Submit finding

All findings

CVE-2026-31532 high

Bynario AI assists Linux CAN raw socket UAF fix

Bynario says its LLM-driven pipeline discovered, validated, and patched CVE-2026-31532, a Linux kernel CAN raw socket use-after-free; the upstream Linux commit includes Assisted-by: Bynario AI.

Bug class
RCU teardown race causing use-after-free of per-CPU CAN raw socket state
Affected codebase
Linux kernel CAN raw sockets
Credited system
BynarIO AI
Disclosed
May 7, 2026
Attribution
Direct source attribution
Severity
high
Source status: Bynario's May 7, 2026 post supplies the discovery, validation, Opus 4.6, and pipeline details. The upstream Linux commit independently names Bynario AI in an Assisted-by trailer, and NVD corroborates the kernel.org CVE, CWE-416 classification, patch references, and CVSS 7.8 high score. The Bynario post's remediation link points to the FUSE commit; the correct CAN commit is a535a9217ca3f2fccedaafb2fddb4c48f27d36dc.

Summary

CVE-2026-31532 is a Linux kernel use-after-free in CAN raw socket teardown. raw_release() unregisters receive filters through can_rx_unregister(), but receiver deletion is deferred with call_rcu(). That leaves a window where raw_rcv() can still run inside an RCU read-side section after raw_release() has freed ro->uniq, the socket’s per-CPU deduplication state.

Bynario’s write-up says its LLM-driven pipeline discovered, validated, and patched the bug while analyzing Linux 7.0, with Opus 4.6 as the primary model for discovery and validation. The post frames the bug as a non-trivial kernel race involving asynchronous teardown, RCU lifetime, and per-CPU state.

NVD records the issue as CWE-416 with a kernel.org CVSS 3.1 score of 7.8 high.

Validation

Bynario says its validator did not rely on KASAN alone because the freed object is per-CPU storage, which is harder to catch with standard sanitizer coverage. Instead, the validator added a logical marker to struct raw_sock, set the marker after free_percpu(ro->uniq), and then used a proof-of-concept with multiple sender and racer threads to confirm that raw_rcv() could run after the free.

That validation detail is relevant to Bugflation because it moves beyond a generic static-analysis warning. The public write-up describes a concrete race, a trigger strategy, and a patch path.

Attribution

This is a direct-attribution entry. The Linux mainline commit is authored by Samuel Page and includes Assisted-by: Bynario AI, along with an upstream acknowledgement and maintainer sign-off. Bynario’s own post supplies the AI-pipeline narrative and model detail; the upstream commit and NVD record corroborate that the bug was accepted and fixed in the normal kernel process.

One caveat: the Bynario post’s remediation section links to commit 51a8de6c50bf, which is the separate FUSE fix. The CAN fix is commit a535a9217ca3f2fccedaafb2fddb4c48f27d36dc. Because the correct commit carries the Assisted-by: Bynario AI trailer, this appears to be an editorial link mistake rather than a substantive attribution problem.

Why it matters

The CAN bug is a strong bugflation case because it sits in a mature kernel subsystem and depends on lifetime reasoning across teardown, callback, RCU, and per-CPU state. Bynario’s public account is not a claim that a model found root from a blank prompt. It is a more useful signal: LLM-assisted discovery and validation can help expert researchers turn subtle concurrency hypotheses into accepted kernel patches.

References

Catalogued in the Bugflation public ledger. Disagree with the attribution or severity label? Email the desk.