kernel

A small, easily overlooked change in the Linux kernel’s BPF subsystem — tracked as CVE‑2024‑42068 — exposed a window where pages intended to be protected as read‑only could remain writable, creating a practical availability risk that administrators should treat seriously: unhandled failures from...

A newly disclosed kernel flaw, tracked as CVE-2025-38258, allows an attacker with local write access to a DAMON sysfs control to repeatedly leak kernel memory by overwriting a filter’s cgroup path without freeing the previous buffer — a straightforward memory‑leak bug that has been fixed...

A kernel-level fix landed this week to close a subtle eBPF map bug that could make kernel-held objects persist longer than intended: CVE-2025-68744 patches a missing cleanup in the BPF percpu hash and LRU-percpu hash update path so that special fields (notably kptr reference/per-CPU pointer...

A subtle caching bug in the OCFS2 kernel code — tracked as CVE-2025-40233 — can leave the filesystem’s extent map cache stale after extent moves or defragmentation, allowing later I/O to observe outdated extent flags and triggering a kernel BUG; maintainers fixed the issue by explicitly clearing...

The sudden appearance of a blue screen labeled Kernel Security Check Failure can turn a routine work session into an urgent troubleshooting exercise, but the stop code is usually Windows doing its job—halting the system because the kernel found corrupted or inconsistent data it cannot safely...

A small, tightly scoped kernel fix published in October 2025 removes a fragile null‑pointer dereference in the Intel gma500 DRM driver that could provoke a kernel oops during HDMI teardown on Oak Trail platforms; the correction is a simple reorder of calls in the driver’s HDMI teardown path, and...

The latest round of open-source AMD driver work and kernel/toolchain updates are materially improving Llama.cpp AI inference performance on Linux — in some cases outpacing equivalent Windows 11 setups — thanks to targeted RADV/Mesa optimizations, newer Linux kernels, and the way Vulkan-based...

For a surprising number of Windows systems, the guilty party behind intermittent stutters, dropped frames, and mysteriously sluggish behaviour isn’t a CPU pegged at 100% or a full SSD — it’s the tiny, sub-millisecond interruptions inside the kernel that LatencyMon can expose and quantify in...

A routine security update intended to tighten Windows kernel defenses has instead opened a new attack vector: a reliably exploitable information‑disclosure bug tracked as CVE‑2025‑53136 that leaks kernel addresses on Windows 11 and Windows Server 2022 24H2 builds. The vulnerability—rooted in...

Microsoft’s latest Canary-channel flight, Windows 11 Insider Preview Build 27943, is a compact but consequential maintenance update that repairs a handful of user-facing regressions — most notably a stuck Temporary files scan in Settings and an HDR toggle that would mysteriously disable itself —...

Oracle’s VirtualBox 7.2.2 arrives as a focused maintenance release that patches several painful regressions introduced with the 7.2 series—most notably virtual machines failing to start on Windows‑on‑ARM hosts, Trusted Platform Module (TPM) emulation problems for some guests, multiple GUI...

Microsoft’s advisory for CVE-2025-55224 describes a concurrency flaw in the Windows kernel graphics component (Win32K — GRFX) that can be manipulated by an authorized local actor to gain code execution or elevate privileges on an affected system; the bug is a race condition (improper...

Microsoft’s Security Response Guide lists CVE-2025-54112 as a vulnerability in the Microsoft Virtual Hard Disk (VHD/VHDX) handling code that can be abused by an authorized local attacker to achieve elevation of privilege on Windows hosts, a condition vendors and incident responders classify as...

Title: CVE‑2025‑54093 — Windows TCP/IP Driver TOCTOU Race Condition (Local Elevation of Privilege) Summary What it is: A time‑of‑check/time‑of‑use (TOCTOU) race condition in the Windows TCP/IP driver that Microsoft lists as CVE‑2025‑54093. Microsoft’s advisory describes the flaw as a TOCTOU...

Microsoft’s advisory identifies CVE-2025-53803 as a Windows Kernel memory information disclosure vulnerability: an error message generated by kernel code can contain sensitive kernel memory contents, allowing an authenticated local actor to read data that should remain protected. Background The...

Microsoft’s advisory listing for a DirectX Graphics Kernel race-condition that could permit local elevation of privilege — referenced by the CVE identifier the user provided (CVE-2025-55223) — cannot be located in Microsoft’s public Security Update Guide pages that are accessible without...

A newly reported Windows NTFS vulnerability described as a stack-based buffer overflow that “allows an authorized attacker to execute code locally” has raised immediate concern—but the specific CVE identifier you provided (CVE-2025-54916) could not be located in public vendor and vulnerability...

xAI’s decision to plant an engineering flag in Seattle this week marks a consequential expansion for Elon Musk’s fast-moving AI startup—one that arrives at the intersection of talent, cloud partnerships, and high-profile litigation that together will shape how Grok and xAI compete in the...

Microsoft has quietly opened the gates: Windows 11 version 25H2 is now available to testers in the Windows Insider Release Preview channel as a small, fast enablement package that flips features already staged in the 24H2 servicing branch — which means you can install the 2025 annual update on...

Microsoft's effort to let device-driver developers use Rust has moved from research and experiments into tangible tooling and samples, but the path to production-ready Windows drivers written in Rust remains long and cautious — working prototypes and Microsoft-backed crates exist, CodeQL now...