Seven stable kernels for the first day of June [LWN.net]

Greg Kroah-Hartman has announced the release of the 7.0.11, 6.18.34, 6.12.92, 6.6.142, 6.1.175, 5.15.209, and 5.10.258 stable kernels. As usual, each contains important fixes throughout the tree, including a fix for the "CIFSwitch" vulnerability (CVE-2026-46243) which could allow a local-privilege-escalation exploit. Users are advised to upgrade.

to post comments

Unprivileged user namespaces...

Posted Jun 2, 2026 10:50 UTC (Tue) by Lionel_Debroux (subscriber, #30014) [Link] (1 responses)

... keep being a source of vulnerabilities (typically LPE) by themselves occasionally, or a component of some LPE chains.
It looks like the benefit of disabling unprivileged user namespaces on my computers and customers' computers (various distros, and among other well-known Linux kernel security offenders) for years keeps increasing.

Unprivileged user namespaces...

Posted Jun 3, 2026 4:11 UTC (Wed) by ebiederm (subscriber, #35028) [Link]

Disabling them is entirely reasonable if you don't need them.

However don't congratulate yourself too much. In almost all cases I have reviewed the problem case is still exploitable with unprivileged user namespaces disabled. It is just trickier. The mentioned CVE looks like it could be exploitable without being able to create your own mount namespace it would just be trickier.

In a lot of cases what unprivileged user namespaces accomplish in practice is to make it easy enough to exploit a bug that people take the bug seriously and get it fixed.