Long term, the solution has to be switching to an OS that’s written in a memory safe language.
So Rust it is then, eh? Could work through the kernel module by module to rewrite it in rust, but it'd be a multi-year process (like Firefox's rewrite has been).
Well at least someone is already trying to write an OS with Rust.