No one said rust was invulnerable.
Linux Kernel Rust Code Sees Its First CVE Vulnerability
Submitted 1 day ago by hal_5700X@sh.itjust.works to technology@lemmy.world
https://www.phoronix.com/news/First-Linux-Rust-CVE
Comments
john_t@piefed.ee 1 day ago
pryre@lemmy.world 1 day ago
I think the other takeaway here is that it was found in a section marked “unsafe”. At the very least, that’s a useful tool for the Devs to isolate potential problem areas. Comparing that to a pure C codebase where the problem could be anywhere.
hummingbird@lemmy.world 1 hour ago
The funny part is: the fix does not change the unsafe block at all. The issue is elsewhere in safe rust code.
vrighter@discuss.tchncs.de 3 hours ago
doesn’t change anything if you can’t avoid having to write the unsafe parts
BassTurd@lemmy.world 1 day ago
Boone? There are plenty of fan boys out there that are selling rust like AI, or in other words snake oil.
Rust obviously has built in securities that C doesn’t have, but a shitty coder is a shitty coder and bad QC is bad QC. Now we’re seeing the reality of the consequences.
Rust and/or other memory safe® languages are like the future, but hopefully more people are now seeing the cracks. Just look at cloudflare for a prime example.
some_guy@lemmy.sdf.org 1 day ago
Sucks to be the person who made that commit. Genuinely.
SapphironZA@sh.itjust.works 15 hours ago
Back luck Brian kernel developer.
Auster@thebrainbin.org 1 day ago
Surprised it took so long.
eager_eagle@lemmy.world 1 day ago
almost as if using a memory safe language actually reduces the CVEs related to memory
tekato@lemmy.world 16 hours ago
JavaScript would have prevented this.
isVeryLoud@lemmy.ca 14 hours ago
You’re so right! The Linux kernel should be re-written as a Deno executable