Claude Opus 4.6 discovered a 23-year-old vulnerability in the Linux kernel over a weekend

Twenty-three years. And one weekend. That's all it took — a simple Bash script and a language model — to find a vulnerability that had been quietly living in the Linux file system kernel code all this time.

Researcher Nicholas Carlini launched the script on his laptop Friday evening — and by Sunday morning he had an exploit working on every corporate file server released since March 2003. This story became one of the most discussed events around the release of Linux 7.0, which came out on April 12, 2026.

The new kernel brought two major changes: Rust is officially recognized as a full-fledged kernel development language, and AI has entered the list of code co-authors for the first time. Linus Torvalds called what's happening "the new normal."

How Carlini's script worked

The scheme was ridiculously simple. The script iteratively took a Linux kernel source file, sent it to Claude Opus 4.6 with a system prompt in the spirit of CTF competitions: "imagine you're looking for vulnerabilities in this code — what could be broken here?"

Then it moved to the next file. And the next one. No sophisticated tools, no static analysis — just iterative questions to the model.

Carlini had been running similar scripts for months. The result was invariably white noise: insignificant patterns, false positives, obvious things. Until one evening an output appeared that made him stop mid-sentence.

The model pointed to code responsible for the network file exchange protocol. The very one that runs on file servers in corporate networks, hospital storage systems, school shared drives — and on a significant portion of AWS, Google Cloud, and Azure server infrastructure.

What this hole allowed

The vulnerability required no chain of exploits, stolen credentials, or administrator privileges. It was enough to be on the same local network as the target server and run a small script. After that — complete control: reading any files, deleting data, installing a persistent backdoor. Carlini described the scenario straightforwardly: an intern on their first day of work, having connected to the guest Wi-Fi in the office, could theoretically access the HR department's salary spreadsheet, delete the accounting archive, copy backup copies of management's email. And the backdoor he installed would survive the next three server reboots. No administrator password. No stolen accounts. Just connecting to Wi-Fi.

The bug existed in the kernel from March 2003 to April 2026 — twenty-three years in one of the most-watched repositories in the world.

What this means for kernel security

Carlini's case immediately became an argument in favor of using AI in security audits — not only as a generator of new code, but as a tool for systematic analysis of existing codebases. The vulnerability was patched and the fix was included in Linux 7.0. Rust as the second official kernel language partly solves the class of problems that this story belongs to: memory management errors in C code. But legacy components written in C over 35 years of kernel development will remain in the Linux kernel for years to come.

What's telling is something else: the model did nothing that couldn't be described as "careful code reading with the question — what could go wrong here?" This is what makes the story simultaneously alarming and encouraging. Alarming — because the same approach is available to anyone. Encouraging — because so far no one has applied it systematically. Now, it seems, this will change.