Linux Kernel Removes Code After AI Tools Find Real Security Bugs
Linux kernel maintainers are now removing code based on security reports generated by artificial intelligence tools. A new AI system called DUALLM found 111 potential security flaws in recent Linux kernel updates, with 90 of them confirmed as real problems.
Linux kernel maintainers are now removing vulnerable code after AI tools successfully identified real security flaws, marking a major shift from earlier unreliable AI-generated bug reports.
A new AI system called DUALLM achieved 87.4% accuracy in finding security problems, successfully identifying 111 potential vulnerabilities in 5,140 recent Linux kernel patches. Of those findings, 90 turned out to be genuine security flaws that needed fixing.
Linux kernel maintainer Greg Kroah-Hartman said AI bug reports have improved dramatically. He noted that while these are often small issues rather than major vulnerabilities, the help is valuable for open source projects that lack resources to manually review all code.
The AI tools focus on finding two specific types of security problems: out-of-bounds memory access and use-after-free vulnerabilities. These flaws can allow hackers to crash systems or potentially gain unauthorized access to devices.
Smaller open source projects may struggle more with AI-generated reports since they have fewer people to verify whether the findings are real problems or false alarms.
The Linux kernel runs on billions of devices including smartphones, servers, and smart TVs. Better AI tools for finding security bugs could make all these devices safer from hackers and cyber attacks.
More open source projects will likely adopt AI tools for security reviews as the technology becomes more reliable.
Was this article helpful?
0 people found this helpful