OpenAI's o3 AI model has recently been able to help a cybersecurity researcher discover a new vulnerability in Linux. According to the researcher, the flaw was identified in the Server Message Block (SMB) component of the Linux kernel, known as ksmbd. This vulnerability, previously undetected, is difficult to identify due to its reliance on multiple and simultaneous interactions from multiple users with the system.
The Vulnerability Explained
It has now been authenticated under CVE-2025-37899, and a correction has already been issued. This incident demonstrates the ability of advanced AI to contribute to the discovery of so-called “zero-day” vulnerabilities — previously unknown and yet to be exploited — although this use is still rare. The majority of researchers rely on in-depth manual proofreading of code, a traditional but time- and effort-consuming approach..
Researcher Sean Helan explained in a detailed blog post how he was able to identify the gap with relative ease using the o3 model Interestingly, his primary goal was not to discover this particular vulnerability; rather, he was testing AI's capabilities in analyzing another bug, CVE-2025-37778, related to a Kerberos authentication issue under the “use after edit” vulnerabilities category — where data is deleted from memory while other parts of the system keep trying to use it, potentially leading to security crashes. In an initial test, the model successfully discovered this known vulnerability in 8 out of 100 trials After this relative success, Helan decided to scale up the experiment and provided the model with a complete file of session setup commands, containing about 12,000 lines of code, rather than just a specific part. This challenge is like asking AI to read a whole novel to find a single typo that could lead to a complete collapse of the system..
OpenAI's Response
When performing 100 simulations on this complete file, the model was able to identify the known vulnerability only once. Despite the low success rate, Helan considered this an important achievement The surprise was that the model discovered a completely different vulnerability, previously unknown. The new vulnerability identified by the model was similar in type but affected a different module, namely the SMB logout command handler..
The problem was that the system tried to access a previously deleted file, leading to crashes when the user exited or ended the session. o3 reports that this vulnerability may cause the system to crash or allow malicious code to be executed with high privileges, making it a major security concern. Helan stressed that the model did not only discover the vulnerability, but explained it accurately within a realistic scenario, which reflects the development of this technology in the field of cybersecurity...
Key Takeaways
- OpenAI's o3 AI model has recently been able to help a cybersecurity researcher discover a new vulnerability in Linux.
- According to the researcher, the flaw was identified in the Server Message Block (SMB) component of the Linux kernel, known as ksmbd.
- This vulnerability, previously undetected, is difficult to identify due to its reliance on multiple and simultaneous interactions from multiple users with the system..
- It has now been authenticated under CVE-2025-37899, and a correction has already been issued.
As security continues to evolve rapidly in 2026, all eyes remain on OpenAI to see what comes next. Stay tuned for further updates as this story develops.
"AI Unbound: Shaping the Future, One Algorithm at a Time".