- cross-posted to:
- technology@lemmy.world
- hackernews
- cross-posted to:
- technology@lemmy.world
- hackernews
The first CVE vulnerability has been assigned to a piece of the Linux kernel’s Rust code.
Greg Kroah-Hartman announced that the first CVE has been assigned to a piece of Rust code within the mainline Linux kernel.
This first CVE for Rust code in the Linux kernel pertains to the Android Binder rewrite in Rust. There is a race condition that can occur due to some noted unsafe Rust code. That code can lead to memory corruption of the previous/next pointers and in turn cause a crash.
You must log in or register to comment.
race condition … unsafe… memory corruption of the previous/next pointers… crash.
I expected this for long enough. I am satisfied. Good. I wait for more.
Rust cannot help you if you disable the safety features, go figure.
How’s the weather up there, on your high horse?
Rust wasn’t meant to be the be-all, end-all solution to safety and soundness; it’s meant to be better than the alternatives, confining potential memory safety issues to explicitly-annotated
unsafeblocks.But, hey. That’s okay. With that kind of gloating attitude, I’m sure your code is 100% safe and vulnerability free, too. Just remind me to never step foot anywhere near an industrial system or operating system using it.
small
