JavaScript would have prevented this.
Linux Kernel Rust Code Sees Its First CVE Vulnerability
Submitted 1 month ago by hal_5700X@sh.itjust.works to technology@lemmy.world
https://www.phoronix.com/news/First-Linux-Rust-CVE
Comments
tekato@lemmy.world 1 month ago
isVeryLoud@lemmy.ca 1 month ago
You’re so right! The Linux kernel should be re-written as a Deno executable
some_guy@lemmy.sdf.org 1 month ago
Sucks to be the person who made that commit. Genuinely.
SapphironZA@sh.itjust.works 1 month ago
Back luck Brian kernel developer.
Auster@thebrainbin.org 1 month ago
Surprised it took so long.
eager_eagle@lemmy.world 1 month ago
almost as if using a memory safe language actually reduces the CVEs related to memory
john_t@piefed.ee 1 month ago
No one said rust was invulnerable.
pryre@lemmy.world 1 month ago
I think the other takeaway here is that it was found in a section marked “unsafe”. At the very least, that’s a useful tool for the Devs to isolate potential problem areas. Comparing that to a pure C codebase where the problem could be anywhere.
hummingbird@lemmy.world 1 month ago
The funny part is: the fix does not change the unsafe block at all. The issue is elsewhere in safe rust code.
vrighter@discuss.tchncs.de 1 month ago
doesn’t change anything if you can’t avoid having to write the unsafe parts
BassTurd@lemmy.world 1 month ago
Boone? There are plenty of fan boys out there that are selling rust like AI, or in other words snake oil.
Rust obviously has built in securities that C doesn’t have, but a shitty coder is a shitty coder and bad QC is bad QC. Now we’re seeing the reality of the consequences.
Rust and/or other memory safe® languages are like the future, but hopefully more people are now seeing the cracks. Just look at cloudflare for a prime example.