I came across a news article that Anthropic found security vulnerabilities in many widespread software, including the Linux kernel:
The model autonomously found and chained together several vulnerabilities in the Linux kernel—the software that runs most of the world’s servers—to allow an attacker to escalate from ordinary user access to complete control of the machine.
My fast search did not find any links to actual results, simply Anthropics claims that they found these vulnerabilities and articles repeating this claim.
I don’t say that this is not true, but I would like to see someone from those projects mentioned commenting this issue.
It might very well be true, but less impressive than they make it sound. Below is a (probably non-exhaustive) list of past privilege escalation vulnerabilities in the Linux kernel:
Good for Anthropic their AI can do that, but not really all that scarily impressive.
Edit: Also, I just had a look at their website and now I’m very amused that they might have the best and greatest coding AI but can’t manage to round the corners of a Div properly (see the chat window in the middle on the bottom):
Might want to add that the linux foundation is partnering with Anthropic (and many others) to detect and patch kernel vulnerabilities
Tbh i find it interesting that Anthropic deems this AI model to dangerous for the public for various reasons, yet it gets used for things like this. I really dont know what to think of this.
WELL they can take a flying fLOck out the back of a plane at 50,000 feet without a parachute.
“it’s too dangerous for the public” = “it’s super effective” = “btw we are a company you should invest all your money in right now; in fact you’re an idiot if you don’t.”
is my suspicion, anyway. Anthropic is good at PR.
I’ve seen more than one article about an LLM “discovering” some new thing in science, only for it to turn out that it just plagiarized some obscure research papers by the humans who actually made the discovery (using non-LLM tools). A lot of research and data exists in the world that just hasn’t been brought to wider attention. Especially if you consider the language disconnect: the vast majority of anglophone, monoglot scientists (or [insert profession here]) don’t read papers that aren’t in English. If Anthropic used an LLM to translate (even if imperfectly) a lot of that otherwise inaccessible work, then fed it into Claude, I could imagine that turning up some interesting stuff.
Personally, I can believe Anthropic may have found vulnerabilities, but I don’t believe that it could find a new type of vulnerabilities, or that it “understands” anything. But just being able to quickly look for known patterns (vulnerabilities) - when that includes any vulnerabilities described on any obscure forum that went into the training data, and not just any that are well known - in a massive codebase isn’t nothing, either.
Or it’s also possible it’s a bunch of hallucinations that haven’t been fact checked enough yet. We’ll see, I guess.
As a practicing researcher, I completely agree. I always get amused by how many times we rediscover something (without AI), feel happy to have discovered something new, only to find out that someone already found it in and wrote an old paper everyone forgot.
Yeah I agree.
Developers miss things. Human error is real.
Having another set of “eyes” looking over code and going “hey, uhh… you might want to check what you did here, that looks like it could cause a problem”, is useful.
HUMAN EYES
Computer eyes are completely fine if they are good. There are multiple effective tools available to check a codebase for vulnerabilities with varying degrees of some sort of AI / ML built in. LLMs could be the next step in static and dynamic analysis if they are economically viable and reliable enough to not overburden the developers.
But yeah, my take on this is definitely that this is clever marketing… “Look at us, our AI is so great we can’t let you use it, else the world falls apart”.
Well, they better be safe than sorry so let them do their thing I guess 
Do you use spellcheck?
Non-AI so you point is moot.
Link?
We have a hungarian saying: Even a blind hen finds seeds.
Somehow they failed to prevent the claude code source code leak https://www.theregister.com/2026/03/31/anthropic_claude_code_source_code/
These people want to make more and more people destitute, while selling tools that can’t even prevent simple “human errors” in their own infrastructure.
The NY Times link I posted at the bottom of my original post
Apparently it is not only Linux Kernel, rather FreeBSD also had bugs identified. This was at [un]Prompted security conference. The video of this talk can be found over here.
Claude Code Found a Linux Vulnerability Hidden for 23 Years - Michael Lynch
This describes one of the 5 exploits that have been identified. The issue this can be easily prevented. If the Linux system does not serve as a NFS file server, then disable NFS service or uninstall it. Also most of the servers do not need NFS.
Claude Just Autonomously Wrote a Full Kernel Exploit for FreeBSD In Four Hours - OpenClaw IT Team
Again the same issue, i.e. NFS. The same solution. If your BSD system does not act as a file server, disable it or better still uninstall it. Again not all BSD systems need to act as a File Server.
Anthropic’s Claude locating such bugs seems to be a rehash of Google Project Zero but using different set of tools. It is good, will make software more resilient and secure. But these tools do not solve the basic problem that C/C++ are inherently unsafe programming languages. And there are better system level programming languages that are available that do away with the whole class of buffer overruns, memory vulnerabilities, reuse-after-discard, etc.
Time for Linux and BSD to move on to more secure programming languages.
Topic cleaned up.
Let’s carry on now, without the personal prods.
According to Linus Torvalds himself, he isn’t an opponent in terms of AI based automation tasks, automation isn’t suddenly a new invention. In terms of unit testing, best practices and the whole process of the kernel release management is highly developed and has been improved a lot over time, including automation tasks, such as build management, unit tests, just to name a few. It’s a well oiled machine and it’s essentially a construct in which Linus himself isn’t actively coding anymore. He is maintaining, supervising the other maintainers and managing the contribution of the whole crowd of developers who are actively contributing code. As “the” kernel maintainer, he essentially acts as an product owner.
Someone said this is effectively comparable to what the call vibe coding in terms of AI usage, essentially specifying goals, steering the crowd of contributors, but in this case, the conversation on the kernel mailing list takes place in between human contributors and their work. Not in between a single human and an AI instance. In short, crowd sourced intelligence.
And I don’t see any reason why some pretty tedious and time consuming tasks shouldn’t be automated.
No mathematician nowadays will calculate the thousandths decimal place of pi by bisecting polygons anymore. The did so for centuries until Gauss came along and he introduced the Gauss–Legendre algorithm which reduced the effort of the calculation of the decimal places of pi immensely, from years of manual calculations efforts, to much more time efficient calculations.
In short, the question at hand is essentially how your interpret Anthropics press release. Project Glasswing as an initiative to refine cyber security auditing, and among the contributors the Linux foundation is also involved. I don’t read this as “our autonomously found”, it interpret this as still and model which is been worked on by humans, in this case, their Frontier Red Team. In their model developing effort, they most likely trained the model on CVE’s without access to the very latest known CVE’s, generated automated analytics to check if it will find those CVE’s they purposely hid within the available dataset. And in this process, the model has made some hits. But in the end, their model developers are actually steering this model towards an useful security audit automation tool.
In the end, I wouldn’t really care who discovered an CVE. If the audit was performed by means of automation, manually… or the use of an A.I. model, as long as it directly reports the CVE through the official channels.
My concern is more the fact that there are most certainly some entities who are actively searching for zero day exploits - for less a less noble cause. And which are holding back their findings for the own benefits.
As the linux foundation is actively involved in that project, and if the linux security experts gain access to that model and it’s findings, which is steered in collaboration with Anthropics Frontier Red team, it is a good thing. As it’s the goal to hopefully stay ahead of those with malicious motivations.
According to the OpenClaw IT Team, Claude be used to identify and then convert the vulnerability into an exploit in a few hours. Can this be used to identify and then verify whether the vulnerability is real or just a hallucination?
