The Wire · Showcase
V7.2-RC2 TIGHTENS SECURITY SCREWS ACROSS VFIO, BPF, AND NETWORKING
By RepoJournal · Filed · About Linux
Linux 7.2-rc2 lands critical fixes for race conditions in device passthrough, hardened BPF JIT protection against code injection, and a critical use-after-free in the network stack.
The VFIO subsystem [1] closes dangerous bitfield race conditions in both the core vfio-pci driver and the mlx5 variant that could corrupt device state under concurrent access. This is a hard stop before shipping any virtualization workloads on 7.2. Meanwhile, the BPF fixes [2] address a serious security gap: the verifier now masks pseudo pointer values in logs to prevent information leaks, and JIT hardening blocks instruction pointer spraying attacks that could bypass code placement randomization. The networking patch [3] restores critical RCU grace periods in TCP AO socket destruction and patches a use-after-free on shutdown that hits real deployments. Hardware monitoring [4] gets defensive: divide-by-zero guards in fan RPM calculations, coefficient overflow detection in power supply monitors, and buffer safety checks across aspeed and asus drivers prevent panics from malformed sensor data. These are polishing merges, not show-stoppers, but the VFIO race condition is worth a rebuild.
Action items
- → Rebuild and test with 7.2-rc2 if running VFIO or nested virtualization torvalds/linux [plan]
- → Monitor for rc3 if you depend on TCP AO or netpoll in production torvalds/linux [monitor]
- → Verify hardware monitoring sensor readings after upgrade torvalds/linux [plan]
References
- [1] Merge tag 'vfio-v7.2-rc2' of https://github.com/awilliam/linux-vfio torvalds/linux
- [2] Merge tag 'bpf-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf torvalds/linux
- [3] Merge tag 'net-7.2-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net torvalds/linux
- [4] Merge tag 'hwmon-for-v7.2-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/groeck/linux-staging torvalds/linux
FAQ
- What changed in Linux on July 3, 2026?
- Linux 7.2-rc2 lands critical fixes for race conditions in device passthrough, hardened BPF JIT protection against code injection, and a critical use-after-free in the network stack.
- What should Linux teams do about it?
- Rebuild and test with 7.2-rc2 if running VFIO or nested virtualization • Monitor for rc3 if you depend on TCP AO or netpoll in production • Verify hardware monitoring sensor readings after upgrade
- Which Linux repositories shipped on July 3, 2026?
- torvalds/linux