Linux Kernel Adopts Rust for New Code, Targeting 80% of 13 Daily CVEs
Updated
Updated · ZDNet · Jul 15
Linux Kernel Adopts Rust for New Code, Targeting 80% of 13 Daily CVEs
1 articles · Updated · ZDNet · Jul 15
Summary
Greg Kroah-Hartman said Linux maintainers have ended Rust’s experimental phase and will treat it as a first-class language, with some new subsystem drivers accepted only in Rust.
About 13 kernel CVEs a day and nearly nine changes an hour pushed the shift: Kroah-Hartman said roughly 80% of past vulnerabilities were trivial C mistakes Rust could have caught.
Some of the earliest hard moves are in complex areas such as graphics, while Android’s Binder already has parallel C and Rust versions and the C implementation is expected to be retired.
About 150 core maintainers review code from more than 5,000 developers, making Rust attractive because compile-time checks can cut reviewer workload and let maintainers focus on logic bugs.
Existing kernel code will not be rewritten wholesale; maintainers say the strategy is to use Rust for new work while Rust-driven API changes also make remaining C code safer.
As Rust replaces C, could the bridge between them become the kernel's new single point of catastrophic failure?
Can the kernel's gradual Rust adoption outpace AI tools that now find decade-old C vulnerabilities in mere hours?
Will Rust's steep learning curve shrink the contributor pool, trading memory safety for a long-term talent deficit?
Linux Kernel Security in Crisis: 1,117% Surge in CVEs Drives Permanent Rust Adoption
Overview
The Linux kernel is the backbone of modern computing, powering the majority of websites and Unix-family systems. Its widespread use has made it a prime target for malicious actors, turning Linux malware into a mainstream concern. This has led to an escalating security challenge, highlighted by a dramatic surge in reported vulnerabilities. In response, the Linux community is embracing Rust to address deep-rooted memory safety issues in the kernel’s vast C codebase. By integrating Rust, the goal is to reduce vulnerabilities and strengthen the security of the Linux kernel against evolving threats.