Hal-5700X@sh.itjust.works to Technology@lemmy.worldEnglish · edit-25 months agoLinux Kernel Rust Code Sees Its First CVE Vulnerabilitywww.phoronix.comexternal-linkmessage-square11linkfedilinkarrow-up1129arrow-down12
arrow-up1127arrow-down1external-linkLinux Kernel Rust Code Sees Its First CVE Vulnerabilitywww.phoronix.comHal-5700X@sh.itjust.works to Technology@lemmy.worldEnglish · edit-25 months agomessage-square11linkfedilink
minus-squareHal-5700X@sh.itjust.worksOPlinkfedilinkEnglisharrow-up10arrow-down5·5 months agoYou say that. But the CVE is a memory corruption bug.
minus-squareDave.@aussie.zonelinkfedilinkEnglisharrow-up39arrow-down2·5 months agoWhich is worse? Entire driver written in a non memory safe language? The interface to the rest of the kernel is marked as unsafe and then the other X percent is safe from memory corruption? Surely if X > 0 then this is still a net improvement?
minus-squaresik0fewl@lemmy.calinkfedilinkEnglisharrow-up6arrow-down1·5 months agoI don’t know, but I found this article interesting with respect to unsafe Rust - https://lightpanda.io/blog/posts/why-we-built-lightpanda-in-zig
minus-squareJustAnotherKay@lemmy.worldlinkfedilinkEnglisharrow-up7·5 months agoThey’re not calling Rust unsafe. There is a memory safe mode and a memory unsafe mode in Rust, and this was built in unsafe Rust which allowed for the memory bug to be exploited
minus-squareryannathans@aussie.zonelinkfedilinkEnglisharrow-up2arrow-down2·5 months agoYou don’t understand what unsafe means
You say that. But the CVE is a memory corruption bug.
Which is worse?
Surely if X > 0 then this is still a net improvement?
I don’t know, but I found this article interesting with respect to unsafe Rust - https://lightpanda.io/blog/posts/why-we-built-lightpanda-in-zig
They’re not calling Rust unsafe. There is a memory safe mode and a memory unsafe mode in Rust, and this was built in unsafe Rust which allowed for the memory bug to be exploited
You don’t understand what unsafe means