{"id":243842,"date":"2026-05-11T13:35:00","date_gmt":"2026-05-11T17:35:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/05\/11\/for-many-such-issues-the-simplest-mitigation-is-to-stop-calling-the-buggyfunction-killswitch-provides-that-experts-propose-linux-kernel-killswitch-following-worrying-recent-security-issues\/"},"modified":"2026-05-11T14:50:07","modified_gmt":"2026-05-11T18:50:07","slug":"for-many-such-issues-the-simplest-mitigation-is-to-stop-calling-the-buggyfunction-killswitch-provides-that-experts-propose-linux-kernel-killswitch-following-worrying-recent-security-issues","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/05\/11\/for-many-such-issues-the-simplest-mitigation-is-to-stop-calling-the-buggyfunction-killswitch-provides-that-experts-propose-linux-kernel-killswitch-following-worrying-recent-security-issues\/","title":{"rendered":"&#8216;For many such issues the simplest mitigation is to stop calling the buggyfunction. Killswitch provides that&#8217;: Experts propose Linux kernel &#8220;killswitch&#8221; following worrying recent security issues"},"content":{"rendered":"<p><a href=\"https:\/\/www.techradar.com\/pro\/security\/for-many-such-issues-the-simplest-mitigation-is-to-stop-calling-the-buggy-function-killswitch-provides-that-experts-propose-linux-kernel-killswitch-following-worrying-recent-security-issues\">&#8216;For many such issues the simplest mitigation is to stop calling the buggyfunction. Killswitch provides that&#8217;: Experts propose Linux kernel &#8220;killswitch&#8221; following worrying recent security issues<\/a><\/p>\n<p><a href=\"https:\/\/www.techradar.com\/pro\/security\/for-many-such-issues-the-simplest-mitigation-is-to-stop-calling-the-buggy-function-killswitch-provides-that-experts-propose-linux-kernel-killswitch-following-worrying-recent-security-issues\">https:\/\/www.techradar.com\/pro\/security\/for-many-such-issues-the-simplest-mitigation-is-to-stop-calling-the-buggy-function-killswitch-provides-that-experts-propose-linux-kernel-killswitch-following-worrying-recent-security-issues<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-05-11 13:35:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.techradar.com\">www.techradar.com<\/a><\/p>\n<ul id=\"elk-37371436-2def-4ae7-9aa8-8a83bddecc16\">\n<li><strong>Maintainers proposed a killswitch mechanism to temporarily disable vulnerable kernel functions at runtime via securityfs<\/strong><\/li>\n<li><strong>The feature aims to mitigate high\u2011severity flaws like Copy Fail and Dirty Frag until patches arrive, though it risks system instability<\/strong><\/li>\n<li><strong>It\u2019s under community review, positioned as a stopgap measure\u2014not a replacement for proper patching<\/strong><\/li>\n<\/ul>\n<p id=\"elk-89c0b648-03f6-49c6-8191-1d03c5b8b6df\">The Linux kernel could soon get a new feature that serves as a temporary safeguard against high-severity vulnerabilities until patches are deployed.<\/p>\n<p>One of the Linux stable kernel co-maintainers, Sasha Levin, recently proposed a new patch that would allow system administrators to temporarily disable a vulnerable kernel function.<\/p>\n<p id=\"elk-89c0b648-03f6-49c6-8191-1d03c5b8b6df-2\">That way, if security researchers discover malicious code in the future, users would be able to quickly instruct the kernel not to use it. The feature would not address underlying issues, but since the function would return an error, it could prevent the vulnerability from causing any serious harm before a proper patch is deployed.<\/p>\n<p><span class=\"inline-flex items-center gap-1.5 text-sm font-article-heading capitalize leading-5 text-white whitespace-nowrap\"><span class=\"jwp-carousel-title-mobile\"\/><span class=\"jwp-carousel-title-desktop\">Latest Videos From<\/span><span class=\"jwp-carousel-brand inline-flex items-center\" aria-hidden=\"true\"><\/span><\/span><img decoding=\"async\" src=\"https:\/\/www.techradar.com\/media\/img\/techradar_logo_v2.svg\" alt=\"\" class=\"max-h-12 w-auto\" aria-hidden=\"true\"\/><br \/>\n        <span class=\"\n            flex\n            after:content-[''] after:flex-1 after:ml-4 after:my-[0.7rem] after:border-t after:border-solid after:border-t-[#ccc]\n            before:content-[''] before:flex-1 before:mr-4 before:my-[0.7rem] before:border-t before:border-solid before:border-t-[#ccc]\n            font-article-heading pb-0 text-[length:var(--article-river-title--font-size,1em)] uppercase sm:text-[length:var(--article-river-title--font-size,0.875em)] font-bold\n        \"><br \/>\n            You may like<br \/>\n        <\/span><\/p>\n<h2 id=\"good-idea-does-not-work-3\">Good idea, does (not) work?<\/h2>\n<p id=\"elk-5c28a411-fdb4-4a55-ac70-48e3056654bf\">If adopted, the feature would be available through the kernel\u2019s securityfs interface, allowing admins to enable killswitches for specific functions which would render them unusable immediately. The change would take effect at runtime, and would remain active until disabled, or until the system is restarted.<\/p>\n<p>On paper, the idea sounds good. In practice, there are many challenges and moving parts to address. When a function is disabled, it could disrupt the entire system or crash other parts. It could also introduce additional vulnerabilities.<\/p>\n<p>Therefore, it is important to note that the feature is not imagined for general purpose use. It is also worth mentioning that this feature cannot serve as a replacement for patching.<\/p>\n<p>Still, it could be a solid first-aid kit to prevent further escalation with high-severity vulnerabilities.<\/p>\n<p class=\"newsletter-form__strapline\">Sign up to the TechRadar Pro&#8230;<\/p>\n<p><a href=\"https:\/\/www.techradar.com\/pro\/security\/for-many-such-issues-the-simplest-mitigation-is-to-stop-calling-the-buggy-function-killswitch-provides-that-experts-propose-linux-kernel-killswitch-following-worrying-recent-security-issues\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>&#8216;For many such issues the simplest mitigation is to stop calling the buggyfunction. Killswitch provides&#8230;<\/p>\n","protected":false},"author":1,"featured_media":243843,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/cdn.mos.cms.futurecdn.net\/kCbP2VkzMgQpYqJDgMQ8UZ-2560-80.jpg","fifu_image_alt":"","footnotes":""},"categories":[48],"tags":[71,57,27],"class_list":["post-243842","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-linux","tag-linux","tag-security","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/243842"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=243842"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/243842\/revisions"}],"predecessor-version":[{"id":243844,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/243842\/revisions\/243844"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/243843"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=243842"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=243842"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=243842"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}