Yazılar

OpenAI’s o3 Model Aids Discovery of Critical Zero-Day Flaw in Linux Kernel SMB Stack

/in /tarafından

A cybersecurity researcher recently leveraged OpenAI’s o3 artificial intelligence (AI) model to uncover a critical zero-day vulnerability in the Linux kernel’s Server Message Block (SMB) implementation, known as ksmbd. This previously unknown security flaw, now tracked as CVE-2025-37899, involved complex interactions between multiple users or connections, making it particularly difficult to detect through traditional methods. Fortunately, a patch addressing the vulnerability has already been released to protect affected systems.

The discovery marks a significant milestone in the use of AI for cybersecurity, as such models are seldom used to find zero-day bugs—security flaws that are unknown and potentially unexploited before detection. While manual code audits remain the predominant approach for finding vulnerabilities, they can be painstaking and time-consuming when dealing with massive codebases. Researcher Sean Heelan explained in a detailed blog post how the o3 model accelerated the identification process, demonstrating AI’s emerging role as a powerful aid in vulnerability research.

Interestingly, Heelan initially employed the AI to examine a different security issue, CVE-2025-37778, a Kerberos authentication vulnerability categorized as a “use-after-free” bug. This type of flaw occurs when a system frees a block of memory but subsequent processes continue to reference it, potentially causing crashes or exploitable conditions. While testing the AI on this bug, the model unexpectedly flagged the SMB flaw in about eight out of 100 runs, underscoring the AI’s potential to uncover hidden vulnerabilities beyond its primary task.

This breakthrough with OpenAI’s o3 model highlights the growing synergy between artificial intelligence and cybersecurity research. As AI tools become more sophisticated, they offer promising avenues for automating complex code analysis and enhancing the detection of elusive security threats. The Linux SMB vulnerability case exemplifies how AI can augment human expertise, making systems safer in an era of increasingly sophisticated cyberattacks.

Nvidia CEO Teases Future Plans for Desktop Chip Developed with MediaTek

/in /tarafından

At CES 2025, Nvidia CEO Jensen Huang revealed that the company has plans for a new desktop central processor (CPU) co-designed with MediaTek. The CPU was unveiled as part of Nvidia’s “Project DIGITS” desktop, which features Nvidia’s latest “Blackwell” AI chip and is priced at $3,000. While the desktop is currently targeting AI developers and is not yet a mass-market product, the collaboration with MediaTek aims to bring an energy-efficient CPU to a broader market.

Huang emphasized that MediaTek would be able to sell the CPU to other markets, and Nvidia’s collaboration is mutually beneficial. “They could provide that to us, and they could keep that for themselves and serve the market. It was a great win-win,” Huang explained. The CPU is designed to challenge the dominance of Intel, Advanced Micro Devices (AMD), and Qualcomm in the consumer and business computer markets.

Nvidia is currently targeting AI developers with Project DIGITS, which runs a Linux-based operating system designed for AI workloads. Huang also hinted at future plans for the desktop CPU but did not disclose specifics. However, he mentioned Nvidia’s strategy to bridge the gap between the Linux OS commonly used by AI developers and Windows, the widely used consumer OS, through the Windows Subsystem for Linux.

“We’re going to make that a mainstream product,” Huang said, noting that Nvidia would support it with professional-grade software, and PC manufacturers would bring the product to end users.