The percentage of security vulnerabilities in software that are caused by memory safety issues, as reported by sources such as Microsoft and the Chromium browser project. This number is often repeated as an argument in favor of using memory-safe programming languages for critical software projects.
Industry analysis has shown in some cases, that despite rigorous code reviews as well as other preventive and detective controls, up to 70 percent of security vulnerabilities in memory unsafe languages patched and assigned a CVE designation are due to
memory safety issues.
Dev A: Damn, another segfault. I wonder what happened.
Dev B: Another 70% moment, that's what happened.
memory safety issues.
Dev A: Damn, another segfault. I wonder what happened.
Dev B: Another 70% moment, that's what happened.
by zdxy March 08, 2024
The percentage of security vulnerabilities in software that are caused by memory safety issues, as reported by sources such as Microsoft and the Chromium browser project. This number is often repeated as an argument in favor of using memory-safe programming languages for critical software projects.
Industry analysis has shown in some cases, that despite rigorous code reviews as well as other preventive and detective controls, up to 70 percent of security vulnerabilities in memory unsafe languages patched and assigned a CVE designation are due to
memory safety issues.
Dev A: Damn, another segfault. I wonder what happened.
Dev B: Another 70% moment, that's what happened.
memory safety issues.
Dev A: Damn, another segfault. I wonder what happened.
Dev B: Another 70% moment, that's what happened.
by zdxy March 08, 2024