Getting LLMs Drunk to Find Remote Linux Kernel OOB Writes (and More)

wpnews.pro

cd /news/large-language-models/getting-llms-drunk-to-find-remote-li… · home › topics › large-language-models › article

[ARTICLE · art-16777] src=heyitsas.im pub=2026-04-29T00:00Z topic=large-language-models verified=true sentiment=↑ positive

Getting LLMs Drunk to Find Remote Linux Kernel OOB Writes (and More)

A self-orchestrating team of LLM-driven vulnerability-hunting agents has discovered over 20 CVEs in recent months, including CVE-2026-31432 and CVE-2026-31433, two remote, unauthenticated out-of-bounds write flaws in the Linux kernel. The findings demonstrate that large language models, when properly harnessed, can now autonomously identify critical kernel vulnerabilities that were previously difficult to detect.

read1 min publishedApr 29, 2026

*TLDR: the grossly overengineered, self-orchestrating team of vulnerability-hunting agents detailed below has discovered 20+ CVEs over the past few months, including CVE-2026-31432 and CVE-2026-31433: two remote, unauthenticated OOB writes in the Linux kernel’s *

“LLMing” vulnerability research has been on my “Do Something About This” list since DARPA’s AIxCC and XBOW’s initial results. But back in 2023-24, models required a lot of harnessing to get anything useful, tool use was rudimentary, and the idea of squeezing as much code as I could into a model’s context – then triaging away the false positives – filled me with dread.

source & further reading

heyitsas.im — original article CIFSwitch: A non-universal Linux local root vulnerability

~/api · this article 200

$curl api.wpnews.pro/v1/news/getting-llms-drunk-to-fi…

Read original on heyitsas.im → heyitsas.im/posts/drinking-llms/

mentioned entities

DARPA

AIxCC

XBOW

Linux kernel

CVE-2026-31432

CVE-2026-31433

metadata

sluggetting-llms-drunk-to-find-remote-linux-kernel-oob-writes-and-more

topic#large-language-models

secondary4 topics

sentimentpositive

langen

canonicalheyitsas.im

navigation

← prevTop announcements of the What’s …

next →Wisdom is not stored as document…

── more in #large-language-models 4 stories · sorted by recency

dev.to · 28 May · #large-language-models

Feedback Latency Is the Agent's IQ

gadgetreview.com · 28 May · #large-language-models

Anthropic Races to Fix Opus 4.7 With Lightning-Fast 4.8 Update

robertkarl.net · 28 May · #large-language-models

Qwen vs. Proust: Injecting novels into a local model's prompt

dev.to · 28 May · #large-language-models

I made my Markdown Editor "AI-Ready": MarkSmith v0.3.0

sponsored brought to you by zahid.host 4,200+ EU-deployed projects

reading about agents? ship yours in a single git push.

Run your AI side-project on zahid.host

EU-based hosting, git-push deploys, automatic HTTPS, no cold starts. Free tier with a custom domain — perfect for shipping the agent you just read about.

$git push zahid main

→ Live at https://your-agent.zahid.host ✓

Get free account → Pricing

from €0/mo · no card required