Linux kernel maintainers are floating a proposal that would let admins disable vulnerable kernel functions at runtime. The feature is called Killswitch, and the patch was submitted in early May by Sasha Levin, a distinguished engineer at Nvidia and co-maintainer of the long-term support and stable Linux kernel trees. The Register covered it. The pitch is straightforward — when a serious vulnerability drops and patches aren't ready, instead of waiting for the build-distribute-reboot cycle, you flip a switch and the buggy function refuses to run.

The proposal arrived after a rough stretch for Linux. CopyFail (CVE-2026-31431) dropped, went from disclosure to active exploitation in days. Dirty Frag landed with public exploit code targeting the IPsec ESP and RxRPC subsystems and no official fix at the time of disclosure. The kernel community is  ...