Comment by ActorNightly
6 months ago
>Show me a nontrivial project in either of those languages that has never had a memory safety issue
I mean, the linux kernel is a pretty good example. Static analyzers and things like valgrind exist for a reason.
6 months ago
>Show me a nontrivial project in either of those languages that has never had a memory safety issue
I mean, the linux kernel is a pretty good example. Static analyzers and things like valgrind exist for a reason.
There's been over a thousand memory safety CVEs in the kernel this year alone [0], the most recent published 2 days ago. Most of these aren't exploitable and are caught before stable, so I went to LWN instead and "scrolled down" until I saw an article that mentioned a memory safety vuln in stable kernels. "Scrolled down" is in quotes because there was no scrolling involved. Today's Friday security updates post links USN-7861-3 [1], which includes fixes for memory safety issues like CVE-2025-37838 [2].
[0] https://www.cvedetails.com/vulnerability-list/vendor_id-33/p...
[1] https://lwn.net/Articles/1046495/
[2] https://nvd.nist.gov/vuln/detail/CVE-2025-37838