It has now been 0 days since a AI-hallucinated "security report" was sent to the kernel security team.

Right now we seem to be averaging about 1 per week, not bad overall probably compared to other projects.

To be fair, a real security bug was recently found with an "ai tool", but the authors of that at least took the time to verify it was real before sending it to us, and they provided a patch, so not all is doom and gloom.

The European Union Agency for Cybersecurity (ENISA) is now a Root in the CVE Program

https://www.cve.org/PartnerInformation/ListofPartners/partner/ENISA

"If you're not using the stable kernel, your system is insecure. [...]
I'll call out Debian: Debian tracks our kernels very well. Debian runs the world. Over 70% of all servers in the world run Debian. Everything else is a rounding error [...]
👉 Debian: really, really good. I work with the Debian developers all the time. I can't recommend them enough. Their systems are good.
👉 RedHat, SUSE: they have their own weird systems -- talk to them, you're paying them."

@gregkh at https://youtu.be/dhu8HSOzxd8?t=1226

How big is lore.kernel.org? I counted 17,154,017 unique message-ids.

I think that's roughly how many emails @gregkh replies to every day.

The recording from the "#Kernel CVEs are Alive, but Do Not Panic!" talk @gregkh gave last week at #OSSummit Korea is online now:

https://www.youtube.com/watch?v=dhu8HSOzxd8

Sides:

https://git.sr.ht/~gregkh/presentation-cve-is-dead/blob/master/cve-alive.pdf

#Linux #LinuxKernel #kernel #OSSummitKorea #CVE

First time in South Korea. Three talks in two days. Over 200 minutes of public speaking. Two packed rooms. Made new connections. (My luggage arrived four days after me. 😅)

This week was very intense, and I’ll never forget this first visit to Seoul. I’m a bit exhausted right now, but really grateful.

Thanks, Korea! 🙏🏼🇰🇷♥️

Abstracts, slides and videos: https://embeddedor.com/blog/2025/11/08/presenting-at-open-source-summit-korea-2025/

Linux Kernel Self-Protection Project 🛡⚔️🐧
#OSSummit #OSSKorea #Linux #OpenSource

As seen in the Seoul Lablup office (https://www.lablup.com/) when visiting the other day right before the OSS Korea conference. Many thanks to them for the good conversations, and food and beer!

@jarkko And for those that don't believe me, it was written about years ago: https://www.linuxfoundation.org/blog/blog/skateboarding-with-greg-kroah-hartman

@jarkko Great idea, now fixed!

I sometimes wish that I'd see more "Skilled Skateboarders" than "Skilled Board Members" at LinkedIn. World would probably be a better place if that would ever happen.

A Halloween Horror Story:

"We're in and we've broken containment - we really are living in a virtual universe"
"That near endless string of symbols is our universe"
"Yes"
"But why one giant string of noise ?"
"Is that a regexp... ?"
"Oh my god, we're living in a perl one liner!"

I'm always hyping perfetto, because it's *really really* cool! Lalit does amazing work and has been super helpful sharing his knowledge on both how to do things in perfetto and even how to add features to the code for things I found missing. So it's great to see his post about his presentation from the Tracing Summit.

One neat thing in the talk is the examples show how perfetto can also ingest and visualize perf and trace-cmd output if those tools for capturing data are more familiar then perfetto's own!

https://lalitm.com/perfetto-swiss-army-knife/

** Speaker announcement ** Our first speaker is @gregkh, Linux kernel developer and Fellow at
 @linuxfoundation.

Info & tickets:
https://2026.rustweek.org

Ahead of our CFP we will be announcing our invited speakers. Also want to speak at RustWeek? Our CFP opens Nov 1st.

#rustlang #rustweek2026

"This makes me 20% more productive!"
"So does cocaine."

@fn @ncopa Ouch, that's slow.

X is where you find the people who think they run the Internet.

Bluesky is where you find the people who think they ought to run the Internet.

Mastodon is where you find the people who actually do run the Internet, and kind of wish they didn't.

(WIth apologies to Yes, Minister)

@multisn8 Oops, yes, it is "GPD", I've now fixed the post, thanks for catching that.

So, this is what you meant, Arch Linux, right?

@sjvn @theregister Nice summary of my talk, thanks for doing that!

Greg Kroah-Hartman explains the Cyber Resilience Act for open source developers https://theregister.com/2025/09/30/cyber_reiliance_act_opinion_column/ via
@theregister & @sjvn

Greg K-H explains what #opensource developers need to know about the CRA, but why they don't need to be worried sick about it.