Linux Kernel 7.0.12 drops a tight batch of stability patches targeting Thunderbolt property parsing, AMD and Intel graphics drivers, and legacy serial port handling. The update squashes critical memory leaks and race conditions that previously caused ghost USB devices, display clock lockups, and kernel stack exhaustion on docked systems. Networking and storage drivers also get hardened against oversized protocol payloads, closing several remote and physical attack vectors. Users running hybrid laptops or relying on stable peripheral connections should apply the package to stop random hangs and restore proper hardware LED functionality.

Linux Kernel 7.0.12 Released With Critical Thunderbolt and GPU Fixes

Linux Kernel 7.0.12 just dropped, and this update brings a heavy dose of stability patches for networking, graphics, and peripheral drivers. The release focuses on squashing memory leaks, fixing race conditions in Thunderbolt property parsing, and resolving display glitches on recent AMD and Intel hardware. Users running hybrid laptops or relying on stable Thunderbolt docks should pay close attention to the driver corrections included here.

KVM, USB, and Peripheral Driver Corrections

The KVM arm64 subsystem finally gets its act together regarding nested MMU structures and translation cache references, which previously allowed concurrent invalidations to drop references too early and trigger use-after-free bugs. USB root hub descriptors on SuperSpeed ports get corrected to match the actual 3.2 specification, and Tegra systems stop spawning ghost devices when dual-role ports get unplugged. The mailbox framework also gains a sentinel value to properly handle NULL message support, which keeps the TX state machine from misinterpreting idle states as active requests. Serial port drivers see several quiet but important fixes, including proper SysRq character dispatching in 8250 and DW variants, bootconsole handover lockups on DECstation hardware, and DMA map leak corrections in the Freescale LPUART driver. These changes matter because legacy serial hardware often hangs or drops console output during boot, and the new fixes ensure the kernel actually dispatches the captured system keys instead of silently ignoring them. Systems freeze completely when a Thunderbolt dock is unplugged while a heavy GPU task is running, and this patch stops that ghost device behavior before it starts.

Linux Kernel 7.0.12 Graphics and Display Stability Updates

AMD GPU drivers receive multiple fixes for memory management, including integer overflow checks in the KFD debugger and bounds validation for GEM object mapping info. The changes also route out-of-memory failures through proper cleanup paths to stop leaked dma_resv locks from causing local denial of service. Intel i915 drivers get a critical fix for a potential use-after-free during TTM object purge, which previously caused general protection faults on DG2 hardware under heavy load. Power management code for SI GPUs stops blocking DC states when no displays are connected, fixing a regression that locked memory clocks at maximum frequency. Display color programming loops also get corrected to properly handle HDR pre-CSC LUT entries over 1.0. The graphics stack runs cleaner now, and users will notice fewer random freezes when switching between external monitors and laptop screens.

Thunderbolt and Networking Security Patches

Thunderbolt property parsing gets a hard limit on recursion depth to prevent crafted peer devices from exhausting the kernel stack. The parser also rejects directory lengths under four bytes to stop size_t underflows that previously led to out-of-bounds reads. Networking drivers get a few important treatments, including a fix for the rxrpc RESPONSE packet verification that improves the mitigation for CVE-2026-43500 by extracting UDP contents into a linear buffer instead of decrypting in place. iSCSI target drivers get bounds checks added to CHAP base64 decoding and login buffer appends, which stops heap overruns when initiators send oversized payloads. Fibre Channel transport code widens a loop counter to u32 to prevent infinite hangs from malformed FPIN frames. These network patches stop remote or physical attackers from triggering kernel panics through standard protocol exchanges. The old Thunderbolt parser was needlessly complex and allowed malicious peers to loop through property directories until the kernel stack collapsed, so the new recursion limit is a welcome cleanup.

What Users Should Know Before Upgrading

Patching this version requires rebuilding the kernel or installing the distribution package, but the changes directly impact system stability for anyone using Thunderbolt docks, AMD or Intel graphics, or legacy serial hardware. The Thunderbolt parser limits and iSCSI bounds checks close attack vectors that could be triggered by physical access or network initiators. Graphics drivers stop hanging on certain power state transitions, and serial port drivers finally dispatch magic system keys correctly instead of silently dropping them. Users running hybrid laptops should also notice the ALSA quirk additions that restore mute and mic-mute LED functionality on specific HP Envy models. The update lands quietly in the usual repositories. Check the distribution release notes to see if the package is ready, then apply it when the system is idle.

Linux kernel 7.0.12 released

Linux kernel version 7.0.12 is now available:

Full source: https://cdn.kernel.org/pub/linux/kernel/v7.x/linux-7.0.12.tar.xz
Patch: https://cdn.kernel.org/pub/linux/kernel/v7.x/patch-7.0.12.xz
PGP Signature: https://cdn.kernel.org/pub/linux/kernel/v7.x/linux-7.0.12.tar.sign

You can view the summary of the changes at the following URL:
https://git.kernel.org/stable/ds/v7.0.12/v7.0.11

Stay sharp, keep your drivers updated, and may your hotplugs never fail again.