Given Nicholas Carlini work at anthropic I would wait for another person to confirm this.
The research method is just pointing file by file and asking an LLM if any vulnerability exist and reminds me of the person who bugged ffmpeg devs with vulnerabilities on niche non enabled codec decryption.
Real vulnerability or hallucinated?
Confirmed bugs. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit?id=5133b61aaf437e5f25b1b396b14242a6bb0508e2
Given Nicholas Carlini work at anthropic I would wait for another person to confirm this.
The research method is just pointing file by file and asking an LLM if any vulnerability exist and reminds me of the person who bugged ffmpeg devs with vulnerabilities on niche non enabled codec decryption.
That was google.
https://itsfoss.com/news/ffmpeg-google-fiasco/