Rustproofing Linux (nccgroup)

The nccgroup blog is carrying a
four-part series
by Domen Puncer Kugler on how vulnerabilities can make
their way into device drivers written in Rust.

In other words, the CONFIG_INIT_STACK_ALL_ZERO build
option does nothing for Rust code! Developers must be cautious to
avoid shooting themselves in the foot when porting a driver from C
to Rust, especially if they previously relied on this config option
to mitigate this class of vulnerability. It seems that kernel info
leaks and KASLR bypasses might be here to stay, at least, for a
little while longer.

Deja un comentario

Tu dirección de correo electrónico no será publicada. Los campos obligatorios están marcados con *

Generated by Feedzy