Claude wrote a full FreeBSD remote kernel RCE with root shell
ishqdehlvi
258 points
101 comments
April 01, 2026
Related Discussions
Found 5 related stories in 38.1ms across 3,471 title embeddings via pgvector HNSW
- Claude Code Found a Linux Vulnerability Hidden for 23 Years eichin · 25 pts · April 03, 2026 · 63% similar
- Claude 4.6 Jailbroken NuClide · 22 pts · April 03, 2026 · 61% similar
- Claude AI finds Vim, Emacs RCE bugs that trigger on file open akyuu · 11 pts · April 03, 2026 · 58% similar
- The Claude Code Leak mergesort · 79 pts · April 02, 2026 · 56% similar
- The Claude Code Source Leak: fake tools, frustration regexes, undercover mode alex000kim · 1057 pts · March 31, 2026 · 52% similar
Discussion Highlights (18 comments)
PunchyHamster
I'm just gonna assume it was asked to fix some bug and it wrote exploit instead
magicalhippo
Key point is that Claude did not find the bug it exploits. It was given the CVE writeup[1] and was asked to write a program that could exploit the bug. That said, given how things are I wouldn't be surprised if you could let Claude or similar have a go at the source code of the kernel or core services, armed with some VMs for the try-fail iteration, and get it pumping out CVEs. If not now, then surely not in a too distant future. [1]: https://www.freebsd.org/security/advisories/FreeBSD-SA-26:08...
rithdmc
Running into a meeting, so won't be able to review this for a while, but exciting. I wonder how much it cost in tokens, and what the prompt/validator/iteration loop looked like.
fragmede
https://github.com/califio/publications/tree/main/MADBugs/CV... would have been a better link
m132
Appreciate the full prompt history
panstromek
The talk "Black-Hat LLMs" just came out a few days ago: https://www.youtube.com/watch?v=1sd26pWhfmg Looks like LLMs are getting good at finding and exploiting these.
ptx
> It's worth noting that FreeBSD made this easier than it would be on a modern Linux kernel: FreeBSD 14.x has no KASLR (kernel addresses are fixed and predictable) and no stack canaries for integer arrays (the overflowed buffer is int32_t[]). What about FreeBSD 15.x then? I didn't see anything in the release notes or the mitigations(7) man page about KASLR. Is it being worked on? NetBSD apparently has it: https://wiki.netbsd.org/security/kaslr/
sheepscreek
I find it more concerning that this is still considered newsworthy. Frontier LLMs in the hands of anyone willing to learn and determined can be a blessing or curse.
dheerajmp
You do not need Claude for finding FreeBSD vulns. Just plain eyes. Pick a file you can find one.
dnw
Thanks for sharing the prompts: https://github.com/califio/publications/blob/main/MADBugs/CV...
alcor-z
The MADBugs work is solid, but what's sticking with me is the autonomy angle — not just finding a vuln but chaining multiple bugs into a working remote exploit without a human in the loop. FreeBSD kernel security research has always been thinner on the ground than Linux, which makes this feel both more impressive and harder to put in context. What's the actual blast radius here — is this realistically exploitable on anything with default configs, or does it need very specific conditions?
EGreg
This requires an SSH to be available? Is it possible to pwn without SSH listening?
stephc_int13
The most difficult part is always to find the vulnerability, not to fix it. And most people who are spending their days finding them are heavily incentivized to not disclose. Automatic discovery can be a huge benefit, even if the transition period is scary.
neonstatic
> "Claude wrote" I am hoping that quite soon we will have general acceptance of the fact that "Claude can write code" and we will switch focus to how good / not good that code is.
andrewstuart
Errrr the headline makes it sound like a bad thing. This is what Claude is meant to be able to do. Preventing it doing so is just security theater.
decidu0us9034
I could see that being an incremental time save (perhaps not worth the token spend except for the dev team, not a high-value bug). But nbody finds this kind of bug "by hand" and hasn't for a long time now. Do people here really care about kernel security or testing automation? They're just talking about it because Claude? Everything on HN is people doing unpaid promotional work for Anthropic, just talking about all the promise Claude holds and all the various ways you could be spending more money on Claude. bored aimless vibes.
tptacek
Calif (Thai Duong's firm) did a writeup on this, which should probably be the link here; it includes the prompts they used: https://blog.calif.io/p/mad-bugs-claude-wrote-a-full-freebsd A reminder: this bug was also found by Claude (specifically, by Nicholas Carlini at Anthropic).
yumiatlead
This showcases the immense power and autonomy of agents, which is the root of enterprise fear. It highlights the urgent need for governance and safety.