AI-Assisted Audit Uncovers 15 Kernel Bugs in FreeBSD, Including 3 RCEs

Summary

SVI, working in partnership with the FreeBSD team, conducted an AI-assisted security audit of the FreeBSD kernel that uncovered 15 significant vulnerabilities, including 3 remote code executions (RCEs), 5 local privilege escalations (LPEs), 1 bhyve guest-to-host escape, and several memory disclosures and denial-of-service issues.

The collaboration began with SVI's commitment to help critical open-source projects that maintain essential internet infrastructure. After discovering an initial remote kernel exploit, SVI expanded the audit scope in coordination with the FreeBSD team. The effort yielded not just vulnerability reports, but also custom AI audit skills that SVI shared with the FreeBSD maintainers to enable ongoing vulnerability detection and prevention.

SVI emphasizes responsible disclosure practices: reporting only high or critical vulnerabilities, providing concise reports with proof-of-concept code, suggesting rather than insisting on patches, and maintaining direct communication channels with maintainers. This approach led to rapid remediation, with several vulnerabilities moving from report to fix within days. The organization has also published detailed exploits and technical writeups for three of the discovered local privilege escalations.

Editorial Opinion

This audit exemplifies how AI can be responsibly deployed for security research—not merely to enumerate vulnerabilities, but to strengthen the open-source projects that underpin global infrastructure. SVI's emphasis on human relationships, concise reporting, and sharing tools rather than just findings demonstrates ethical AI-assisted security work. As critical projects like FreeBSD face mounting maintenance burdens, AI-augmented security audits could offer a scalable model for protecting the internet's foundation.