may 11, 2026
4 links from the engineering internet.
linux 7.0.6 and 6.18.29 lts released to fix dirty frag vulnerability
greg kroah-hartman released both stable kernels on may 11, patching cve-2026-43500 (dirty frag), a use-after-free in the rxrpc subsystem discovered by hyunwoo kim; both releases are drop-in upgrades for anyone tracking stable.
linux kernel maintainers formally pitch runtime killswitch for vulnerable subsystems
sasha levin posted an rfc proposing a kernel mechanism to disable affected subsystems at runtime without a reboot, prompted by the back-to-back copy fail and dirty frag disclosures; the proposal targets operators who cannot patch immediately.
vercel sandbox firewall adds outbound request proxying and matcher filtering
sandboxed deployments can now route outbound traffic through a developer-controlled proxy server with oidc token auth; path and method matchers let teams block or transform specific requests, available in beta for pro and enterprise plans.
opencode v1.14.48 preserves original image attachments for model sends
patch release for the open-source ai coding agent fixes image handling to send original files instead of resizing them before passing to the model, preventing quality loss on high-resolution screenshots and diagrams.