to disk instead of waiting for writeback from the page cache to occur. As might beexpected, there was quite a bit of discussion among the assembledfilesystems and storage developers during the combined sessions for thosetracks.

Greg Kroah-Hartman has announced the release of the 7.0.7, 6.18.30, and 6.12.88 stable kernels. These kernels donot include a patch for the Fragnesialocal-privilege-escalation exploit that came to light onMay13, but do include many other important fixes throughout thetree. Users are, as always, advised to upgrade.

The kernel's reverse-mapping machinery is charged with locating thepage-table entries that refer to a given page in memory. The reversemapping of anonymous pages is handled differently than for file-backedpages. The kernel's implementation of reverse mapping for anonymous pagesis, according to Lorenzo Stoakes in his proposalfor a memory-management-track session at the 2026 Linux Storage,Filesystem, Memory Management, and BPF Summit, "a very brokenabstraction", due to its complexity. It also has some performanceproblems. Stoakes was there to present, in raw form, a proposedreplacement that he calls a "COW context".

Security updates have been issued by AlmaLinux (gimp, jq, and yggdrasil), Debian (nghttp2 and thunderbird), Fedora (chromium, firefox, freerdp, GitPython, kernel, kernel-headers, krb5, nano, nix, nodejs20, php, python-click, python-django5, SDL2_image, and xen), Mageia (dnsmasq, flatpak, kernel, kmod-virtualbox, kernel-linus, perl-Net-CIDR-Lite, perl-XML-LibXML, and redis), SUSE (dnsmasq, firefox, jupyter-jupyterlab, kernel, krb5, libvinylapi3, log4j, Mesa, mozjs60, NetworkManager, OpenImageIO, python-Mako, python-Pillow, and python39), and Ubuntu (dnsmasq and nginx).

Inside this week's LWN.net Weekly Edition:

A push by Red Hat employees to create a Fedora "AI DeveloperDesktop" with support for out-of-tree kernel drivers and AI toolkitshas been met with objections from some long-time members of the Fedoracommunity. After more than a month of sometimes heated discussion, theFedoraCouncil had votedto approve the initiative; however, a last-minute change to vote against theproposal by council member Justin Wheeler has (at least temporarily)sent it back to the drawing board.

Sam James has sent an announcementto the OSS Security mailing list about anotherlocal-privilege-escalation (LPE) exploit in the same class as Dirty Frag, called"Fragnesia". From the disclosure:

When Brendan Jackman proposeda session for the 2026 Linux Storage,Filesystem, Memory Management, and BPF Summit, his topic was "apagetable library for the kernel". During the actualmemory-management-track session, though, he stated that the idea had"fizzled" and he was going to cover related topics instead. Whatresulted was a session on ways to efficiently manage pages that are notpresent in the kernel's direct map.

Linux can share memory between processes, but each process (almost always)has its own set of page tables. In situations where vast numbers ofprocesses are sharing a memory region, the combined size of the pagetables can exceed that of the shared memory itself. There has, thus, longbeen an interest in enabling unrelated processes to share page tablesreferring to shared memory. Anthony Yznaga is the latest developer to tryto push this idea (known as "mshare") forward; he described the status ofthat work in a memory-management-track discussion at the 2026 Linux Storage,Filesystem, Memory Management, and BPF Summit (LSFMM+BPF).

Security updates have been issued by AlmaLinux (corosync, freerdp, git-lfs, glib2, jq, kernel-rt, krb5, libpng, libtiff, openexr, and thunderbird), Debian (exim4), Mageia (apache, perl-Gazelle, php, and sed), Slackware (expat), SUSE (assimp-devel, go1.26, libQt6Svg6, python-jupyterlab, raylib, thunderbird, tor, and trivy), and Ubuntu (exim4).

The KDE project has announcedthat it has been awarded over 1million from the Sovereign Tech Fundto improve its desktop-environment software. "The investment will beused to strengthen the structural reliability and security of KDE's coreinfrastructure, including Plasma, KDE Linux, and the frameworks underlyingits communication services."

The kernel's dma-bufsubsystem provides a way for drivers to share memory buffers, usuallyin order to support efficient device-to-device I/O. At the 2026 Linux Storage,Filesystem, Memory Management, and BPF Summit, Pavel Begunkov, assistedby Kanchan Joshi, led a joint session of the storage and memory-managementtracks to explore ways to make the use of dma-bufs more efficient yet, andto make them available for read and write operations initiated by userspace.

As a general rule, when developers talk about huge pages, they arereferring to PMD-level pages that are 1MB or 2MB in size, depending on theCPU architecture. Most CPUs can support other huge-page sizes, though. Onx86 systems, PUD-level huge pages hold 1GB of data. Providing such largepages transparently to processes has generally not been considered aseither feasible or desirable, but Usama Arif is trying to change thatassessment. At the 2026 Linux Storage,Filesystem, Memory Management, and BPF Summit, he led a session in thememory-management track on how to make transparent huge pages (THPs) trulyhuge.

Security updates have been issued by AlmaLinux (freerdp, glib2, libsoup3, and openexr), Debian (dnsmasq, p7zip, p7zip-rar, python-authlib, and rails), Fedora (chromium, firefox, httpd, and nss), SUSE (java-25-openj9, krb5, libmodsecurity3, and mcphost), and Ubuntu (imagemagick, linux, linux-aws, linux-aws-fips, linux-aws-hwe, linux-azure-4.15, linux-fips, linux-gcp, linux-gcp-4.15, linux-gcp-fips, linux-hwe, linux-kvm, linux-oracle, linux-azure, linux-azure-fips, linux-oracle, linux-azure-5.15, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, and linux-raspi).

Daniel Stenberg has published a lengthyarticle on his thoughts on Anthropic's Mythos, which the companydecided was too dangerous for wide public release.

Greg Kroah-Hartman has released the 7.0.6 and 6.18.29 stable kernels with HyunwooKim's patchfor the second vulnerability (CVE-2026-43500)reported with DirtyFragand CopyFail2. Allusers are advised to upgrade.

Some CPU architectures are able to run with a number of different base-pagesizes; using a larger size can often result in better performance at thecost of increased memory use. Other architectures are more limited. Atthe 2026 LinuxStorage, Filesystem, Memory Management, and BPF Summit, two sessions inthe memory-management track explored options for letting processes run with64KB page sizes when the underlying kernel does not. The first was focusedon letting each process have its own page size, while the second concernedbringing 64KB pages to x86 systems.

Paul Gevers has slipped an interesting bit of news into a "bits from the releaseteam" message:

Security updates have been issued by AlmaLinux (corosync, freeipmi, kernel, and kernel-rt), Debian (corosync, firefox-esr, kernel, lcms2, libpng1.6, linux-6.1, php8.2, php8.4, postorius, pyjwt, and tor), Fedora (dotnet10.0, exim, gnutls, kernel, nextcloud, nodejs22, php, proftpd, prosody, python-pulp-glue, python-requests, rclone, and SDL3_image), Mageia (firefox, nss, rootcerts, openvpn, thunderbird, and vim), Oracle (corosync, freeipmi, gstreamer1-plugins-bad-free, gstreamer1-plugins-base, and gstreamer1-plugins-good, kernel, libpng, and mingw-libtiff), Slackware (kernel and mozilla), SUSE (build, product-composer, c-ares, cairo, copacetic, distribution, firefox, firefox-esr, frr, glibc, go1.25, google-cloud-sap-agent, iproute2, java-11-openj9, java-17-openj9, java-17-openjdk, java-1_8_0-openj9, java-21-openj9, java-21-openjdk, java-25-openjdk, kernel, libexif-devel, libpcp-devel, libtpms, libtree-sitter0_26, Mesa, micropython, mozjs128, nginx, opencc, openCryptoki, php-composer2, podman, postfix, python-pytest, python311-Django, python311-Django4, redis, semaphore, strongswan, terraform-provider-aws, terraform-provider-azurerm, terraform-provider-external, terraform-provider-google, terraform-provider-helm, terraform-provider-kubernetes, terraform-provid, tor, valkey, vim, and wireshark), and Ubuntu (linux-nvidia-tegra, linux-raspi, linux-raspi-5.4, and nasm).

Linus has released 7.1-rc3 for testing."I think this answers the 'is 7.1 continuing the larger size patternthat we saw with 7.0?' question, and the answer is yes: that wasn't a flukebrought on by a .0 release - it simply seems to be the new normal."

Greg Kroah-Hartman has released the 6.1.171, 5.15.205, and 5.10.255 stable kernels, quicklyfollowed by 6.1.172 and 5.15.206 kernels. This is another roundof stable kernels to provide fixes for one of the CVEs (CVE-2026-43284)assigned following the DirtyFrag and CopyFail2security disclosures. There is not, yet, a stable kernel with a fixfor CVE-2026-43500,though apatch to fix the second half is in the works.