Linux is facing a rapid increase in serious security vulnerabilities discovered by AI-based bug detection. Kernel maintainer Greg Kroah-Hartman links the surge to long-standing classes of bugs common in C, including unchecked error conditions, forgotten locks, and unreleased memory. He cites examples such as a long-standing Bluetooth pointer dereference without checking and a Xen issue where a lock was not unlocked on an error path. He reports that the kernel team is issuing many CVEs per day and argues that Rust is one of the few realistic approaches to significantly reduce these bug types. He expects more Linux code to be written in Rust going forward.
""I'm here to talk about untrusted data and Linux, and how Rust is going to save us." After "a long month or two on the kernel security list," he pushed that point even further: "I'm going to make even a bolder statement and say, 'You are going to save Linux.' Sorry, it's all on you.""
""You are going to save Linux." Sorry, it's all on you." What he was talking about was the sudden flood of serious Linux security holes being discovered, such as Dirty Frag, Copy Fail, and Fragnesia, that have come to light thanks to the latest AI bug-detection programs. As a result, Kroah-Hartman, who has "seen every single kernel security bug ever" since 2005, said the kernel team is now issuing "13 CVEs [Common Vulnerabilities and Exposures] a day, or something, something crazy.""
"He thinks Rust is one of the few realistic ways to slash the class of bugs that come from C's traditional error-handling and resource-management pitfalls. Also: One of the most user-friendly Linux distros I've ever used is also one of the most secure Kroah-Hartman illustrated those pitfalls with real C bugs in the kernel, including a 15-year-old Bluetooth bug that dereferenced a pointer without checking it and a Xen bug where "we forgot to unlock" in an error path."
""The majority of the bugs in the kernel are this tiny, minor stuff," he explained. "Error conditions aren't checked, locks aren't forgotten, unreleased memories leak, and vulnerabilities add up over time. They crash the kernel.""
Read at ZDNET
Unable to calculate read time
Collection
[
|
...
]