What do you mean? Why would you want to update 7.0.3-1 to 7.0.3-2 (I am assuming that’s what you meant), when you already have 7.0.4, and 7.0.5. Actually, the current kernel, at least for zen4 arch is 7.0.6-1-cachyos.
cachyos is the repository for v1 CPUs—the very old ones. These still have kernel version 7.0.3 or older. They should either be updated to 7.0.6 or simply deleted.
All of these kernels still have the dirty frag bug because they haven’t been updated. So it’s dangerous to keep using these kernels. And kernels like linux-cachyos-cacule will probably never receive another update because cacule is no longer being developed.
That’s what you mean by v1… To me, that doesn’t make 100% sense, although I do understand your reaction. If they deleted kernels, many people would not be able to use them. Patching and testing them properly takes time and resources. This is a community distro, so people who want a patched kernel can download and compile their own, or even create PKGBUILDs for AUR for example, contact CachyOS devs and offer support etc.
Btw I don’t think the issue is as serious as you might be implying. It requires either a multi user environment (CachyOS is super rarely used in such a setting) or an already compromised system (e.g. you download and install a malicious package), in which case many users would stop using the system anyway.
Lol, I was about to write that dirty frag would still make the situation worse, but then I realized that’s not even the case, at least from my understanding. The installers (normally) run with root privileges anyway.
Edit:
I forgot to mention an obvious workaround: to simply blacklist esp and rxrpc kernel modules. 99.9% of users don’t need them.
Next kernel vulnerability:
With these privilege escalation vulnerabilities showing more often it’s good to check from time to time that there are no unwanted users in your system.
cat /etc/passwd
everything with nologin at the end is safe. There should only be root & your account (and the accounts of the family members if it’s a family computer) that should have access to a shell. I think in the future malware will just add new user accounts and attackers will then use the privilege escalation flavour of the week to get root access to your computer. Especially if you install software from AUR, github, gitlab, etc. this is a good way to see if you are still safe.
A bit many, lately…
We will see a lot more. AI has become so strong that people use it to find those security holes. IMHO thats good, every found & fixed security hole is a good one. This makes the work of the 3 Letter agencies much harder 
Next one:
At least some of these were certainly known and exploited by hackers before being discovered with AI and fixed, so it is definitely a good thing in the long term. In the short term, expect more turbulence ahead.
Things are even worse on the Windows side of things… a BitLocker backdoor was recently discovered and published, which would be like finding a way around the LUKS full disk encryption password prompt. The researcher who discovered it appears to believe it was left there intentionally.
Depends on a PoV. None of these are remote vulnerabilities. For most normal users LUKS does have advantage over BitLocker because it doesn’t auto decrypt the drive (Default behavior).
That aside, these attacks don’t only require local access, but physical local access.
There are well known attack vectors and attacks that can compromise LUKS btw. Full disk encryption doesn’t really exist in our regular Linux realm. There’s always an unencrypted stub that can be manipulated, however yes this requires physical access to the device (Like an evil maid attack). As long as there is an unencrypted stub like unencrypted /boot or EFI—which is always unencrypted—these can be used to replace/compromise the kernel, steal password etc.
To spare us few exchanges: Secure boot can be disabled, BIOS can be reset, even enterprise secured BIOSEs can be wiped by using a cheap SPI flasher (Someone who’s commited and capable of performing an evil made will have one. Every computer/phone shop will probably have one). And there are other ways.
All systems can be “hacked“, it’s just a matter of resources, time and incentive.
and kernel 7.0.8 is out to fix it
It’s astounding how fast these fixes arrive 