Sponsored By:

• Linode: Sign up using the link on this page and receive a $100 60-day credit towards your new account.
• Kolide: Kolide can help you nail third-party audits and internal compliance goals with endpoint security for your entire fleet.

Support Linux Action News

Links:

• A new privilege escalation vulnerability in the Linux kernel — The vulnerability consists of a stack buffer overflow due to an integer underflow vulnerability inside the nft_payload_copy_vlan function, which is invoked with nft_payload expressions as long as a VLAN tag is present in the current skb.
• netfilter: nft_payload: add C-VLAN support · torvalds/linux@f6ae9f1
• CVE-2023-0179
• CVE-2023-0179- Red Hat Customer Portal
• [net,3/3] netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits - Patchwork
• oss-sec: Re: CVE-2023-0179: Linux kernel stack buffer overflow in nftables: PoC and writeup
• libvirt 9.0 Released For Latest Linux Virtualization API — Libvirt 9.0 adds support for external snapshot deletion with QEMU using its existing API, libvirt 9.0 with QEMU now supports PASST as "Plug A Simple Socket Transport" for connecting an emulated network device to the host's network, QEMU external back-end support for SWTPM as a software Trusted Platform Module (TPM), support for passing file descriptors rather than passing files for the QEMU disk, and other additions.
• JFS Filesystem’s Days are Numbered — IBM developed the JFS file-system originally in the 90's for AIX and the second-generation implementation then ported to Linux after it was made open-source.
• Firefox 109.0 Ships Manifest Version 3 — Manifest Version 3 (MV3) extension support is now enabled by default (MV2 remains enabled/supported). This major update also ushers an exciting user interface change in the form of the new extensions button.
• Here’s what’s going on in the world of extensions
• Manage your extensions using the extensions button in the toolbar
• Manifest v3 signing available November 21 on Firefox Nightly
• Google delays start of Manifest V2 Chrome extension deprecation — The original plan called for Chrome Beta, Dev, and Canary builds to start experiments that turned off Manifest V2 extension support. Additionally, Manifest V3 would be required to get the “Featured” badge in the Chrome Web Store. 
• Firefox 109 Adds New Extensions Button, Manifest V3 Support — The biggest new feature is the new Unified Extensions button in the toolbar.
• Chrome’s “Manifest V3” plan to limit ad-blocking extensions is delayed
• Chrome Users Beware: Manifest V3 is Deceitful and Threatening — Manifest V3, or Mv3 for short, is outright harmful to privacy efforts. It will restrict the capabilities of web extensions

Sponsored By:

• Linode: Sign up using the link on this page and receive a $100 60-day credit towards your new account.
• Ting: Save $25 off your first device, or $25 in service credit if you bring one!

Support Linux Action News

Links:

• Ubuntu gets a new rolling-release remix — The new flavor is the brainchild of MrBeeBenson, building on work by Martin Wimpress, who is the project leader of the Ubuntu MATE remix.
• AMD Recruiting More Linux Engineers For Debug, CXL Enablement & More — Notable with their latest batch of Linux openings is hiring a CXL engineer. This role will focus on AMD's support for Compute Express Link (CXL) hardware enablement under Linux.
• WirePlumber 0.4.9 Fixes Surround Sound For Some Linux Games — It was reported that some games within Steam were not able to enjoy 5.1 surround sound with PipeWire in a year-old bug report. A fix landed in WirePlumber a month ago to relax the format parsing within the si-audio-adapter module and this appears to fix up that issue
• New Linux kernel patch speeds up server shutdowns — The problem is caused by the relatively long time it takes to properly shut down an NVMe drive: apparently, as much as four-and-a-half seconds.
• Linux 5.18 Hardens The Kernel For 64-bit Arm With Shadow Call Stack Support — With the Linux 5.18 hardening updates there is support added for ARM64 (AArch64) Shadow Call Stack support when building the Linux kernel with GCC 12 and newer.
• Linux 5.18 Power Management Brings Improvements For Both Intel & AMD — Intel's P-State driver will now use the default default Energy Performance Preference (EPP) exposed by the firmware, and over on the AMD CPU side, the CPUPower utility that lives within the kernel source tree now supports running in conjunction with the AMD P-State driver.
• Linux 5.18 Moves Ahead With Deprecating ReiserFS — The plan is to treat it as deprecated and formally remove it from the mainline Linux kernel in 2025.
• XFS Online Repair Functionality To Undergo A Massive Design Review — XFS online repair has been talked about for years along with online scrubbing and it looks like it's about all buttoned up. Darrick Wong will be spending the next roughly two months focusing on the "massive" design review for XFS online repair code.
• Problems emerge for a unified /dev/*random — A bunch of changes for the kernel random-number generator (RNG) were merged by Linus Torvalds on March 21. Unfortunately a user-space regression surfaced that led Torvalds to say that he would revert the patch. The idea was good, but it "causes problems for various platforms that can't do jitter entropy and have nothing else happening either".

Sponsored By:

• Linode: Sign up using the link on this page and receive a $100 60-day credit towards your new account.
• Ting: Save $25 off your first device, or $25 in service credit if you bring one!

Support Linux Action News

Links:

• Valve expect to make ‘hundreds of thousands’ of Steam Decks next month — The good news is though, production is quickly ramping up. Yang mentioned how "in production terms it'll ramp very quickly, in the first month very quickly we'll be in the tens of thousands, by the second month we'll be in the hundreds of thousands and beyond that it'll grow even quicker".
• Steam Deck gets an OS update to help solve stick drift
• Bungie rejects Steam Deck’s Linux, threatens to ban Destiny 2 players there
• Collabora talk briefly about their work with Valve on SteamOS, Steam Deck — With its new “A/B” design, there are now two operating system partitions, with two different versions of SteamOS. When upgrading, a new operating system image is written to whichever partition is not currently in use, before rebooting the system. A specialized bootloader module then automatically selects the newer operating system and boots into it.
• Portable Linux gaming with the Steam Deck
• Linux kernel edges closer to dropping ReiserFS — The problem was that ReiserFS code in the kernel used some API calls that nothing else did, preventing them from being changed or enhanced. For now, one of the other ReiserFS developers has contributed a patch that removes the issue.
• CentOS New “AutoSD” Distribution Announced For In-Vehicle Linux Distro — CentOS Automotive Stream Distribution is their binary distribution that will serve as a public, in-development preview of Red Hat's upcoming in-vehicle operating system. CentOS formed their Automotive SIG last year with Red Hat working on a RHEL-based in-vehicle Linux platform that is yet to be publicly released.
• Future Intel Systems To Reportedly Be Even Less Friendly For Open-Source Firmware
• Zaolin on Twitter — For everyone wondering what’s @IntelSoftware planning for the Firmware Support Package 3.0 #fsp and USF is basically going fully closed-source on the firmware side. This means Intel’s #fsp decides to drop #OSF open-source firmware. It’s really a shame…
• Why RISC-V Is Succeeding
• Intel’s software-defined silicon set to debut in Linux 5.18 — The existence of software-defined silicon (SDSI) emerged in October 2021 when Intel staffers posted to the Linux Kernel mailing list with hints about new functionality that would allow users to purchase licenses that turned on capabilities physically present in processors, but which are not available to use out of the box.