Rust Will Protect Linux from AI-Generated Code Vulnerabilities, Says Greg Kroah-Hartman

Greg Kroah-Hartman, the stable maintainer of the Linux kernel, believes Rust is critical to the future security of the operating system. At the same time, he emphasizes: Rust is not magic, but a pragmatic solution for eliminating an entire class of vulnerabilities.

Rust in the Linux Kernel

Rust has been seeping into the Linux kernel source code for several years, and integration is accelerating. Kroah-Hartman sees this as a strategic necessity, not a trend. Rust allows developers to write system code with far stronger safety guarantees than C — the language in which most of the kernel is written.

Protection from AI Vulnerabilities

The new threat is code generated by neural networks. When ChatGPT or other LLMs create functions for Linux, they often contain classic errors: buffer overflows, use-after-free, race conditions. Human review doesn't always catch them. Rust, however, simply won't allow such code to compile — the language will force the developer to rewrite dangerous constructs. This doesn't mean AI-generated code will be perfect. But an entire class of the most serious vulnerabilities, which in C code requires painstaking code review, simply won't compile on Rust.

How It Works

Rust achieves safety through several mechanisms:

• Ownership and borrowing — a system that guarantees memory is always safely managed
• No null pointers — Rust has no null pointers; instead, the Option type is used
• Type system — strict typing catches logical errors at compile time
• Panic instead of undefined behavior — instead of silently corrupting memory, Rust panics and logs an error

All of this means that an entire class of vulnerabilities is simply impossible in Rust. Not because the language is magical, but because its design forces developers to think about safety from the start.

"Rust forces you to write correct code on the first try," — such is the principle in the community, and that's exactly what

Linux needs.

Scale of Integration

Kroah-Hartman doesn't talk about rewriting the entire kernel in Rust. That's unrealistic and unnecessary. Instead, the strategy is gradual addition of new subsystems in Rust where it's critical: drivers, file systems, network stacks. Old C code will live alongside it, but new components will gain the advantages of the language.

What This Means

Integration of Rust into Linux is not a philosophical choice, but a practical response to new threats. AI-generated code won't disappear; it will increasingly be embedded in development. Linux, as the foundation of the internet and critical systems, must protect itself — not from all errors (impossible), but from the most dangerous ones. Rust, while not perfect, gives Linux a powerful tool for this protection.