"Carlini's approach to vulnerability discovery was notably efficient, utilizing a straightforward bash script that instructed Claude Code to search for vulnerabilities in each file of the Linux kernel without the need for specialized prompts or tools."
"The NFS vulnerability exemplifies a critical security flaw, where the server's response buffer is insufficient to handle the denial message, leading to a potential exploit that has existed for nearly two decades."
Nicholas Carlini reported at the [un]prompted AI security conference that he discovered several security vulnerabilities in the Linux kernel using Claude Code. One significant vulnerability was a heap buffer overflow in the NFS driver, present since 2003, which has now been patched. Carlini's method involved a simple bash script that directed Claude Code to search for vulnerabilities across all source files. The NFS vulnerability required understanding complex protocol details, highlighting the potential for many more undiscovered vulnerabilities in the kernel.
Read at InfoQ
Unable to calculate read time
Collection
[
|
...
]