> > That being said, we just assigned our first CVE for some Rust code in the kernel:

jackrabbit1997 • yesterday at 7:28 PM • 1 reply • view on HN

> > That being said, we just assigned our first CVE for some Rust code in the kernel: https://lore.kernel.org/all/2025121614-CVE-2025-68260-558d@g... where the offending issue just causes a crash, not the ability to take advantage of the memory corruption, a much better thing overall.

That indicates that Greg Koah-Hartman has a very poor understanding of Rust and the _unsafe_ keyword. The bug can, in fact, exhibit undefined behavior and memory corruption.

His lack of understanding is unfortunate, to put it very mildly.

Replies

n2d4 • yesterday at 7:54 PM

What are some compiler flags that would compile the code such that an attacker could take advantage? And what would the attack be?

Or is this just a theoretical argument, "it is hypothetically possible to create a technically-spec-compliant Rust compiler that would compile this into dangerous machine code"? If so it should still be fixed of course, but if I'm patching my Linux kernel I'd rather know what the practical impact is.

➕ show 2 replies

alt Hacker News

Replies