CISA has issued an urgent alert about a critical use-after-free vulnerability in the Linux kernel, tracked as CVE-2024-1086. This vulnerability, hidden within the netfilter: nf_tables component, allows local attackers to escalate their privileges and potentially deploy ransomware, which could severely disrupt enterprise systems worldwide.

This vulnerability, hidden within the netfilter: nf_tables component, allows local attackers to escalate their privileges and potentially deploy ransomware, which could severely disrupt enterprise systems worldwide.

  • turdas@suppo.fiEnglish
    1·
    18 hours ago

    Whatever % of people that “fail” this test, is much higher than the 0% of people that would do so using rusts’ compiler.

    Of course, programs that don’t pass the borrow checker can be totally memory safe, but that would need to be analyzed on a case by case basis.

    Programs that do pass the borrow checker aren’t guaranteed to be totally memory safe, so the number isn’t actually 0% for Rust either: https://github.com/Speykious/cve-rs

    • calcopiritus@lemmy.worldEnglish
      1·
      11 hours ago

      Yes, I know about that one. That is code made specifically to reproduce a bug in the compiler. Unless you do it on purpose, there’s no way you’d get hit by it. If it were, they would have fixed it, it’s been known for several years.