Rust proposal targets 80 percent of linux kernel cves

Linux kernel maintainer Greg Kroah-Hartman presented a new Rust type at RustWeek 2026 that could prevent most security vulnerabilities. The approach focuses on handling untrusted data from userspace and hardware. It builds on existing Rust safety features already in the kernel.

Greg Kroah-Hartman spoke this week in Utrecht about a Rust-based proposal still under development. He said the Untrusted type would mark incoming data and force explicit validation before use. This change carries no runtime cost and aims to centralize checks for easier review. Kroah-Hartman has overseen every kernel security issue since 2005 and estimates the idea could remove around 80 percent of CVEs.

Relaterede artikler

Linux stable kernel maintainer Greg Kroah-Hartman has started using an AI-assisted fuzzing tool in a branch named 'clanker' to test the kernel codebase. The tool has already prompted fixes for vulnerabilities in subsystems like ksmbd and SMB. Patches from this effort now cover areas including USB, HID, WiFi, and networking.

Rapporteret af AI

Developers have released Linux kernel 7.0, featuring improvements for Intel and AMD hardware, enhanced storage handling, and the removal of the experimental label from Rust support. Linus Torvalds announced the update, which is not a long-term support version. The release includes preparations for upcoming CPUs and GPUs, alongside self-healing filesystem capabilities.

A security researcher has disclosed Dirty Frag, a new Linux kernel exploit that allows local users to gain root privileges. The flaw affects major distributions and remains unpatched on most systems despite earlier fixes for a similar issue.

Rapporteret af AI

Four days after the CopyFail (CVE-2026-31431) exploit disclosure disrupted Ubuntu services, the US government warned of its critical risks to Linux systems, urging immediate patching amid public exploit code.

Dette websted bruger cookies

Vi bruger cookies til analyse for at forbedre vores side. Læs vores privatlivspolitik for mere information.
Afvis