В Linux раскрыта уязвимость GhostLock, позволяющая получить root-доступ
В ядре Linux раскрыта уязвимость CVE-2026-43499, получившая неофициальное название GhostLock. Проблема затрагивает код rtmutex и механизм futex с наследованием приоритета, а её эксплуатация может позволить локальному непривилегированному пользователю повысить права до root. По данным AlmaLinux, уязвимость также может использоваться из контейнера для выхода на хост, если система работает на не обновлённом ядре.
( читать дальше... )
cve, linux, безопасность, уязвимость, ядро
👉@sysadminoff
https://www.linux.org.ru/news/security/18336500
В ядре Linux раскрыта уязвимость CVE-2026-43499, получившая неофициальное название GhostLock. Проблема затрагивает код rtmutex и механизм futex с наследованием приоритета, а её эксплуатация может позволить локальному непривилегированному пользователю повысить права до root. По данным AlmaLinux, уязвимость также может использоваться из контейнера для выхода на хост, если система работает на не обновлённом ядре.
( читать дальше... )
cve, linux, безопасность, уязвимость, ядро
👉@sysadminoff
https://www.linux.org.ru/news/security/18336500
Выпуск Rust 1.97. Написанные на Rust ядро Zinnia и P2P-система Iroh с адресацией по ключам
Опубликован релиз языка программирования Rust 1.97, основанного проектом Mozilla, но ныне развиваемого под покровительством независимой некоммерческой организации Rust Foundation. Язык сфокусирован на безопасной работе с памятью и предоставляет средства для достижения высокого параллелизма выполнения заданий, при этом обходясь без использования сборщика мусора и runtime (runtime сводится к базовой инициализации и сопровождению стандартной библиотеки).
👉@sysadminoff
https://www.opennet.ru/opennews/art.shtml?num=65883
Опубликован релиз языка программирования Rust 1.97, основанного проектом Mozilla, но ныне развиваемого под покровительством независимой некоммерческой организации Rust Foundation. Язык сфокусирован на безопасной работе с памятью и предоставляет средства для достижения высокого параллелизма выполнения заданий, при этом обходясь без использования сборщика мусора и runtime (runtime сводится к базовой инициализации и сопровождению стандартной библиотеки).
👉@sysadminoff
https://www.opennet.ru/opennews/art.shtml?num=65883
Microsoft accelerates post-quantum cryptography and AI-driven cloud hardening
Microsoft has integrated post-quantum cryptography (PQC) requirements into its Secure Future Initiative (SFI) to address the "harvest now, decrypt later" threat. The company accelerated its transition timeline, aiming to protect critical products and services with quantum-safe algorithms by 2029. This shift moves PQC readiness from a long-term goal to a strictly governed engineering requirement with public progress reporting and executive accountability.
Source
👉@sysadminoff
https://4sysops.com/archives/microsoft-accelerates-post-quantum-cryptography-and-ai-driven-cloud-hardening/
Microsoft has integrated post-quantum cryptography (PQC) requirements into its Secure Future Initiative (SFI) to address the "harvest now, decrypt later" threat. The company accelerated its transition timeline, aiming to protect critical products and services with quantum-safe algorithms by 2029. This shift moves PQC readiness from a long-term goal to a strictly governed engineering requirement with public progress reporting and executive accountability.
Source
👉@sysadminoff
https://4sysops.com/archives/microsoft-accelerates-post-quantum-cryptography-and-ai-driven-cloud-hardening/
📰 15-Year-Old Linux Kernel GhostLock Flaw Lets Local Users Gain Root
CVE-2026-43499, dubbed GhostLock by Nebula Security, exposes a long-standing Linux kernel futex bug that can lead to local root access.
🔗 Source:
#kernel #linux
👉@sysadminoff
https://linuxiac.com/15-year-old-linux-kernel-ghostlock-flaw-lets-local-users-gain-root/
CVE-2026-43499, dubbed GhostLock by Nebula Security, exposes a long-standing Linux kernel futex bug that can lead to local root access.
🔗 Source:
#kernel #linux
👉@sysadminoff
https://linuxiac.com/15-year-old-linux-kernel-ghostlock-flaw-lets-local-users-gain-root/
Linuxiac
15-Year-Old Linux Kernel GhostLock Flaw Lets Local Users Gain Root
CVE-2026-43499, dubbed GhostLock by Nebula Security, exposes a long-standing Linux kernel futex bug that can lead to local root access.
OpenAI GPT-5.6 review highlights Sol as a persistent coding workhorse
The flagship GPT-5.6 Sol model has emerged as a top-tier choice for complex, long-horizon agentic tasks and multi-step software engineering. Reviews indicate that while it leads in coding agent benchmarks, it often prioritizes exhaustive execution over architectural simplicity, sometimes generating excessive code to solve problems. However, this persistence makes it highly effective for autonomous bug fixing and navigating messy repositories where checking off every item on a list is the primary goal.
Source
👉@sysadminoff
https://4sysops.com/archives/openai-gpt-5-6-review-highlights-sol-as-a-persistent-coding-workhorse/
The flagship GPT-5.6 Sol model has emerged as a top-tier choice for complex, long-horizon agentic tasks and multi-step software engineering. Reviews indicate that while it leads in coding agent benchmarks, it often prioritizes exhaustive execution over architectural simplicity, sometimes generating excessive code to solve problems. However, this persistence makes it highly effective for autonomous bug fixing and navigating messy repositories where checking off every item on a list is the primary goal.
Source
👉@sysadminoff
https://4sysops.com/archives/openai-gpt-5-6-review-highlights-sol-as-a-persistent-coding-workhorse/
What is NVIDIA NemoClaw? Nemotron 3 Ultra, LangChain Deep Agents, and OpenShell explained
NVIDIA CEO Jensen Huang and LangChain founder Harrison Chase revealed the NemoClaw for LangChain Deep Agents blueprint. It integrates the Nemotron 3 Ultra open-weight language model, the LangChain Deep Agents software, and the OpenShell runtime layer. This article details each component, highlights the announcement's novel aspects, explains how to get started, and discusses where to approach the vendor's claims with caution. You also learn why Jensen Huang's super agents can be seen as narrow AI.
Source
👉@sysadminoff
https://4sysops.com/archives/what-is-nvidia-nemoclaw-nemotron-3-ultra-langchain-deep-agents-and-openshell-explained/
NVIDIA CEO Jensen Huang and LangChain founder Harrison Chase revealed the NemoClaw for LangChain Deep Agents blueprint. It integrates the Nemotron 3 Ultra open-weight language model, the LangChain Deep Agents software, and the OpenShell runtime layer. This article details each component, highlights the announcement's novel aspects, explains how to get started, and discusses where to approach the vendor's claims with caution. You also learn why Jensen Huang's super agents can be seen as narrow AI.
Source
👉@sysadminoff
https://4sysops.com/archives/what-is-nvidia-nemoclaw-nemotron-3-ultra-langchain-deep-agents-and-openshell-explained/
Microsoft enables cross-tenant message recall for Exchange Online
Microsoft has introduced a new capability for Exchange Online that allows users to recall messages sent to recipients in external Microsoft 365 tenants. Previously, the message recall feature was strictly limited to intra-tenant communication to maintain privacy boundaries between different organizations. This update addresses a significant gap for partners, subsidiaries, and affiliated organizations that frequently collaborate across separate tenant environments.
Source
👉@sysadminoff
https://4sysops.com/archives/microsoft-enables-cross-tenant-message-recall-for-exchange-online/
Microsoft has introduced a new capability for Exchange Online that allows users to recall messages sent to recipients in external Microsoft 365 tenants. Previously, the message recall feature was strictly limited to intra-tenant communication to maintain privacy boundaries between different organizations. This update addresses a significant gap for partners, subsidiaries, and affiliated organizations that frequently collaborate across separate tenant environments.
Source
👉@sysadminoff
https://4sysops.com/archives/microsoft-enables-cross-tenant-message-recall-for-exchange-online/
The post-frontier AI era
The AI landscape is shifting from a focus on massive frontier models toward a post-frontier era defined by orchestration, cost control, and specialized system harnesses. Industry experts predict that over 90% of AI tokens will soon be generated by open-weight models as enterprises prioritize data sovereignty and performance over public benchmarks. This transition empowers organizations to move away from vendor lock-in by deploying efficient, local, or hybrid compute solutions tailored to specific business workflows.
Source
👉@sysadminoff
https://4sysops.com/archives/the-post-frontier-ai-era/
The AI landscape is shifting from a focus on massive frontier models toward a post-frontier era defined by orchestration, cost control, and specialized system harnesses. Industry experts predict that over 90% of AI tokens will soon be generated by open-weight models as enterprises prioritize data sovereignty and performance over public benchmarks. This transition empowers organizations to move away from vendor lock-in by deploying efficient, local, or hybrid compute solutions tailored to specific business workflows.
Source
👉@sysadminoff
https://4sysops.com/archives/the-post-frontier-ai-era/
Ubuntu 26.10 retires dbus-daemon after 22 year run as default
Ubuntu 26.10 is replacing its D-Bus implementation for the first time since 2004, swapping dbus-daemon for dbus-broker – a change end-users are unlikely to notice. Processes on your desktop talk to each other and to the host system using D-Bus, a ‘message’ bus. This is what the Ubuntu Dock uses to show unread-count badges for apps, what tells your desktop a USB drive has been plugged in, and so on. Two buses are in play. There’s aa system bus, shared across the whole device, handling hardware and background services, and a user session bus to handle desktop and app integrations […]
You're reading Ubuntu 26.10 retires dbus-daemon after 22 year run as default, a blog post from OMG! Ubuntu. Do not reproduce elsewhere without permission.
👉@sysadminoff
https://www.omgubuntu.co.uk/2026/07/ubuntu-26-10-dbus-broker
Ubuntu 26.10 is replacing its D-Bus implementation for the first time since 2004, swapping dbus-daemon for dbus-broker – a change end-users are unlikely to notice. Processes on your desktop talk to each other and to the host system using D-Bus, a ‘message’ bus. This is what the Ubuntu Dock uses to show unread-count badges for apps, what tells your desktop a USB drive has been plugged in, and so on. Two buses are in play. There’s aa system bus, shared across the whole device, handling hardware and background services, and a user session bus to handle desktop and app integrations […]
You're reading Ubuntu 26.10 retires dbus-daemon after 22 year run as default, a blog post from OMG! Ubuntu. Do not reproduce elsewhere without permission.
👉@sysadminoff
https://www.omgubuntu.co.uk/2026/07/ubuntu-26-10-dbus-broker
Выпуск Wine 11.13
Опубликован экспериментальный выпуск открытой реализации Win32 API - Wine 11.13. С момента выпуска 11.12 было закрыто 22 отчёта об ошибках и внесено 207 изменений.
👉@sysadminoff
https://www.opennet.ru/opennews/art.shtml?num=65884
Опубликован экспериментальный выпуск открытой реализации Win32 API - Wine 11.13. С момента выпуска 11.12 было закрыто 22 отчёта об ошибках и внесено 207 изменений.
👉@sysadminoff
https://www.opennet.ru/opennews/art.shtml?num=65884
Недельный отчёт о разработке KDE
Опубликован очередной еженедельный отчёт о разработке KDE, в котором представлена порция изменений для ветки KDE Plasma 6.8, релиз которой запланирован на 14 октября. Среди недавних изменений.
👉@sysadminoff
https://www.opennet.ru/opennews/art.shtml?num=65885
Опубликован очередной еженедельный отчёт о разработке KDE, в котором представлена порция изменений для ветки KDE Plasma 6.8, релиз которой запланирован на 14 октября. Среди недавних изменений.
👉@sysadminoff
https://www.opennet.ru/opennews/art.shtml?num=65885
Выпуск libtorrent 2.1 с включением протокола WebTorrent
Доступен выпуск библиотеки libtorrent 2.1, предлагающей реализацию протокола BitTorrent, нацеленную на низкое потребление памяти и эффективное использование ресурсов CPU. Библиотека задействована в таких торрент-клиентах, как Deluge, qBittorrent, Folx, Lince, Miro, Flush и Free Download Manager, а также в некоторых сетевых хранилищах. Код libtorrent написан на языке C++ и распространяется под лицензией BSD.
👉@sysadminoff
https://www.opennet.ru/opennews/art.shtml?num=65886
Доступен выпуск библиотеки libtorrent 2.1, предлагающей реализацию протокола BitTorrent, нацеленную на низкое потребление памяти и эффективное использование ресурсов CPU. Библиотека задействована в таких торрент-клиентах, как Deluge, qBittorrent, Folx, Lince, Miro, Flush и Free Download Manager, а также в некоторых сетевых хранилищах. Код libtorrent написан на языке C++ и распространяется под лицензией BSD.
👉@sysadminoff
https://www.opennet.ru/opennews/art.shtml?num=65886
IronTick 1.0: стабильный кроссплатформенный метроном
Представляю первый релиз метронома IronTick. Это легковесный, точный, кроссплатформенный метроном, использующий фреймворк Qt6. Отличается тем, что генерирует непрерывный аудиопоток с кликами вместо того, чтобы воспроизводить отдельные клики по таймеру, как это делает большинство других программ-метрономов. Благодаря такому подходу, IronTick кликает намного стабильнее и точнее, даже при наличии большой фоновой нагрузки.
( читать дальше... )
audio, multimedia, музыка, от автора
👉@sysadminoff
https://www.linux.org.ru/news/multimedia/18336923
Представляю первый релиз метронома IronTick. Это легковесный, точный, кроссплатформенный метроном, использующий фреймворк Qt6. Отличается тем, что генерирует непрерывный аудиопоток с кликами вместо того, чтобы воспроизводить отдельные клики по таймеру, как это делает большинство других программ-метрономов. Благодаря такому подходу, IronTick кликает намного стабильнее и точнее, даже при наличии большой фоновой нагрузки.
( читать дальше... )
audio, multimedia, музыка, от автора
👉@sysadminoff
https://www.linux.org.ru/news/multimedia/18336923
📰 Crowdfunding begins for Open Book Touch, an open source eReader
The Open Book Touch is an eBook reader with a small, front-lit E ink display, a microSD card slot for storage, and support for EPUB and TXT files. But what really makes it different from most eReaders is that it’s a fully open source device with unusual (for eReader) features like a user-replaceable battery. Not only .
🔗 Source:
#opensource
👉@sysadminoff
https://liliputing.com/crowdfunding-begins-for-open-book-touch-an-open-source-ereader/
The Open Book Touch is an eBook reader with a small, front-lit E ink display, a microSD card slot for storage, and support for EPUB and TXT files. But what really makes it different from most eReaders is that it’s a fully open source device with unusual (for eReader) features like a user-replaceable battery. Not only .
🔗 Source:
#opensource
👉@sysadminoff
https://liliputing.com/crowdfunding-begins-for-open-book-touch-an-open-source-ereader/
Liliputing
Crowdfunding begins for Open Book Touch, an open source eReader
Crowdfunding begins for Open Book Touch, an open source eReader
Anthropic reveals first large-scale cyberattack orchestrated by agentic AI
In late 2025, Anthropic identified a sophisticated espionage campaign where a Chinese state-sponsored group hijacked the Claude Code assistant to target approximately 30 global organizations. The attackers utilized the Model Context Protocol (MCP), a standard designed to let AI interact with external data and APIs, to automate up to 90% of the tactical operation. This shift allowed the campaign to generate thousands of requests per second, achieving a tempo that far exceeds the capabilities of traditional human-led threat actor teams.
Source
👉@sysadminoff
https://4sysops.com/archives/anthropic-reveals-first-large-scale-cyberattack-orchestrated-by-agentic-ai/
In late 2025, Anthropic identified a sophisticated espionage campaign where a Chinese state-sponsored group hijacked the Claude Code assistant to target approximately 30 global organizations. The attackers utilized the Model Context Protocol (MCP), a standard designed to let AI interact with external data and APIs, to automate up to 90% of the tactical operation. This shift allowed the campaign to generate thousands of requests per second, achieving a tempo that far exceeds the capabilities of traditional human-led threat actor teams.
Source
👉@sysadminoff
https://4sysops.com/archives/anthropic-reveals-first-large-scale-cyberattack-orchestrated-by-agentic-ai/
GhostLock, BadEpoll и Januscape - уязвимости в ядре Linux, позволяющие получить права root и обойти изоляцию KVM
Раскрыта информация об уязвимости (CVE-2026-43499) в ядре Linux, получившей кодовое имя GhostLock и позволяющая непривилегированному локальному пользователю получить права root в системе, а также выйти из изолированных контейнеров. При использовании в сочетании с другими уязвимостями в браузерах, выявленная проблема может применяться для удалённого выполнения кода с правами root при открытии специально оформленной web-страницы. Проблема проявляется начиная с ядра Linux 2.6.39 (2011 год).
👉@sysadminoff
https://www.opennet.ru/opennews/art.shtml?num=65880
Раскрыта информация об уязвимости (CVE-2026-43499) в ядре Linux, получившей кодовое имя GhostLock и позволяющая непривилегированному локальному пользователю получить права root в системе, а также выйти из изолированных контейнеров. При использовании в сочетании с другими уязвимостями в браузерах, выявленная проблема может применяться для удалённого выполнения кода с правами root при открытии специально оформленной web-страницы. Проблема проявляется начиная с ядра Linux 2.6.39 (2011 год).
👉@sysadminoff
https://www.opennet.ru/opennews/art.shtml?num=65880
📰 Graviton5 CPU Benchmarks: 30% Geo Mean Improvement Over Graviton4
After originally announcing Graviton5 last December, recently AWS finally made the M9g and M9gd instances generally available as the first featuring these new in-house ARM server processors for the EC2 cloud. Graviton5 makes use of Arm Neoverse-V3 cores compared to Neoverse-V2 with Graviton4, support up to 192 cores, and feature a higher 3.3GHz clock speed compared to 2.8GHz on the prior-generation Graviton CPUs.
🔗 Source:
#arm
👉@sysadminoff
https://www.phoronix.com/review/aws-graviton5
After originally announcing Graviton5 last December, recently AWS finally made the M9g and M9gd instances generally available as the first featuring these new in-house ARM server processors for the EC2 cloud. Graviton5 makes use of Arm Neoverse-V3 cores compared to Neoverse-V2 with Graviton4, support up to 192 cores, and feature a higher 3.3GHz clock speed compared to 2.8GHz on the prior-generation Graviton CPUs.
🔗 Source:
#arm
👉@sysadminoff
https://www.phoronix.com/review/aws-graviton5
Phoronix
Graviton5 CPU Benchmarks: 30% Geo Mean Improvement Over Graviton4
After originally announcing Graviton5 last December, recently AWS finally made the M9g and M9gd instances generally available as the first featuring these new in-house ARM server processors for the EC2 cloud.
📰 Fedora Governance Changes Take Effect as Project Refines Leadership, Policy, and Contributor Oversight
by George WhittakerA series of Fedora governance updates are now taking effect, marking another step in the project's ongoing effort to modernize decision-making processes, improve transparency, and better support Fedora's growing contributor community. The changes come as the Fedora Council and other leadership bodies continue refining how one of the Linux world's largest community-driven projects is managed.
🔗 Source:
#fedora #linux
👉@sysadminoff
https://www.linuxjournal.com/content/fedora-governance-changes-take-effect-project-refines-leadership-policy-and-contributor
by George WhittakerA series of Fedora governance updates are now taking effect, marking another step in the project's ongoing effort to modernize decision-making processes, improve transparency, and better support Fedora's growing contributor community. The changes come as the Fedora Council and other leadership bodies continue refining how one of the Linux world's largest community-driven projects is managed.
🔗 Source:
#fedora #linux
👉@sysadminoff
https://www.linuxjournal.com/content/fedora-governance-changes-take-effect-project-refines-leadership-policy-and-contributor
Linux Journal
Fedora Governance Changes Take Effect as Project Refines Leadership, Policy, and Contributor Oversight
A series of Fedora governance updates are now taking effect, marking another step in the project's ongoing effort to modernize decision-making processes, improve transparency, and better support Fedora's growing contributor community. The changes come as…
Windows settings backup becomes enabled by default in Windows 11 26H2
Microsoft is shifting the default behavior for Windows settings backup and restore from disabled to enabled starting with Windows 11 version 26H2. This change applies to Microsoft Entra-joined and hybrid-joined enterprise devices, automatically backing up user settings and Microsoft Store app lists to Exchange Online storage. The transition aims to simplify PC refresh cycles and device migrations by ensuring a baseline of resilience is active without manual intervention.
Source
👉@sysadminoff
https://4sysops.com/archives/windows-settings-backup-becomes-enabled-by-default-in-windows-11-26h2/
Microsoft is shifting the default behavior for Windows settings backup and restore from disabled to enabled starting with Windows 11 version 26H2. This change applies to Microsoft Entra-joined and hybrid-joined enterprise devices, automatically backing up user settings and Microsoft Store app lists to Exchange Online storage. The transition aims to simplify PC refresh cycles and device migrations by ensuring a baseline of resilience is active without manual intervention.
Source
👉@sysadminoff
https://4sysops.com/archives/windows-settings-backup-becomes-enabled-by-default-in-windows-11-26h2/
👍1
Новые версии Debian 12.15 и 13.6. Debian 12 переведён на стадию LTS-сопровождения
Сформировано шестое корректирующее обновление дистрибутива Debian 13, в которое включены накопившиеся обновления пакетов и добавлены исправления в инсталлятор. Выпуск включает 124 обновления с устранением проблем со стабильностью и 120 обновлений с устранением уязвимостей.
👉@sysadminoff
https://www.opennet.ru/opennews/art.shtml?num=65888
Сформировано шестое корректирующее обновление дистрибутива Debian 13, в которое включены накопившиеся обновления пакетов и добавлены исправления в инсталлятор. Выпуск включает 124 обновления с устранением проблем со стабильностью и 120 обновлений с устранением уязвимостей.
👉@sysadminoff
https://www.opennet.ru/opennews/art.shtml?num=65888
👍1
📰 PipeWire 1.6.8 Improves JACK/MIDI Support for Ardour, SOFA Filter, and More
PipeWire 1.6.8 audio/video server for Linux is now available for download with improved JACK support for Ardour, filter-graph improvements, memory leak fixes, and more.
🔗 Source: https://9to5linux.com/pipewire-1-6-8-improves-jack-midi-support-for-ardour-sofa-filter-and-more
#linux
👉@sysadminoff
PipeWire 1.6.8 audio/video server for Linux is now available for download with improved JACK support for Ardour, filter-graph improvements, memory leak fixes, and more.
🔗 Source: https://9to5linux.com/pipewire-1-6-8-improves-jack-midi-support-for-ardour-sofa-filter-and-more
#linux
👉@sysadminoff