Linux Kernel 6.6.133 Released with Stability Fixes After Panic Patch Revert
The latest stable update for the long-term support branch is out, but it comes with a bit of a twist regarding how file attributes are handled. Linux Kernel 6.6.133 includes a quick correction to prevent system crashes that slipped through initial testing. Users should know this patch fixes an issue where invalid file descriptors triggered kernel panics during extended attribute operations.
Why the previous update caused problems
The development team at Kernel.org caught a nasty bug in the backporting process before anyone else noticed it. A change meant to modernize how file descriptor classes are handled accidentally removed necessary safety checks for older systems. This oversight meant that calling specific functions with bad file handles could crash the entire kernel instead of just failing gracefully. It is a classic case where trying to clean up code made things worse for edge cases involving security tools like grsecurity.
There was a report from Brad Spengler highlighting exactly how this flaw exposed systems to instability during extended attribute calls. One admin might have been running automated scripts that check file metadata and suddenly found their server rebooting without warning. This kind of silent failure is what keeps sysadmins awake at night when they are not supposed to be monitoring logs.
Linux kernel 6.6.133 released
Linux kernel version 6.6.133 is now available:
Full source: https://cdn.kernel.org/pub/linux/kernel/v6.x/linux-6.6.133.tar.xz
Patch: https://cdn.kernel.org/pub/linux/kernel/v6.x/patch-6.6.133.xz
PGP Signature: https://cdn.kernel.org/pub/linux/kernel/v6.x/linux-6.6.133.tar.sign
You can view the summary of the changes at the following URL:
https://git.kernel.org/stable/ds/v6.6.133/v6.6.132
Stay safe and keep those logs clean.
