Anthropic research scientist Nicholas Carlini used the Claude Code AI tool to identify multiple remotely exploitable security vulnerabilities in the Linux kernel, including one dating back to 2003.

Key Points

• Nicholas Carlini utilized Claude Code to scan the Linux kernel source code, successfully identifying a heap buffer overflow in the NFS driver.
• The discovered NFS vulnerability had remained hidden in the Linux kernel for 23 years, originating in a 2003 code update.
• Carlini reported that Claude Code identified hundreds of potential security flaws, creating a backlog that requires manual validation before submission to maintainers.
• The research demonstrated that newer models, specifically Claude Opus 4.6, significantly outperform older AI versions in complex vulnerability detection.
• Carlini has already confirmed or reported five specific Linux kernel vulnerabilities, including issues in io_uring, futex, and ksmbd.

Why it Matters

The ability of AI models to autonomously identify deep-seated security flaws in critical infrastructure like the Linux kernel marks a significant shift in cybersecurity research. This development suggests that both security professionals and malicious actors will soon have access to powerful tools capable of uncovering long-standing vulnerabilities at an unprecedented scale.