Quotes of the week
Rust is is not a "silver bullet" that can solve all security problems, but it sure helps out a lot and will cut out huge swatches of Linux kernel vulnerabilities as it gets used more widely in our codebase.— Greg Kroah-HartmanThat being said, we just assigned our first CVE for some Rust code in the kernel: https://lore.kernel.org/all/2025121614-CVE-2025-68260-558d@gregkh/ where the offending issue just causes a crash, not the ability to take advantage of the memory corruption, a much better thing overall.
Note the other 159 kernel CVEs issued today for fixes in the C portion of the codebase, so as always, everyone should be upgrading to newer kernels to remain secure overall.
If you can't convince the [Linux security module] people to take your code, you sure can't convince me.— Linus TorvaldsI already think we have too many of those pointless things. There's a fine line between diversity and "too much confusion because everybody thinks they know best". And the linux security modules passed that line years ago.