CISA has issued an urgent alert about a critical use-after-free vulnerability in the Linux kernel, tracked as CVE-2024-1086. This vulnerability, hidden within the netfilter: nf_tables component, allows local attackers to escalate their privileges and potentially deploy ransomware, which could severely disrupt enterprise systems worldwide.

This vulnerability, hidden within the netfilter: nf_tables component, allows local attackers to escalate their privileges and potentially deploy ransomware, which could severely disrupt enterprise systems worldwide.

  • aubeynarf@lemmynsfw.comEnglish
    61·
    2 days ago

    Your link has nothing to do with bugs in Rust. It says attackers are writing their tools in Rust, which is making the attack tools more robust.

    attackers are smart, adaptable types, and they’ve discovered a different angle: malware written in Rust often shields itself using the very design principles we admire about the language. For us, as defenders, this means a steep learning curve and a shift in focus. Let’s break this down.

    • just_another_person@lemmy.worldEnglish
      24·
      2 days ago

      🤦 It’s not necessarily about bugs in Rust-lang, though you can lookup CVEs if you want. The point is that ANY software, by default, will have bugs and exploits. Doesn’t matter if it’s Rust or C. You can exploit at the core, or at implementation. It’s just matter of time and effort, as they say.

      Just flat out saying Rust, or software written in Rust is be default is secure, is a fool’s assertion. Sure it’s LESS LIKELY to have a memory exploit, but that’s where that assertion ends.

      • aubeynarf@lemmynsfw.comEnglish
        1·
        18 hours ago

        Just flat out saying Rust, or software written in Rust is be default is secure, is a fool’s assertion.

        Who said that, Mr. Strawman?

        It’s clearly better from both language feature and security standpoint and the community is behind it. What’s the problem?

        did you mean to post a different link?