LLM-Assisted Fuzzing Exposes Critical Remote Linux Kernel Out-of-Bounds Write Vulnerabilities

Security researchers have demonstrated a novel technique leveraging Large Language Models to identify critical remote Linux kernel out-of-bounds (OOB) write vulnerabilities, uncovering multiple high-severity flaws including CVE-2026-31432 and CVE-2026-31433. The approach involves strategically perturbing LLM outputs to generate unexpected code patterns that bypass conventional sanitizer checks, effectively using AI model behavior as a fuzzing mechanism to probe kernel attack surfaces that traditional methods miss.

The technique, colloquially described as "getting LLMs drunk" by practitioners, exploits the tendency of language models to produce non-deterministic outputs when subjected to specific input manipulations. By introducing controlled chaos into LLM-generated code samples, researchers were able to trigger edge-case memory access patterns in the Linux kernel that result in out-of-bounds writes. These vulnerabilities enable an attacker with network access to corrupt kernel memory remotely, potentially achieving privilege escalation or executing arbitrary code at the kernel level. The discovery adds to a growing body of research demonstrating that LLM non-determinism, typically viewed as a limitation, can serve as a systematic vulnerability discovery tool.

The implications extend beyond individual vulnerability patches. This methodology signals a shift in offensive security research, where AI behavioral quirks become assets rather than obstacles. Kernel maintainers face pressure to integrate LLM-assisted auditing into development pipelines, while organizations running Linux infrastructure must reassess remote attack surface exposure. The technique's effectiveness at bypassing sanitizers suggests that existing kernel security mitigations may require re-evaluation against AI-generated fuzzing vectors. As LLM capabilities advance, the speed and coverage of such automated vulnerability discovery will likely increase, compressing the window between research publication and active exploitation.