An AI agent just handed every Linux machine on earth a critical security flaw — and the exploit is already free and public. Here's what CVE-2025-31431 does, how it works, and why you should care even if you've never touched a terminal.
This vulnerability has been sitting inside the Linux kernel since 2017, survived nearly a decade of human code review, and was found by an AI in about one hour. CrowdStrike confirmed active exploitation. CISA listed it as a known exploited vulnerability. Every major distro — Ubuntu, Debian, Red Hat, Arch, Amazon Linux, SUSE — is affected. We break down exactly how a 732-byte Python script turns any logged-in user into root, why this is a local exploit and not a remote one, what Theori's AI agent actually did to find it, and what this means for the future of software security when AI can surface decade-old bugs in an hour of scan time. Patch your systems now. Then think about what comes next.
