📬 Open Source & Linux Weekly - W19_2026
Two root exploits in eight days forced 12 emergency kernel releases. Warp goes AGPL. Linux Foundation tackles 10 trillion package downloads.
What I Wrote this Week
More Than 5 Million Users Trust 24 Unpaid Volunteers With Their Operating System
They have no installer, budget, or corporation behind them. By every business metric, they should be dead. They are not.
Medium Link | Canartuc.com Link
Zuckerberg’s Open Source Manifesto Lasted 21 Months with One Billion Downloads
Zuckerberg promised open source AI in 2024. One billion downloads later, Meta shipped a closed model. What happened in between is older than AI.
Medium Link | Canartuc.com Link
Linux 7.1: Kicinski Called It ‘LLM-pocalypse.’ Then Deleted 138,000 Lines.
The Linux networking maintainer wrote about an ‘LLM-pocalypse’ in the same pull request that deleted 138,000 lines from the kernel.
Medium Link | Canartuc.com Link
This week, the Linux kernel shipped two root exploits from the same bug class in eight days after carrying them silently for nine years, Warp terminal finally open-sourced its client after years of promises only to pick AGPL (the license everyone argues about), and the Linux Foundation formed a working group to fund package registries serving 10 trillion downloads per year while the companies consuming those downloads sat quietly in the corner.
Welcome back. Today, we have several important topics. I wrote a dedicated premium article about Kernel security and will publish it on May 12th, 2026, on Medium and Canartuc.com. Don't forget to subscribe!
First, a security researcher named Hyunwoo Kim asked a question that other researchers had skipped, and that single question turned one bug into a class of bugs.
Second, the eight-day double tap. Two exploits with thriller names, CopyFail and Dirty Frag, shipped back to back, and a maintainer named Greg (shame on you if you don't know him) who put out twelve emergency releases in three days while most of you slept.
Third, a quieter proposal from another researcher that lets administrators turn off broken parts of the kernel at runtime, no reboot. A kill switch for a building that keeps catching fire.
While the security people were firefighting, someone else finally said out loud that 10 trillion package downloads a year cannot be sustained on credit-card donations. Same pattern. Different room.
A root exploit is the worst kind. You start as a normal user. A normal account. The kind of access you get from a stolen password, a hacked website, or a lazy support ticket. And in one move, you become the person who owns the whole machine. Every file, secret, keystroke... is yours.
That's what we're talking about today. Two of them. In eight days. On Linux.
Both bugs come from the same broken assumption. A shortcut the kernel has trusted since 2017 to move data around quickly. The shortcut works fine in the place it was designed for. The problem is that the kernel kept reusing it everywhere else. And the maintainers never went back to check whether the assumption still held in those other places.
For nine years, no kernel reviewer walked the hallway and tried every door.
This month, somebody did. A security researcher named Hyunwoo Kim.
Day one. The first bug got a name. CopyFail. A working exploit small enough to fit inside a single email. The whole attack, start to finish, fits in less text than a polite reply to a meeting invite. The federal government in the United States looked at it and gave their agencies fourteen days to patch. Fourteen days. That's how serious. CopyFail appears on the federal list of bugs actively used to attack systems. Real attacks, and machines... Already happening.
Then, eight days later, the second one drops. Dirty Frag. And this one didn't even make it onto the schedule the kernel team wanted. Somebody outside the disclosure chain reverse-engineered it and released the details before the patch was ready.
Picture that for a second. You're a kernel maintainer. The first emergency just ended. You haven't slept properly in a week. And the second emergency is already public, with no fix in sight.
This is where Greg comes in. Greg, the maintainer who keeps stable Linux running. Real name Greg Kroah-Hartman, but inside the kernel world, he's just Greg. He's been doing this for two decades. In three days, Greg shipped twelve emergency Linux releases.
Across seven different versions of the kernel... Twelve releases... Three days... One person at the center of it.
Most of you running Linux infrastructure had no idea this was happening. Greg knew. Another maintainer named Sasha knew. A handful of other engineers were already pulling overnight shifts.
So how does the rest of the industry catch up? That's where the third piece comes in. A different researcher, the same Sasha I just mentioned, submitted a proposal built on one assumption: we cannot patch fast enough anymore.
The proposal is small. It allows a system administrator to turn off broken parts of the kernel at runtime. No reboot. Just flip a switch, and the broken part goes dark. The rest keep running while you wait for the actual fix.
That's a kill switch on the kernel. The people who maintain Linux are quietly building emergency stop buttons because the patch cycle has been unable to keep up with the disclosure cycle.
The second piece of bad news ran in parallel.
In the same week the kernel was firefighting, a different group at the Linux Foundation finally said out loud what registry operators have been warning about for years. Ten trillion downloads a year... One billion downloads per hour... Run by tiny teams on credit-card donations.
I'll be reading the kernel mailing list past midnight, scrolling like it's a horror novel I can't put down.
🤓 If you need me, I will be blacklisting kernel modules I did not know existed, explaining to procurement why AGPL is not actually a biohazard, and refreshing the Steam store page for a controller restock that Valve swears is coming. Rather than reading a book, I'll be reading the kernel mailing list past midnight, scrolling like it's a horror novel I can't put down.
I'll see you next time.
🐧 Linux
Dirty Frag Drops Two Kernel Root Exploits, Breaks Embargo, Hits Every Major Distro
Security researcher Hyunwoo Kim published full documentation and a proof-of-concept exploit for Dirty Frag on May 7 after an unrelated third party independently reverse-engineered the exploit and broke the coordinated disclosure embargo. Dirty Frag chains CVE-2026-43284 (xfrm-ESP, present since 2017) and CVE-2026-43500 (RxRPC, present since 2023) to achieve deterministic root on Ubuntu, RHEL, Fedora, openSUSE Tumbleweed, AlmaLinux, CentOS Stream, and more. No race condition required. No kernel panic on failure. One command. The ESP patch merged upstream May 7. The RxRPC patch remains pending. Until it lands, blacklisting the rxrpc kernel module is the only mitigation for that half, but doing so breaks AFS distributed file systems. Microsoft reported limited in-the-wild activity consistent with Dirty Frag or CopyFail being used as a post-compromise privilege-escalation step. This is the second page-cache root exploit in eight days, following CopyFail.
CISA Adds CopyFail to KEV Catalog With May 15 Federal Patch Deadline
CISA added CopyFail (CVE-2026-31431) to its Known Exploited Vulnerabilities catalog on May 1 with a federal remediation deadline of May 15 under Binding Operational Directive 22-01. Active exploitation in the wild is confirmed. The CVSS score is 7.8. Every mainstream Linux distribution since 2017 is affected, and the 732-byte Python PoC is publicly available. Patched stable kernels are available across all major branches. The May 15 deadline, combined with Dirty Frag landing on May 7, means federal agencies face two kernel privilege-escalation vulnerabilities requiring patching inside the same change window. Most regulated environments will merge both into a single kernel rotation.
Greg Kroah-Hartman Ships 12 Stable Kernels in Three Days Across Seven Branches
Greg Kroah-Hartman released multiple waves of stable kernels from May 7 through May 9 to address the Dirty Frag ESP component and CopyFail backports. The May 7 batch: 7.0.4, 6.18.27, 6.12.86. The May 8 follow-up: 7.0.5, 6.18.28, 6.12.87, 6.6.138, 5.10.255, 5.15.205, 6.1.171. The May 9 round: 5.15.206, 6.1.172. Twelve kernel releases in three days, covering seven branches. For distribution maintainers, this is two privilege-escalation patches across the full supported kernel matrix in one change window. The operational question for platform teams: merge CopyFail and Dirty Frag into a single kernel rotation, or run two separate rotations.
Sasha Levin Proposes Kernel Killswitch to Disable Vulnerable Code Paths at Runtime
Sasha Levin, NVIDIA engineer and Linux stable kernel co-maintainer, submitted a patch proposing a killswitch mechanism for the Linux kernel. The mechanism allows administrators to disable vulnerable kernel functions at runtime via the securityfs interface, causing targeted functions to return an error instead of executing. No reboot required. The proposal targets lesser-used code paths, including AF_ALG (CopyFail's attack surface), ksmbd, nf_tables, vsock, and ax25. The patch includes a self-test blocking the exact AF_ALG pathway CopyFail exploits. This is not live patching. It blocks vulnerable code from running until a proper kernel update ships. CopyFail sat in AF_ALG for nine years. Dirty Frag sat in ESP for 9 years and in RxRPC for 3.
Mesa 26.1 Ships 40+ Vulkan Extensions While VirGL Gets Declared Unmaintained
Mesa 26.1 shipped May 6 with the largest Vulkan extension batch in a single release cycle. Over 40 new extensions land across RADV, ANV, Turnip, PanVK, and v3dv drivers, including present timing, memory management, and advanced rendering capabilities. Intel's Iris, Crocus, and ANV drivers gained VirtIO-GPU native-context support for GPU paravirtualization in VMs. PowerVR GPUs reach OpenGL ES 2.0 through Zink. Low-latency encode/decode lands for RADV Vulkan Video. The removal threat: VirGL (accelerated graphics in virtualized environments via virglrenderer) is formally declared unmaintained and may be removed in a future release unless someone steps up. For anyone running VM GPU acceleration through VirGL, the VirtIO-GPU native-context path through Intel drivers is where the project is pointing you.
Steam Controller Launches at $99, Sells Out in 30 Minutes, Breaks Steam Servers
Valve's new Steam Controller launched May 4 at $99 and sold out in 30 minutes, crashing the Steam store under the weight of simultaneous orders. Valve confirmed a restock timeline is coming. Reviews sit around 83% aggregate, with the TMR thumbsticks (eliminating stick drift at the hardware level), dual trackpads with haptic feedback, 6-axis gyroscope with Grip Sense, and 35+ hours of battery life getting consistent praise. On Linux, setup works out of the box on distributions running the updated Steam Client. Scalpers are already listing units at $300+ on eBay. Steam on Linux held at 4.52% market share in April.
PCIe 8.0 Draft 0.5 Targets 1 TB/s Bidirectional Bandwidth by 2028
PCI-SIG released the PCIe 8.0 specification draft 0.5 to members on May 6, completing the first official draft ahead of schedule. PCIe 8.0 targets 256 GT/s raw transfer rates and up to 1.0 TB/s bidirectional bandwidth in an x16 configuration, an 8x improvement over PCIe 5.0. PAM4 signaling. Backward compatible. Final specification on track for 2028. When those accelerators and NVMe drives ship, the bus between GPU and storage determines whether a training run finishes in hours or days. PCIe 8.0 is the difference between the two. For Linux kernel developers, PCIe 8.0 support will require PCI subsystem, DMA engine, and IOMMU updates, and the kernel work will start during the 7.x or 8.x cycle.
PostgreSQL Graviton4 Regression Hits Day 36 With No Upstream Fix
The PostgreSQL throughput regression on AWS Graviton4 under PREEMPT_LAZY, first reported by AWS engineer Salvatore Dipietro on April 3, reached day 36 with no upstream fix. On 96-vCPU Graviton4 instances, PostgreSQL throughput drops to roughly half of prior kernel versions. 55% of CPU burns inside the StrategyGetBuffer spinlock as minor page faults under PREEMPT_LAZY preempt the faulting process mid-fault. The upstream position: PostgreSQL should adopt the RSEQ time-slice extension rather than the kernel reverting. PostgreSQL's RSEQ adoption timeline is measured in release cycles, not weeks. PostgreSQL 19 is planned for September 2026, but whether RSEQ support makes that release is unclear. AWS Graviton4 PostgreSQL operators need a solution now. Huge pages (2 MB or 1 GB) remain the only workaround. If the regression survives 7.1-rc3 (expected May 10), it carries into the mid-June 7.1 stable release.
Linux VFS Maintainers Set Requirements for New Filesystems After Proliferation Burden
The growing number of filesystems in the Linux kernel source tree pushed VFS maintainers to publish formal requirements for getting new filesystems accepted upstream. The documentation, triggered by recent proposals for FTRFS and VMUFAT, focuses on adoption, testability, user-space utility support, maintainer commitment, and user base viability. It encourages developers to extend existing filesystems when possible and to use FUSE for niche use cases. This is the VFS team saying: we cannot keep maintaining abandoned filesystems that no one tests, so prove yours is different before proposing it.
EndeavourOS Titan Neo Ships with KDE Plasma 6.6.4 and NVIDIA Login Fix
EndeavourOS Titan Neo shipped May 1 as a polished ISO refresh bringing KDE Plasma 6.6.4, KDE Gear 26.04, Linux kernel 6.19.14, Firefox 150, Mesa 26.0.5, and NVIDIA 595.58.03 drivers. Switching from SDDM to plasma-login-manager for KDE Plasma with NVIDIA, fixing a stability issue that frustrated NVIDIA users on the previous ISO. The next major release, Triton, will add new desktop and window manager options while dropping some current ones.
AlmaLinux 10.2 Beta Ships i686 Packages That RHEL 10 Dropped
AlmaLinux published the 10.2 Beta "Lavender Lion" on May 4 across all supported architectures, including i686. RHEL 10 dropped 32-bit packages entirely. AlmaLinux 10.2-beta ships i686 userspace packages for building 32-bit software, running CI pipelines dependent on specific 32-bit glibc versions, and containerized workloads requiring a full 32-bit environment. The package set includes Python 3.14, PostgreSQL 18, MariaDB 11.8, Ruby 4.0, PHP 8.4, and SDL3. For enterprise operators on RHEL-derived distributions who still carry 32-bit workloads, AlmaLinux is now the path RHEL no longer provides.
Linux Gems
KDE Gear 26.04.1 and Frameworks 6.26 Fix 180+ Applications Without Fanfare
KDE Gear 26.04.1 shipped May 7 with fixes across 180+ applications. An Akonadi crash in EntityTreeView during multi-item selection, a KCachegrind bounds-check preventing out-of-bounds reads, and a Konsole fix for QTabBar closing tabs on middle clicks. KDE Frameworks 6.26 shipped with Baloo memory-leak fixes, file-indexing crash fixes, improved Kirigami cross-fade transitions, and reduced icon blurriness at low fractional scale factors. No one writes headlines about these, but they fix the papercuts that make KDE feel polished versus frustrating.
AMD GAIA 0.17.6 Brings Local AI Agents to Ryzen AI Hardware
AMD's open-source local AI agent framework hit 0.17.6 with OAuth PKCE for connections, an email triage agent for Gmail, custom Python agent support in the UI, and improved Ryzen AI and Radeon hardware detection. MIT-licensed. Runs on NPUs without cloud dependencies. Pairs with the Lemonade SDK 10.0 for actually making Ryzen AI NPUs useful on Linux. If you have AMD hardware and want local AI inference that stays on your machine, this is the project making that real.
PrismLinux 2026.05.05 Ships Redesigned Installer with Linux 7.0
PrismLinux, an Arch-based ultralight distribution, shipped a completely redesigned installer with GNOME 50 support, Plasma-based LiveCD with Wayland, and Linux 7.0 as default. Together with AerynOS 2026.05 (which also shipped 7.0 with GNOME 50.1), these independent distros show how quickly kernel 7.0 is spreading beyond Fedora and Ubuntu into smaller projects.
🧩 Open Source
Warp Terminal Goes Open Source Under AGPL After Years of Promises
Warp terminal, the Rust-based, AI-powered terminal used by 700,000+ developers, released its client codebase under the AGPL-3.0 license. The repository hit 37,000+ GitHub stars within days and climbed to #2 on GitHub's trending page. Warp is positioning itself as an "agentic development environment" with native support for Claude Code, Codex, and Gemini CLI. The AGPL choice is deliberate: anyone modifying and distributing Warp must release their source code, which protects against proprietary forks while keeping the core open. The Oz orchestration platform and enterprise features remain proprietary as revenue drivers. OpenAI is the founding sponsor of the open-source repository. The underlying UI framework is expected to follow under MIT. After years of "we'll open source it eventually," the code is finally inspectable. Whether the AGPL survives contact with enterprise procurement teams who treat it like radioactive waste is the next question.
Linux Foundation Launches Package Registry Working Group as AI Consumption Hits 10 Trillion Downloads
The Linux Foundation, OpenSSF, and a founding coalition of registry operators announced the Sustaining Package Registries Working Group on May 6. Founding registries: PyPI, RubyGems, Crates.io, Maven Central, and Packagist. Package registries are projected to serve over 10 trillion downloads in 2026, roughly 1 billion per hour. PyPI alone added 130,000 new packages in 2025 and is adding nearly 900 per day in 2026. These registries run on infrastructure donations, credits, and small teams funded by grants, with operational costs reaching into the millions per year. AI-driven consumption is accelerating both legitimate traffic and malicious activity. This is the institutional admission that the "donations and volunteers" model cannot sustain the infrastructure that every company on Earth depends on.
2026 OSSRA Report: Open Source Vulnerabilities Per Codebase Double to 581
Black Duck's 2026 OSSRA report (Open Source Security and Risk Analysis, released February 25 and circulating widely in developer security circles this week) confirms that the mean number of open-source vulnerabilities per commercial codebase jumped 107% year-over-year to an average of 581, up from 280 the prior year. 87% of audited codebases contained at least one vulnerability. 78% contained high-risk vulnerabilities. License conflicts hit 68% of codebases, the largest single-year jump in the report's history. The driver: AI-generated code creating dependencies at scale without matching audit tooling. AI code generators reproduce GPL/AGPL-licensed fragments verbatim. Those fragments carry license obligations that the adopting organizations are not tracking. 85% of organizations use AI coding assistants. Only 24% perform full IP, license, security, and quality evaluations of AI-generated code.
GitHub CVE-2026-3854: A Single git push Could Execute Code on Backend Servers
CVE-2026-3854 (CVSS 8.7), discovered by Wiz Research, demonstrated how a crafted git push --push-option command could execute arbitrary code on GitHub's backend servers. On github.com, exploitation enabled cross-tenant access to shared storage nodes housing millions of repositories. On GitHub Enterprise Server (GHES), it yielded full server compromise, including all hosted repositories and internal secrets. GitHub patched the issue with no evidence of pre-disclosure exploitation. The root cause: unsanitized user input in an internal protocol header with last-write-wins semantics. This affected GitHub.com, GitHub Enterprise Cloud, and all GHES release lines (3.14 through 3.19). Self-hosted GHES deployments that delay patches carry the risk longest.
Google Summer of Code 2026 Accepts 1,141 Contributors Across 184 Organizations
Google announced 1,141 accepted contributors across 184 mentoring organizations for GSoC 2026. Notable projects include Vulkan video filters for HDR tone-mapping in VideoLAN, fast snapshot loading for QEMU, the gccrs Rust front-end enabling compilation of the Rust alloc crate, and OpenType MATH table support for LibreOffice. The coding period begins May 25. GSoC is in its 22nd year, and this pipeline represents the next generation of open source contributors entering the ecosystem with funded mentorship rather than unpaid volunteer time.
pgxbackup Completes First Week as pgBackRest Fork, No Vendor Funding Materializes
PGX's pgxbackup fork of pgBackRest completed its first full operational week. Christophe Pettus and the PGX team are committed to critical bug fixes, security patches, and PostgreSQL compatibility. One week in, not a single cloud-Postgres provider (AWS RDS, GCP Cloud SQL, Azure, Supabase, Neon, EnterpriseDB) has publicly committed funding or engineering resources. These providers collectively generate hundreds of millions in annual revenue from PostgreSQL deployments. pgBackRest is the backup tool beneath most of them. One provider's quarterly profit covers the entire maintainer's salary several times over. If funding commitments do not materialize by the end of May, the sustainability question that killed pgBackRest transfers directly to the fork.
Open Source Gems
DocuSeal Trends on GitHub as Self-Hosted DocuSign Alternative
DocuSeal hit GitHub's trending lists this week. It provides open source PDF form creation, filling, and signing for teams that cannot use SaaS due to compliance or data-residency requirements. Custom PDF form templates, automatic digital signatures, web-based signing interface. The open source e-signature space is getting competitive, with Documenso, OpenSign, and LibreSign all active, but DocuSeal's GitHub numbers this week crossed into real traction.
qBittorrent 5.2 Ships Disk Space Tracking and Reboot Automation
qBittorrent 5.2 dropped May 3 with per-category share limits, disk-space display in the status bar, reboot-on-completion automation, and a WebUI overhaul that makes remote management from a phone actually work. Under the hood: asynchronous torrent piece calculation, lossless image compression, and faster resume-queue loading. Qt 6.5 support dropped. For self-hosted operators managing downloads on headless Linux servers, the per-category limits and disk-space tracking close two gaps people have been asking about for years.
Inkscape 1.4.4 Bridges the Format Gap Before 1.5's Multipage Rewrite
Inkscape 1.4.4 shipped 20 crash fixes, 25+ bug fixes, and performance improvements for large-object-count documents. The forward-looking detail: 1.4.4 can convert the planned 1.5 multipage file format to pre-1.5 format. Versions older than 1.4.3 will not read pages created in Inkscape 1.5. If you run SVG-based design workflows on Linux, upgrade to 1.4.4 before 1.5 ships or lose bidirectional format compatibility.
🔍 Spotlight
Hyunwoo Kim (@v4bel)
Hyunwoo Kim became the most consequential figure in Linux security this week, and most people outside the kernel security community had never heard of him before May 7. Kim discovered Dirty Frag (CVE-2026-43284, CVE-2026-43500), the kernel root-escalation exploit that landed on May 7. CopyFail (CVE-2026-31431), which dominated the prior week, was discovered separately by Theori's Xint Code. Both exploits belong to the same bug class, page-cache write primitives through different kernel subsystems. What sets Kim apart is that he identified the bug class pattern in subsystems no one else had checked.
Kim reported Dirty Frag to the kernel maintainers through the proper channels, but the coordinated disclosure fell apart when a third party independently reverse-engineered the exploit on May 7, before patches were ready. Kim then published the full documentation and the proof of concept after consulting with distribution maintainers, acknowledging that the embargo was no longer viable. The responsible thing at that point was transparency, and that is what Kim provided.
Page-cache corruption through splice(2) and sendfile(2) is not a new idea. Dirty Pipe exploited it in 2022. CopyFail (found by Theori) demonstrated it again in AF_ALG. Kim systematically searched for other kernel subsystems where the same trust violation exists. ESP/IPsec. RxRPC. These are not random findings. They are the result of someone asking, "Where else does this pattern exist?" and spending the time to find out. The obvious question: which subsystem does Kim look at next?