InfoQ Homepage Linux Content on InfoQ
-
Copy Fail and Dirty Frag: Linux Page-Cache Exploits Target Every Major Distribution
Two recent Linux kernel vulnerabilities have been disclosed: Copy Fail (CVE-2026-31431) on April 29, 2026, and Dirty Frag (CVE-2026-43284 and CVE-2026-43500) on May 7, 2026. Both allow local users to gain root access, affecting multiple Linux distributions. These vulnerabilities exploit flaws in the page cache via different subsystems, necessitating immediate patching by affected organizations.
-
Cloudflare Sandboxes Reach General Availability, Giving AI Agents Persistent Isolated Environments
Cloudflare has released Sandboxes and Containers into general availability, providing persistent isolated Linux environments for AI agent workloads. New capabilities include secure credential injection via egress proxy, PTY terminal support, persistent code interpreters, filesystem watching, and snapshot-based session recovery. Active CPU pricing charges only for used cycles.
-
Claude Code Used to Find Remotely Exploitable Linux Kernel Vulnerability Hidden for 23 Years
Anthropic researcher Nicholas Carlini used Claude Code to find a remotely exploitable heap buffer overflow in the Linux kernel's NFS driver, undiscovered for 23 years. Five kernel vulnerabilities have been confirmed so far. Linux kernel maintainers report that AI bug reports have recently shifted from slop to legitimate findings, with security lists now receiving 5-10 valid reports daily.
-
TigerFS Mounts PostgreSQL Databases as a Filesystem for Developers and AI Agents
TigerFS is a new experimental filesystem that mounts a database as a directory and stores files directly in PostgreSQL. The open source project exposes database data through a standard filesystem interface, allowing developers and AI agents to interact with it using common Unix tools such as ls, cat, find, and grep, rather than via APIs or SDKs.
-
OpenCost Looks Back on 2025 Milestones and Charts a Roadmap for 2026
The OpenCost project, an open-source cost and resource management tool hosted by the Cloud Native Computing Foundation (CNCF), has published a year-in-review reflecting on its progress in 2025 and outlining priorities for 2026.
-
Talos Linux: Bringing Immutability and Security to Kubernetes Operations
Sidero Labs has been developing Talos Linux, an immutable operating system purpose-built exclusively for running Kubernetes, alongside Omni, a cluster lifecycle management platform. InfoQ met the Sidero team in Amsterdam during the TalosCon 2025 and had conversations about their approach to simplifying Kubernetes operations through minimalism and security-first design.
-
Linux Security Tools Bypassed by io_uring Rootkit Technique, ARMO Research Reveals
Security researchers at ARMO have uncovered a significant vulnerability in Linux runtime security tools that stems from the io_uring interface, an asynchronous I/O mechanism that can completely bypass traditional system call monitoring. The research demonstrates how attackers can exploit this blind spot to operate undetected by most existing security solutions.
-
Red Hat Boosts AI across the Hybrid Cloud with Red Hat AI
Red Hat has recently announced enhancements to its Red Hat AI portfolio, aiming to accelerate the development and deployment of artificial intelligence (AI) solutions across hybrid cloud environments. This initiative focuses on integrating AI into enterprise operations, offering tools that support both predictive and generative AI models.
-
The Linux Kernel to Support Real-Time Scheduling out-of-the-Box
Linux 6.12 will officially include support for real-time processing in its mainline thanks to a PR that enables PREEMPT_RT on all supported architectures. While aimed at applications requiring deterministic time guarantees, like avionics, robotics, automotive, and communications, it could bring improvements to user experience on the desktop, too.
-
Swift 6 Officially Available
The Swift team has officially announced the availability of Swift 6, a new major version of Apple open-source language with focus on low-level and embedded programming, concurrent code safety, new cross-platforms APIs, and extended Linux and Windows support.
-
Swift Testing is a New Framework from Apple to Modernize Testing for Swift across Platforms
While XCTest remains the preferred way to create tests in Xcode, the new Swift Testing framework attempts to introduce an expressive and intuitive API for the definition of tests that applies to all platforms where Swift is supported. The framework also enables parallelizing, categorizing and associating tests with bugs.
-
Vapor 5 Materializes the Future of Server-Side Development in Swift
Over four years since the launch of its current version, the team behind Swift server-side development framework Vapor is making room for Vapor 5, which aims at leveraging Swift 6 concurrency capabilities and laying the foundations for the framework's future evolution. An initial alpha release is planned to be ready when Swift 6 is officially released.
-
Oracle Linux's UEK-Next Enables Developers to Explore and Validate the Latest Linux Development
Oracle Linux has recently launched UEK-next, an offering that combines upstream Linux kernels with Oracle Linux patches. This allows users to preview and test the latest Linux features and hardware support before they are officially released in Oracle Linux.
-
.NET 8+ on Ubuntu 24.04: Official Release with Collaborative Support
Ubuntu 24.04 has launched with a .NET release available from day one in the official Ubuntu feeds, making it immediately usable. Container images for .NET 8+ are available, including noble, noble-chiseled, and noble-chiseled-extra flavors. Additionally, .NET 6 and 7 are accessible through the dotnet/backports repository.
-
How to Scale Agile Software Development with Technology and Lean
Agile software development can be done at scale with the use of technology like self-service APIs, infrastructure provisioning, real-time collaboration software, and distributed versioning systems. Lean can complement and scale an agile culture with techniques like obeyas, systematic problem-solving, one-piece-flow and takt time, and kaizen.