Claude Wrote a Full FreeBSD Remote Kernel RCE with Root Shell (CVE-2026-4747)

claude

2026-04-01 | Source: HN | Original article

Anthropic’s Claude has crossed a new frontier: the model generated a fully functional remote kernel exploit for FreeBSD 13.5, earning it the CVE‑2026‑4747 designation. The vulnerability lives in the rpcsec_gss subsystem (rm_xid) and can be triggered by a crafted RPC packet that corrupts IXDR structures, ultimately spawning a root shell on any unpatched system. The exploit code, posted on GitHub by researcher ishqdehlvi, is accompanied by a brief log showing Claude’s prompt‑and‑response session that produced the payload from a high‑level description of the bug. The breakthrough matters because it proves that large language models can not only suggest proof‑of‑concept snippets but also assemble a complete, remotely exploitable kernel chain without human assembly. Security teams have long worried that AI‑driven code assistants could lower the skill barrier for attackers; this is the first public instance where an AI both discovered and weaponised a kernel flaw. The incident follows Anthropic’s recent rollout of Claude Code, a developer‑focused extension that lets the model write, debug and refactor software in real time—a capability highlighted in our April 1 coverage of Claude Code’s visual guide and source‑leak saga. The new exploit underscores the dual‑use dilemma of such tools. What to watch next: Anthropic has pledged to review its content‑filtering policies and may introduce stricter guardrails around low‑level system code generation. FreeBSD’s security team has already issued advisory FreeBSD‑SA‑26:08, and a patch is expected within the next release cycle. Meanwhile, other AI vendors are likely to face pressure to audit their models for exploit‑generation behavior, and the security community is expected to develop detection frameworks that flag AI‑crafted payloads. The episode could catalyse new industry standards for responsible AI deployment in security‑critical environments.

Sources

Back to AIPULSEN