Linux Kernel Goes Full Speed Ahead on Rust as AI Tools Uncover 13 CVEs a Day
Updated
Updated · ZDNet · May 27
Linux Kernel Goes Full Speed Ahead on Rust as AI Tools Uncover 13 CVEs a Day
2 articles · Updated · ZDNet · May 27
Linux kernel maintainers have ended Rust’s experimental status and are pushing wider adoption after a surge in AI-found security findings, Greg Kroah-Hartman said at Rust Week.
13 CVEs a day are now hitting the kernel security list, he said, with many flaws tied to C error handling, locking mistakes and memory-management bugs that Rust can catch at build time.
60% of kernel bugs could disappear through Rust’s compile-time checks, Kroah-Hartman argued, and combining Rust with new “untrusted data” validation could eventually eliminate 80% of CVEs.
113,000 lines of Rust are already in a 36 million-line kernel, mostly bindings, and maintainers expect new drivers and some Android Binder code to shift toward Rust over the next year or two.
Rust is not being pitched as a full rewrite or a silver bullet, but as an evolutionary path that also cleans up C interfaces and makes scarce maintainer review time more effective.
Can Rust really eliminate 80% of Linux bugs, or will it just create new, more subtle flaws?
Will Rust's promise of a safer Linux kernel come at the cost of slower performance and development?
Linux Security in 2025: AI Fuels CVE Explosion as Rust Integration Targets Memory Safety
Overview
The report highlights how the rapid integration of Artificial Intelligence into development and security processes has led to an unprecedented surge in Common Vulnerabilities and Exposures (CVEs), especially within the Linux kernel. This increase is driven by the Linux kernel team's conservative approach, where nearly every bug is classified as a potential vulnerability, resulting in a dramatic rise in reported issues. The growing use of AI in vulnerability discovery and reporting introduces new challenges for managing and remediating these vulnerabilities, making it harder for organizations to keep up with the evolving cybersecurity landscape.