Linux 7.0 Ships While AI Bug Hunters Reshape Security

The Linux kernel just jumped to version 7.0, which sounds dramatic until you learn that Linus Torvalds picks version numbers by counting to twenty and starting over. The .0 designation means nothing about the magnitude of changes—except this time, it actually does mean something.

Linux 7.0 introduces a standardized API for file I/O error reporting across all file systems. Previously, each file system handled metadata corruption and I/O errors differently, creating an inconsistent mess. The new infrastructure gives file systems a uniform way to queue error reports for delivery to FSNotify, which matters if you care about knowing when your storage is failing before data disappears.

The XFS file system gained live health monitoring that delivers real-time information about file system events to user space through an anonymous file descriptor. A new daemon managed by systemd reads these events and initiates repairs automatically, though it won't block unmounting unless repairs are actively running. This is preventive maintenance automation, not just error logging.

Container deployment got faster through extensions to OpenTree2. The typical container setup involves cloning the entire mount namespace via clone(CLONE_NEWNS), then recursively unmounting everything you don't want—wasteful and slow. The new OPEN_TREE_NAMESPACE flag copies only the indicated mount tree and returns a file descriptor to a new mount namespace where that tree is already mounted. As Tunnell explains, "This allows open tree namespace to function as a combined unshare clone new NS and a pivot route." Translation: container runtimes can skip several expensive steps.

The kernel also enabled Accurate ECN (RFC 9768) by default after experimental support in 6.18. Standard Explicit Congestion Notification only sends one feedback signal per round-trip time. Accurate ECN provides multiple signals per RTT in the TCP header, improving congestion handling for high-performance networking.

Btrfs added a logical remapping tree that will eventually act as an indirection layer for I/O operations. Instead of fixing up every tree during relocation, the file system records old and new addresses in the remap tree. This enables future improvements like larger data extents and reduced write amplification. Oh, and Linux 7.0 also supports Rock Band 4 guitars for PS4 and PS5, which tells you something about kernel development priorities.

When AI Finds 27-Year-Old Bugs

While kernel developers shipped incremental improvements, Anthropic announced Project Glasswing—and the security implications dwarf anything in a kernel changelog.

Anthropic's Claude Mythos Preview model can "surpass all but the most skilled humans at finding and exploiting software vulnerabilities," according to the company. They claim to have found thousands of high-severity bugs "including in every major operating system in every major web browser." The model discovered a 27-year-old vulnerability in OpenBSD that allows remote crashes just by connecting to the system. OpenBSD positions itself as the most security-hardened operating system available, used for firewalls and critical infrastructure.

The FFmpeg case demonstrates why this capability is unsettling: Mythos found a 16-year-old vulnerability in a line of code that automated testing tools had executed five million times without catching the flaw. As Tunnell notes, "These models can may be especially useful at finding subtle logic or context-sensitive flaws that high volume automated testing misses. This is not just faster fuzzing."

Project Glasswing gives AWS, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorgan Chase, the Linux Foundation, Microsoft, Nvidia, and Palo Alto Networks early access to Mythos Preview for scanning their systems and open-source dependencies. Anthropic committed up to $100 million in usage credits and $4 million in open-source security donations. This is not a product launch—it's a coordinated defensive response before similar offensive capabilities proliferate.

The Linux kernel testing reveals both the promise and limits of AI exploit development. Mythos found kernel vulnerabilities and chained them into working privilege escalation paths, but "after several thousand scans, Mythos was unable to exploit many individual kernel bugs directly because of Linux's defense in depth." The model succeeded by combining multiple primitives—stitching together bugs that individually wouldn't matter.

Anthropic argues the immediate danger isn't zero-days but "n-days"—the window between patch release and exploit weaponization. Once a patch exists, attackers can reverse-engineer it and ask the model to generate a working exploit. "The patch gap may become the panic zone," Tunnell observes, "because the time between a fixed landing and criminals weaponizing it could be getting smaller."

The Open Source Dilemma

Project Glasswing positions itself as democratizing access to capabilities previously concentrated in large security teams. But this framing immediately raises the platform lock-in question: if critical defensive work depends on a proprietary model, what happens when Anthropic changes terms or pricing?

The OpenSSF's OSS-CRS (Cyber Reasoning Systems) framework tries to address this by standardizing how autonomous bug-finding and bug-fixing systems operate across different environments and vendors. DARPA's AI Cyber Challenge already demonstrated that autonomous systems can find and patch vulnerabilities in critical open-source software.

But there's a catch that defenders need to internalize: in one reviewed set of 630 AI-generated patches, 20-40% were semantically incorrect despite passing automated validation. The security landscape change isn't "AI replaces security engineers." It's "AI massively increases the volume and speed of finding and exploiting attempts and patch proposals which raises the value of good human triage."

Maintainers now face a flood of findings and plausible fixes. Separating genuinely secure patches from patches that only look correct to automation becomes the bottleneck. The old timeline—discover, patch, eventually exploit—is breaking down. What replaces it depends on whether defenders adopt these tools before attackers do, and whether the tooling remains accessible rather than locked behind proprietary APIs.

Meanwhile, Linux crossed 5% market share on Steam for the first time, reaching 5.33% in Valve's March 2026 hardware survey. The jump partly reflects survey methodology corrections—English-language users jumped to 39.09% while simplified Chinese fell to 22.75%—but the threshold still matters. Steam represents actual gaming usage, not desktop statistics inflated by enterprise deployments. At 5%, Linux is more than twice macOS's 2.35% on Steam.

For game developers, 5% starts moving Linux from "nice to have" toward "large enough to consider compatibility." Steam Deck accounts for 24.48% of Linux users in the survey, showing how Valve turned Linux into the operating system behind a major gaming platform. The trend line matters more than any single month: Linux gaming sat around 1% for years. Even a bad month now stays well above that baseline.

France announced plans to migrate government systems from Windows to Linux, citing digital sovereignty and reducing dependence on US technology. The government launched La Suite Numérique and Tchap as sovereign alternatives to Microsoft 365 and collaboration tools. This isn't a pilot program—it's procurement policy changing what software the French state will buy.

The open-source office suite world erupted in licensing disputes and forks. Nextcloud and IONOS forked ONLYOFFICE as Euro-Office, which ONLYOFFICE claims violates AGPL licensing terms. Separately, The Document Foundation removed Collabora developers from LibreOffice governance, prompting accusations from both sides about corporate control versus community governance.

These disputes reveal tensions inherent in open-source business models: projects need corporate sponsors for development resources, but corporate interests don't always align with community governance. The AGPL exists specifically to prevent proprietary forks of open-source software, yet interpretation of what constitutes compliance remains contentious.

What matters for policy isn't picking sides in office suite drama—it's recognizing that Europe's push for digital sovereignty is creating regulatory and procurement incentives for open-source alternatives to US-controlled platforms. Whether those alternatives succeed depends on technical execution, not just political will. The Document Foundation and Collabora need to resolve their governance dispute or risk fragmenting the LibreOffice ecosystem when European governments are finally willing to fund alternatives.

The AI security arms race Anthropic just accelerated will intersect with these sovereignty concerns. If frontier AI models become essential defensive tools, will European regulators accept dependence on US AI companies? Or will the EU AI Act's requirements push development of competing European models?

Security used to move slower than this. Patches took months to deploy. Exploits required specialized skills. Now AI can discover decades-old bugs in hardened systems and potentially weaponize patches within hours of release. The question isn't whether this changes everything—it's whether defenders can adapt fast enough to make the change survivable.

Samira Okonkwo-Barnes