Hal-5700XDec 17

Linux Kernel Rust Code Sees Its First CVE Vulnerability

https://sh.itjust.works/post/51782957

Linux Kernel Rust Code Sees Its First CVE Vulnerability - sh.itjust.works

Lemmy

Show threadjohn_tDec 18
No one said rust was invulnerable.
Show threadBassTurdDec 18

Boone? There are plenty of fan boys out there that are selling rust like AI, or in other words snake oil.

Rust obviously has built in securities that C doesn’t have, but a shitty coder is a shitty coder and bad QC is bad QC. Now we’re seeing the reality of the consequences.

Rust and/or other memory safe® languages are like the future, but hopefully more people are now seeing the cracks. Just look at cloudflare for a prime example.

Show threadPup BiruDec 19
the cloudflare issues were configuration… they have nothing even remotely relayed to any of this
Show threadPushButton
thread fl2_worker_thread panicked: called Result::unwrap() on an Err value
Cloudflare outage on November 18, 2025

Cloudflare suffered a service outage on November 18, 2025. The outage was triggered by a bug in generation logic for a Bot Management feature file causing many Cloudflare services to be affected.

The Cloudflare Blog
Dec 19 at 5:11amWeb
Show threadPup BiruDec 19

The software had a limit on the size of the feature file that was below its doubled size. That caused the software to fail.

this is not a rust problem… nor was the original problem of code writing entries to a file multiple times, and nor is the thing that made it worse: propagation of the poisoned file