News Score: Score the News, Sort the News, Rewrite the Headlines

Kernel bugs hide for 2 years on average. Some hide for 20.

There are bugs in your kernel right now that won't be found for years. I know because I analyzed 125,183 of them, every bug with a traceable Fixes: tag in the Linux kernel's 20-year git history. The average kernel bug lives 2.1 years before discovery. But some subsystems are far worse: CAN bus drivers average 4.2 years, SCTP networking 4.0 years. The longest-lived bug in my dataset, a buffer overflow in ethtool, sat in the kernel for 20.7 years. The one which I'll dissect in detail is refcount l...

Read more at pebblebed.com

© News Score  score the news, sort the news, rewrite the headlines