Linux Kernel 6.6.136 LTS has been released, featuring significant patches aimed at enhancing memory safety within the networking stack and file system drivers, particularly addressing out-of-bounds writes and use-after-free vulnerabilities. This update includes critical fixes for the ksmbd driver and OCFS2, which mitigate risks associated with malicious clients and prevent kernel panics during filesystem operations. Additionally, virtualization improvements target KVM MMIO fragment handling, while networking enhancements introduce stricter validation checks to thwart race condition exploits. The release also improves hardware support, correcting driver lifecycle management for media devices and addressing audio quirks in various laptop models
Linux Kernel 6.6.136 released
Linux Kernel 6.6.136 LTS drops a heavy batch of patches aimed at closing memory safety holes in the networking stack and file system drivers. The update specifically targets out-of-bounds writes and use-after-free conditions in ksmbd, OCFS2, F2FS, and NTFS3 that could trigger kernel panics or leak sensitive data to untrusted clients. Virtualization gets a targeted fix for KVM MMIO fragment handling, while networking receives stricter validation checks for rxrpc tickets and packet socket headers to prevent race condition exploits. Hardware support rounds out the release with corrected driver lifecycle management for media devices and fresh audio quirks for several modern laptops and desktops.
