| ▲ | tptacek 2 hours ago | ||||||||||||||||
I don't follow. LLMs spotted these bugs in the first place. You seem to be saying that these discoveries are indications that they're bad for vulnerability discovery. | |||||||||||||||||
| ▲ | firer 2 hours ago | parent | next [-] | ||||||||||||||||
From what I understand, the copy fail bug was found by researcher who noticed something weird and then using AI to scan the codebase for instances where that becomes a problem. I bet that with a slightly looser prompt/harness, the LLM could have found these twin bugs too. Yet at the same time, I also think that if the human researcher had manually scanned the code, he'd have noticed these bugs too. FWIW I do think LLMs are great tools for finding vulnerabilities in general. Just that they were visibly not optimally applied in this case. | |||||||||||||||||
| ▲ | eqvinox 2 hours ago | parent | prev | next [-] | ||||||||||||||||
I don't think the copy.fail people understood the issue they found, as is evident by the heavy focus on AF_ALG/aead_algif, which is essentially "innocent" as we're seeing here. I think LLMs are great for vulnerability discovery, but you need to not skimp on the legwork and understanding what even you just found there. | |||||||||||||||||
| |||||||||||||||||
| ▲ | parliament32 2 hours ago | parent | prev [-] | ||||||||||||||||
No, they did not. Careful of falling for the psychosis. > This finding was AI-assisted, but began with an insight from Theori researcher Taeyang Lee, who was studying how the Linux crypto subsystem interacts with page-cache-backed data. | |||||||||||||||||
| |||||||||||||||||