Linux Kernel: The RC3 Security Sweep

The lead-up to Linux 7.2-rc3 was dominated by memory-safety fixes across staging, USB, tracing, and TPM subsystems, with several out-of-bounds reads, use-after-frees, and a positional-I/O security hole all addressed in the same window.

Duration: PT2M45S

Episode overview

This episode is a short developer briefing from Linux Kernel.

It explains recent repository work in plain language.

  • Show: Linux Kernel
  • Published: 2026-07-13T13:10:54Z
  • Audio duration: PT2M45S

Transcript excerpt

This excerpt keeps the crawler page concise. Listen to the episode or use the RSS feed for the full update.

This is Linux Kernel briefing for July 13th, 2026.

The headline this cycle is memory safety. Across nearly every subsystem pull, the fixes converge on the same category of bug: out-of-bounds reads and writes, and use-after-frees, many of them reachable by untrusted input.

Start with staging, in commit 940d91c. The rtl8723bs WiFi driver got a long run of fixes for out-of-bounds reads and one heap buffer overflow, all triggered when the device connects to a malicious or malformed wifi access point. That's a real attack surface — a hostile network, not just a buggy driver.

The same pattern shows up in char-misc, commit bffa972, where both the C and Rust binder implementations needed use-after-free fixes in transaction handling and thread release. Notably, the Rust binder code needed its own separate set of fixes alongside the C version — a reminder that rewriting a subsystem in a…

USB, in commit 534f8f0, continued the trend: a use-after-free in the chaoskey driver, a length check missing from RNDIS gadget headers that a malicious host could exploit, and a disconnect use-after-free in the USB IO driver. Fifty-six commits, but the throughline is defensive validation against untrusted USB…

T…

Nearby episodes from Linux Kernel

  1. Weekly Recap - Late-Cycle Fix Convergence Across Subsystems
  2. Late-Cycle Bug Sweep Across Storage and Core Subsystems
  3. A Week of Race Conditions and Bounds Checks
  4. Session Security and Network Hardening
  5. Memory Management Hotfix Sweep
  6. RC2 Cleanup Wave
  7. Weekly Recap - Post-Merge Window Fixes Across the Stack
  8. Two Architecture Fix Pulls Land