Published 2 days ago • loading... • Updated 24 hours ago

How I used o3 to find CVE-2025-37899, a remote zeroday vulnerability in the Linux kernel’s SMB implementation

Summary by unsafe.sh

文章描述了作者利用OpenAI的o3模型发现Linux内核中的零日漏洞（CVE-2025-37899），该漏洞涉及SMB协议的“logoff”命令处理中的use-after-free问题。通过分析代码和上下文，o3成功识别出并发连接导致的内存安全问题，并展示了其在漏洞检测中的潜力。

This story is only covered by news sources that have yet to be evaluated by the independent media monitoring agencies we use to assess the quality and reliability of news outlets on our platform. Learn more here.

4 Articles

All

Left

Center

Right

Tech Monitor

OpenAI's o3 model helps identify significant Linux security threat

A critical zero-day vulnerability, CVE-2025-37899, has been identified within the Linux kernel, affecting its ksmbd component.

24 hours ago

Read Full Article

Korben

O3 OpenAI Discovers Zero-Day Vulnerability in Linux (and It's a World Premiere)

Aaaah if only we had cybersecurity trainees able to read 100,000 lines of code in a few seconds and spot clues that even the experts miss. Well, that's exactly what O3 of OpenAI has just done by discovering the CVE-2025-37899, a critical vulnerability in the Linux kernel that no one had yet seen. And according to its author, this discovery is a world first because never before had an IA-n- found a zero-day vulnerability of this complexity in suc…

1 day ago

Read Full Article