Linux kernel 7.0.2 drops critical SMB fixes and clears up FUSE race conditions
The Linux kernel 7.0.2 stable release lands with a heavy focus on network file sharing stability and memory safety across several core subsystems. Users running custom kernels or relying on third-party storage drivers will want to patch immediately, especially if they share files over the network or use FUSE-based mounts. This update quietly patches a dozen security holes while smoothing out some of the rougher edges in the filesystem and crypto layers.
Linux kernel 7.0.2 patches SMB server and client for dangerous memory bugs
The ksmbd driver took the biggest hit in this release, with multiple commits targeting out-of-bounds writes and integer overflows that could crash a file server or leak kernel heap data to unprivileged processes. Several fixes address how the server handles access control lists and connection counts, which means systems running SMB shares will stop rejecting legitimate connections after hitting artificial limits. The client side also gets tightened up to validate directory entries and security descriptors before copying them into userspace, closing paths that malicious servers could exploit to read past allocated buffers. Anyone who has ever watched a network share freeze during heavy file transfers or noticed permission checks acting weirdly will see those issues disappear once the patch lands. The connection counting logic was completely broken for anyone running multiple channels on the same session, and honestly it should have been caught before hitting stable.
FUSE and F2FS get tighter bounds checking to prevent crashes
FUSE mounts have been plagued by a few nasty race conditions that could hang the system during synchronous initialization or overflow page cache pages with oversized directory entries. The new code forces proper waits for device initialization and rejects any dirent that exceeds standard page boundaries, which stops those silent memory corruptions dead in their tracks. F2FS also gets attention for use-after-free bugs triggered during concurrent unmounts and writeback operations, alongside a fix for an uninitialized value access that automated fuzzers had been flagging repeatedly. These changes keep the filesystem from tripping over itself when multiple threads try to trim space or rename files at the same time. The race window was narrow enough that most desktop users never noticed it, but server workloads running heavy backup jobs will definitely feel more stable after applying this update.
AMDGPU IRQ safety and crypto callback chains get sorted out
The AMDGPU driver finally swaps its legacy ID allocator for an XArray structure that handles interrupt contexts without deadlocking, which should quiet down those random GPU hangs on systems with heavy compute workloads or virtualized graphics passthrough. Crypto drivers see a few targeted fixes too, including a krb5enc patch that restores missing hash verification during asynchronous decryption and a ccp driver update that stops copying firmware blobs to userspace when commands fail. The ALSA subsystem quietly adds quirks for specific laptop speakers and USB audio interfaces, so the usual crackling or muted output issues on certain hardware should resolve without manual config tweaks. These are the kinds of changes that never make it into marketing emails but keep the underlying system from segfaulting when a user plugs in an obscure DAC or runs a background encryption task.
Linux kernel 7.0.2 released
Linux kernel version 7.0.2 is now available:
Full source: https://cdn.kernel.org/pub/linux/kernel/v7.x/linux-7.0.2.tar.xz
Patch: https://cdn.kernel.org/pub/linux/kernel/v7.x/patch-7.0.2.xz
PGP Signature: https://cdn.kernel.org/pub/linux/kernel/v7.x/linux-7.0.2.tar.sign
You can view the summary of the changes at the following URL:
https://git.kernel.org/stable/ds/v7.0.2/v7.0.1
Grab the tarball if you compile your own kernels or just wait for your distro to push the update through their stable repos. The network sharing fixes alone make this worth installing before the next wave of automated vulnerability scanners hits.
