In the latest version of the Linux 6.18 kernel, a vulnerability in the Binder interprocess communication mechanism written in the Rust language has been successfully fixed. The vulnerability, identified as CVE-2025-68260, was caused by a race condition during operations in unsafe blocks that manipulated pointers to elements in a list. If exploited, the vulnerability in Binder could only result in a system crash without causing memory corruption.
Greg Kroah-Hartman, the maintainer of the stable branch of the Linux kernel, commented on this vulnerability stating that while Rust cannot solve all security issues, it does provide protection against certain types of vulnerabilities. It is worth noting that in addition to the Binder vulnerability, information was released yesterday regarding a total of 159 vulnerabilities in various components of the Linux kernel written in C.