Linux Kernel Daily: Critical Subsystem Fixes and Security Updates

Linus Torvalds merged 10 major fix collections addressing critical issues across VFS, KVM, filesystem corruption, and x86 boot crashes. The updates include memory safety fixes, performance regressions, and security vulnerabilities in core kernel components.

2026-03-30T10:01:00Z

Duration: PT2M12S

https://podlog.io/listen/linux-kernel-daily-497a9976/episode/linux-kernel-daily-critical-subsystem-fixes-and-security-updates-cbaff681

Transcript

Good morning. This is Linux Kernel Daily for March 30th, 2026.

Today brought significant stability updates with Linus Torvalds merging 10 major fix collections targeting critical subsystems.

The VFS fixes from Christian Brauner address several memory safety issues, including a NULL pointer dereference in netfs unbuffered writes and kernel BUG fixes in iterator handling for 9P filesystems. Notable is the fix for suspend-to-RAM hangs in fuse-overlayfs by introducing a new superblock flag for filesystems without data integrity guarantees.

Paolo Bonzini's KVM fixes tackle shadow paging vulnerabilities where userspace modifications to guest page tables could confuse KVM's memory management. The s390 KVM updates resolve multiple issues in the newly rewritten gmap code affecting nested guest handling.

Ted Ts'o delivered 27 ext4 fixes addressing Syzkaller-reported issues, memory leaks, and corruption handling. Key fixes include preventing crashes during discard operations and resolving race conditions in inode reallocation that could cause deadlocks.

Ingo Molnar's x86 urgent fixes resolve early boot crashes in AMD SEV-SNP guests due to incorrect FSGSBASE initialization ordering. The updates also fix FRED-related boot failures in secure execution environments.

Additional subsystem fixes came through for DMA engine drivers with extensive IDXD memory leak fixes, PHY driver corrections for Qualcomm and TI hardware, I2C timeout issues, and IRQ handling bugs in Qualcomm and Renesas controllers.

Overlayfs received performance regression fixes, reverting a problematic behavior change from version 6.12 that impacted Google COS workloads. The fix introduces an opt-in mount option for metadata copy-up synchronization.

What's next: These fixes target the 7.0-rc6 release cycle, indicating final stabilization before the mainline release. Additional architecture-specific fixes may follow as testing continues on the updated codebase.

That's your kernel update for today. Stay tuned for tomorrow's developments.