{"id":243451,"date":"2026-05-11T04:30:00","date_gmt":"2026-05-11T08:30:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/05\/11\/linux-is-getting-a-kill-switch\/"},"modified":"2026-05-11T04:55:07","modified_gmt":"2026-05-11T08:55:07","slug":"linux-is-getting-a-kill-switch","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/05\/11\/linux-is-getting-a-kill-switch\/","title":{"rendered":"Linux is Getting a Kill Switch!"},"content":{"rendered":"<p><a href=\"https:\/\/itsfoss.com\/news\/linux-killswitch-proposal\/\">Linux is Getting a Kill Switch!<\/a><\/p>\n<p><a href=\"https:\/\/itsfoss.com\/news\/linux-killswitch-proposal\/\">https:\/\/itsfoss.com\/news\/linux-killswitch-proposal\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-05-11 04:30:00<\/a><\/p>\n<p>Source Domain: <a href=\"itsfoss.com\">itsfoss.com<\/a><\/p>\n<p>Sasha Levin, NVIDIA engineer and co-maintainer of the stable and long-term support kernel trees, has proposed a new patch that adds a mechanism called <strong>killswitch<\/strong> to the Linux kernel.<\/p>\n<p>It&#8217;s pitched as a way for system administrators to disable a vulnerable kernel function on a running system, and the timing of it isn&#8217;t a coincidence either. The patch follows the rising risk of Linux Privilege Escalation (LPE) vulnerabilities like Copy Fail and Dirty Frag.<\/p>\n<h2 id=\"what-is-it\">What is it?<\/h2>\n<p><img decoding=\"async\" src=\"https:\/\/itsfoss.com\/content\/images\/2026\/05\/linux-kernel-killswitch-proposal.png\" class=\"kg-image\" alt=\"this cropped screenshot shows a post by sasha levin on the linux kernel mailing list regarding his killswitch proposal\" loading=\"lazy\" width=\"885\" height=\"778\" srcset=\"https:\/\/itsfoss.com\/content\/images\/size\/w600\/2026\/05\/linux-kernel-killswitch-proposal.png 600w, https:\/\/itsfoss.com\/content\/images\/2026\/05\/linux-kernel-killswitch-proposal.png 885w\" sizes=\"(min-width: 720px) 720px\"\/><\/p>\n<p>The Linux kernel is built out of many thousands of small functions, each handling a specific job, like processing a network packet, opening a file, or talking to a USB device. When a security flaw shows up in one of these functions, the proper fix is to patch the code and ship a new kernel.<\/p>\n<p>What killswitch entails is a more &#8220;<strong>must exterminate<\/strong>&#8221; approach, where the admin gives the kernel a function name and a return value. From that point on, the function still gets called by whatever was calling it, but it just hands back that value and exits. The actual code inside never runs.<\/p>\n<p>In practice, that means a single line at the terminal:<\/p>\n<p>echo &#8220;engage af_alg_sendmsg -1&#8221;<br \/>\n         \/sys\/kernel\/security\/killswitch\/control<\/p>\n<p>After this, every program trying to send data through AF_ALG (the kernel cryptography interface Copy Fail also exploited) gets an error back. Whatever bug sat in af_alg_sendmsg is now unreachable because the function never actually executes.<\/p>\n<p>The effect kicks in across every CPU core immediately, and it lasts until the admin disengages it or the system reboots. Engaging anything requires root privileges.<\/p>\n<p>There&#8217;s also a boot parameter version killswitch=fn1=val,fn2=val,&#8230;, for cases where <strong>an operator needs to apply the mitigation across a whole fleet of machines<\/strong> through the bootloader.<\/p>\n<p>Sasha points at AF_ALG, ksmbd, nftables, vsock, and ax25 as good candidates for this patch, saying that:<\/p>\n<p>For most users, the cost of &#8220;this socket family stops working for the day&#8221; is<br \/>much&#8230;<br \/>\n<br \/><a href=\"https:\/\/itsfoss.com\/news\/linux-killswitch-proposal\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Linux is Getting a Kill Switch! https:\/\/itsfoss.com\/news\/linux-killswitch-proposal\/ Publish Date: 2026-05-11 04:30:00 Source Domain: itsfoss.com Sasha&#8230;<\/p>\n","protected":false},"author":1,"featured_media":243454,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/itsfoss.com\/content\/images\/2026\/05\/linux-killswitch-banner.png","fifu_image_alt":"","footnotes":""},"categories":[48],"tags":[89,71,57],"class_list":["post-243451","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-linux","tag-flaw","tag-linux","tag-security"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/243451"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=243451"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/243451\/revisions"}],"predecessor-version":[{"id":243455,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/243451\/revisions\/243455"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/243454"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=243451"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=243451"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=243451"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}