Linux Is Getting a Security Wake-up Call - Why It Was Inevitable and I'm Not Worried
Sasha Levin’s patch would let administrators disable vulnerable kernel functions at runtime until fixes arrive, a stopgap aimed at two recent zero-days.
- Linux stable kernel co-maintainer Sasha Levin recently proposed a patch enabling a runtime killswitch for vulnerable kernel functions, allowing administrators to quickly disable affected code.
- Following the recent disclosure of Copy Fail and Dirty Frag, developers introduced the proposal to mitigate high-severity flaws as hackers increasingly identify weaknesses in the kernel.
- If adopted, the feature would render specific functions unusable until proper patches arrive through the kernel's securityfs interface, though it risks system instability.
- Maintainers emphasize this feature serves as a temporary safeguard rather than a replacement for patching, as the tool is not intended for general-purpose use.
- Given the rise of vulnerabilities, the Linux community continues working to improve security; users should remain diligent about upgrading systems daily as developers address evolving threats.
11 Articles
11 Articles
'For many such issues the simplest mitigation is to stop calling the buggyfunction. Killswitch provides that': Experts propose Linux kernel "killswitch" following worrying recent security issues
A maintainer wants a first-aid kit for the Linux kernel and a proposal is currently being reviewed.
The Arch-based operating system CachyOS trimmed on gaming performance has secured all of its offered kernel variants against the serious security vulnerabilities Dirty Frag and Copy Fail - and that remarkably fast.
Nvidia Engineer Proposes Linux Kernel Killswitch to Disable Vulnerable Functions Before Patches Land
Nvidia engineer Sasha Levin has introduced a new mechanism for the Linux kernel that allows privileged operators to temporarily disable specific kernel functions. This can be done by returning a fixed value instead of executing the function, serving as a stopgap security measure while official patches are being developed.Levin explained that this "killswitch" enables a privileged operator to make a chosen kernel function return a predetermined v…
A maintainer proposes to add a "kill switch" to the Linux kernel after the recent disclosure of several critical vulnerabilities but its impact on system stability is causing debateThe developers of the Linux kernel are considering a proposal to incorporate an emergency shutdown button (kill switch). This proposal follows the recent discovery of major security flaws in the kernel. The kill switch would allow administrators to instantly disable f…
Coverage Details
Bias Distribution
- 100% of the sources are Center
Factuality
To view factuality data please Upgrade to Premium
