Sasha Levin (GAFAM) Wants 'Killswitch' for Linux (the Kernel)

posted by Roy Schestowitz on May 12, 2026,
updated May 18, 2026

• Help Net Security ☛ Linux developers weigh emergency “killswitch” for vulnerable kernel functions

  Linux kernel developers are reviewing a proposal for an emergency risk mitigation mechanism (“Killswitch”) that would allow administrators to disable vulnerable kernel functions at runtime.

  The proposal, submitted by Linux kernel developer/maintainer Sasha Levin, arrives in the wake of the public disclosure of two privilege escalation vulnerabilities affecting the Linux kernel.

• It's FOSS ☛ Linux is Getting a Kill Switch!

  This AI-assisted patch would let admins disable vulnerable kernel functions until a proper fix ships.

  Sasha Levin, NVIDIA engineer and co-maintainer of the stable and long-term support kernel trees, has proposed a new patch that adds a mechanism called killswitch to the Linux kernel.

  It's pitched as a way for system administrators to disable a vulnerable kernel function on a running system, and the timing of it isn't a coincidence either. The patch follows the rising risk of Linux Privilege Escalation (LPE) vulnerabilities like Copy Fail and Dirty Frag.

• PC Gamer ☛ A killswitch has been pitched for the Linux kernel that could shut down vulnerable functions while users wait for patches

  If you've ever felt anxious about the security of your machine while you wait for a solution to some vulnerability, a proposed change to the Linux kernel may interest you. Pitched by Nvidia staff Sasha Levin, it's effectively a killswitch that could shut down some functions while waiting for a more official solution.

  As spotted by The Information, Levin writes, "Killswitch lets a privileged operator make a chosen kernel function return a fixed value without executing its body, as a temporary mitigation for a security bug while a real fix is being prepared"

  Levin notes that when a security issue becomes public, many users of Linux are technically made more vulnerable until the patch is sent out into the world. You would naturally have to stay more vigilant and use the killswitch manually when issues are made known, but it gives some extra agency over your rig. Though the main focus are the commercial users that are most vulnerable, not your everyday Linux user.

NVIDIA, what did Torvalds say?

So this phony's employer wants to put killswitch in Linux. So killswitch is security? Not actual security?

More today:

• Linux maintainer proposes runtime killswitch for vulnerabilities

  Linux kernel co-maintainer Sasha Levin has proposed a runtime killswitch mechanism, accessible via securityfs, to temporarily disable vulnerable kernel functions. This feature aims to mitigate high-severity flaws like Copy Fail and Dirty Frag, which have recently impacted Linux distributions by allowing unauthorized root access. While the killswitch could prevent exploitation by returning errors for disabled functions, it carries a risk of system instability or introducing new vulnerabilities due to its runtime nature.

• CSO ☛ Linux kernel maintainers suggest a ‘kill switch’ to protect systems until a zero-day vulnerability is patched

  Linux server admins may get the ability to turn off a vulnerable function in the OS kernel until a patch for a zero-day vulnerability is ready, if a proposal from a kernel developer and maintainer is accepted by the open source community.

  The idea of a kill switch for privileged operators has been suggested by Sasha Levin, a distinguished engineer at Nvidia and co-maintainer of the long-term support and stable Linux kernel trees, as a mitigation when a security hole is discovered.

• Information Security Media Group, Corporation ☛ Linux Defenders Face Patch and Exploit Race [Ed: Quoting Microsoft like it owns Linux]

  One Linux maintainer is floating the possibility of integrating a "kill switch" feature that would allow admins to temporarily shut down vulnerable kernel functions while patches are developed.

• Ghacks ☛ Nvidia Engineer Proposes Linux Kernel Killswitch to Disable Vulnerable Functions Before Patches Land

  Nvidia engineer Sasha Levin has introduced a new mechanism for the Linux kernel that allows privileged operators to temporarily disable specific kernel function

• Dolphin Publications B V ☛ Linux kernel kill switch proposal sparks fierce debate

  A Linux kernel maintainer has proposed a kill switch that would let administrators disable vulnerable kernel functions before patches arrive. The idea, backed by Red Hat, has divided the security community. Critics warn it may become a crutch that delays actual patching and creates new operational risks.

Still in the news:

• Linux Magazine ☛ Linux kernel Developers Considering a Kill Switch

  With the rise of GNU/Linux vulnerabilities, the kernel developers are now considering adding a component that could help temporarily mitigate against them… in the form of a kill switch.

• Security Boulevard ☛ Why Root Access Isn’t Game Over: Five Lessons from the Linux CopyFail Attack

  In traditional Linux security, we have long operated under a grim binary: you are either protected, or the attacker has root. We’ve been taught that once an adversary achieves that # prompt, the game is over. They own the memory, the binaries, and every byte of data on the disk.

• The Register UK ☛ Linux kernel maintainers pitch emergency killswitch after CopyFail and Dirty Frag chaos

  Linux kernel maintainers are considering giving admins a giant red emergency button to smash the next time another nasty vulnerability drops before patches are ready.

  The proposed feature, named "Killswitch," would let admins temporarily disable specific vulnerable kernel functions at runtime instead of sitting around waiting for fixes. The so-called patch was submitted by Linux stable kernel co-maintainer and Nvidia engineer Sasha Levin after a bruising couple of weeks for Linux security.

  The proposal basically gives admins a way to pull the plug on vulnerable kernel functionality. If exploit code starts spreading before patches arrive, the targeted function can be disabled so calls to it immediately fail instead of reaching the vulnerable code.

• LinuxInsider ☛ Dirty Frag Linux Vulnerability Raises New Root Access Risks

  For the second time in two weeks, a significant privilege escalation vulnerability has been discovered in Linux.

• Unicorn Media ☛ Dirty Frag, Copy Fail, and How Tails Under Tor Delivers ‘Open Source Done Right’

  Two kernel zero‑day fixes, two quick Tails releases, and one Tor‑backed project determined to keep its privacy‑minded users safe — this is open source security hygiene in action.

Late coverage:

• After Stumbling From CVE To CVE Will Linux Get A Kill Switch? [Ed: NVIDIA conflating kill switches with security]

  For the few people who have spent the past weeks living under a security rock, the Linux kernel has found itself the subject of multiple severe bugs in the form of Copy Fail and Dirty Frag, both of which allow for privilege escalation. They’ve made many people very upset, and also potentially put many thousands of systems at risk of exploitation. Worse is that system managers are generally left to twiddle their thumbs while waiting for patches to be rolled out. This is where NVIDIA engineer [Sasha Levin] has proposed a ‘kill switch’ for affected kernel functions.