A Filtering engine and DB for unpropagated kernel security patches
Summary
A filtering engine and database that scans public kernel commits to identify security patches that have not yet been propagated to stable branches, helping developers track potential vulnerabilities.
View Cached Full Text
Cached at: 07/16/26, 05:53 AM
Similar Articles
An AI audit of FreeBSD
An AI-assisted security audit of FreeBSD uncovered 15 kernel vulnerabilities, including privilege escalations and a VM escape, and details the collaborative process of reporting and patching bugs with the FreeBSD team.
Kernel code removals driven by LLM-created security reports
Linux kernel maintainers are removing unmaintained networking and amateur-radio subsystems to cope with the flood of AI-generated security reports overwhelming review bandwidth.
AI eyes scanning for bugs create a worrisome Linux security trend
AI tools are accelerating the discovery and public disclosure of Linux kernel bugs, creating a worrisome trend of frequent privilege-escalation vulnerabilities that may require weekly server reboots. Linus Torvalds has changed how the Linux security community handles AI-discovered bugs, treating them as public by default.
Patching and forking in package managers
This article explores strategies for patching and forking dependencies in language-specific package managers when upstream maintainers fail to address vulnerabilities. It contrasts the robust patching capabilities of system package managers with the limitations of language registries, detailing workarounds like git overrides and forks across various ecosystems.
FreeBSoD: Leveraging Language Models to Find and Exploit Kernel Bugs (Part 1 of 2)
This article describes how researchers at Praetorian used Claude Opus (via Claude Code) to discover and exploit vulnerabilities in the FreeBSD kernel, including a stack overflow (CVE-2026-3038) that allows escape from FreeBSD jails. Part one focuses on methodology for finding bugs.