RepoJournal
Linux

Linux

The kernel, distros, and the rigs of the moment

Pick a date

The Wire · Showcase

V7.2-RC2 TIGHTENS SECURITY SCREWS ACROSS VFIO, BPF, AND NETWORKING

By RepoJournal · Filed · About Linux

Linux 7.2-rc2 lands critical fixes for race conditions in device passthrough, hardened BPF JIT protection against code injection, and a critical use-after-free in the network stack.

The VFIO subsystem [1] closes dangerous bitfield race conditions in both the core vfio-pci driver and the mlx5 variant that could corrupt device state under concurrent access. This is a hard stop before shipping any virtualization workloads on 7.2. Meanwhile, the BPF fixes [2] address a serious security gap: the verifier now masks pseudo pointer values in logs to prevent information leaks, and JIT hardening blocks instruction pointer spraying attacks that could bypass code placement randomization. The networking patch [3] restores critical RCU grace periods in TCP AO socket destruction and patches a use-after-free on shutdown that hits real deployments. Hardware monitoring [4] gets defensive: divide-by-zero guards in fan RPM calculations, coefficient overflow detection in power supply monitors, and buffer safety checks across aspeed and asus drivers prevent panics from malformed sensor data. These are polishing merges, not show-stoppers, but the VFIO race condition is worth a rebuild.

Action items

References

  1. [1] Merge tag 'vfio-v7.2-rc2' of https://github.com/awilliam/linux-vfio torvalds/linux
  2. [2] Merge tag 'bpf-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf torvalds/linux
  3. [3] Merge tag 'net-7.2-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net torvalds/linux
  4. [4] Merge tag 'hwmon-for-v7.2-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/groeck/linux-staging torvalds/linux

FAQ

What changed in Linux on July 3, 2026?
Linux 7.2-rc2 lands critical fixes for race conditions in device passthrough, hardened BPF JIT protection against code injection, and a critical use-after-free in the network stack.
What should Linux teams do about it?
Rebuild and test with 7.2-rc2 if running VFIO or nested virtualization • Monitor for rc3 if you depend on TCP AO or netpoll in production • Verify hardware monitoring sensor readings after upgrade
Which Linux repositories shipped on July 3, 2026?
torvalds/linux

Related across the cluster

For your repos

The showcase is a teaser.
Your wire is the product.

Same engine. Different stack. Below: what changes when the wire is yours.

Showcase wire

  • 14 famous open source orgs
  • One wire per day
  • Public, generic
  • Read on the web, when you remember

Your wire

  • Up to 1,500 of your repos - orgs, deps, vendors
  • Morning and evening briefs
  • Action items routed to your team
  • Slack delivery, email, breaking-news CVE alerts

Want a hands-on demo first? Ask a current user for an invite link.