OpenAI's o3 just uncovered a remote 0-day in the Linux kernel's SMB code—CVE-2025-37899. A patch has already been rolled out.
  • hendrik@palaver.p3x.deEnglish
    0·
    12 days ago

    Seems we’re now at an ungodly amount of fabricated bug reports and wasted developer time because they were made up. And one meaningful contribution to the kernel.

    • bitfucker@programming.dev
      1·
      12 days ago

      Yeah, the difference is that this time an expert uses the tools as it should be. Not regular Joe feeding all the code with a prompt to “find a vulnerability”. Even then, this is a coincidence. But this discovery means there exists (maybe) a strategy that can be tried to detect similar exploits.