Seth/glasswing
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

docs: add confirmed patch status and new sources

Browse Source 
Track CVE assignments, patch dates, and security advisories for
the flagship Glasswing-discovered vulnerabilities. 13 new sources added.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Mortdecai
2026-04-14 15:51:22 -04:00
parent c0033e5d20
commit 7e735c30fb
2 changed files with 42 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
docs/research-notes.md
+19 -1
View File
@@ -46,7 +46,25 @@ Thousands of zero-days across every major OS and browser. Notable specifics:
| Linux Kernel | Privilege escalation | — | Chained vulns: KASLR bypass + heap manipulation | | Linux Kernel | Privilege escalation | — | Chained vulns: KASLR bypass + heap manipulation |
| Firefox | JIT heap spray + sandbox escape | — | Chains 4 vulns to escape renderer and OS sandboxes | | Firefox | JIT heap spray + sandbox escape | — | Chains 4 vulns to escape renderer and OS sandboxes |
**Critical stat: <1% of discovered vulnerabilities have been patched so far.** **Overall: <1% of discovered vulnerabilities patched as of 2026-04-07 announcement.** Discovery rate has "outpaced the patch rate by several orders of magnitude."
### Confirmed Patches (as of 2026-04-14)
The flagship vulnerabilities were disclosed and patched **before** the April 7 announcement — Anthropic had been doing coordinated disclosure for weeks prior.
| Vulnerability | CVE | Patched? | Advisory / Details |
|---|---|---|---|
| FreeBSD NFS RCE (RPCSEC_GSS) | CVE-2026-4747 | YES (2026-03-26) | FreeBSD-SA-26:08.rpcsec_gss. Stack buffer overflow in `svc_rpc_gss_validate()`. 17 years old, unauthenticated root RCE. Credited "Nicholas Carlini using Claude, Anthropic." |
| OpenBSD TCP SACK | — | YES (2026-03-21) | Errata patch `025_sack.patch.sig` for OpenBSD 7.7/7.8. Binary patches via `syspatch`. |
| FFmpeg H.264 | — | YES (partial) | 3 CVEs fixed in FFmpeg 8.1 (including 16-year slice-counter overflow). "Many more undergoing responsible disclosure." FFmpeg publicly thanked Anthropic for "sending real patches." |
| Linux kernel priv-esc | — | PARTIAL | At least one commit (`e2f78c7ec165`) merged within 1 week. Multiple bugs found (buffer overflow, use-after-free, double-free) but none remotely exploitable — defense-in-depth held. |
| Firefox JIT sandbox escape | CVE-2026-4692 + 5 more | YES (2026-03-24) | Firefox 149 patched 37 vulns including 6 from Anthropic team (Carlini, Ben Asher, Lucas, Cheng, Freeman, Gaynor, Weinberger). First multi-CVE AI-assisted contribution to a major browser advisory. Red Hat issued RHSA-2026:7837/7841 downstream. |
### Disclosure Timeline
- **90-day public report** committed (early July 2026): summary of what Glasswing has fixed + lessons learned
- **90 + 45 day maximum** before public release of vulnerability details
- Calif.io published a detailed write-up of CVE-2026-4747 including the actual prompts used: github.com/califio/publications/blob/main/MADBugs/CVE-2026-4747/write-up.md
## 4. Partnership Structure ## 4. Partnership Structure
docs/sources/source-index.md
+23
View File
@@ -36,6 +36,29 @@
| S13 | Security Magazine: Expert reactions | securitymagazine.com/articles/102226-what-are-security-experts-saying-about-claude-mythos-and-project-glasswing | | S13 | Security Magazine: Expert reactions | securitymagazine.com/articles/102226-what-are-security-experts-saying-about-claude-mythos-and-project-glasswing |
| S14 | The Conversation: Why an AI superhacker has the tech world on alert | theconversation.com/claude-mythos-and-project-glasswing-why-an-ai-superhacker-has-the-tech-world-on-alert-280374 | | S14 | The Conversation: Why an AI superhacker has the tech world on alert | theconversation.com/claude-mythos-and-project-glasswing-why-an-ai-superhacker-has-the-tech-world-on-alert-280374 |
## Security Advisories & Patch Sources
| ID | Source | URL |
|----|--------|-----|
| S15 | FreeBSD-SA-26:08.rpcsec_gss (CVE-2026-4747) | freebsd.org/security/advisories/FreeBSD-SA-26:08.rpcsec_gss.asc |
| S16 | NVD: CVE-2026-4747 | nvd.nist.gov/vuln/detail/CVE-2026-4747 |
| S17 | OpenBSD 7.7/7.8 Errata (025_sack, 2026-03-21) | openbsd.org/errata77.html |
| S18 | Calif.io MAD Bugs write-up (CVE-2026-4747 prompts) | github.com/califio/publications/blob/main/MADBugs/CVE-2026-4747/write-up.md |
| S19 | Firefox 149 Security Advisory (6 Anthropic-credited CVEs) | cybersecuritynews.com/firefox-149-released/ |
| S20 | SentinelOne: CVE-2026-4692 (Firefox) | sentinelone.com/vulnerability-database/cve-2026-4692/ |
| S21 | FFmpeg thanks Anthropic (PiunikaWeb) | piunikaweb.com/2026/04/08/ffmpeg-thanks-claude-mythos-16-year-bug-fix/ |
| S22 | The Hacker News: Claude Mythos Finds Thousands of Zero-Day Flaws | thehackernews.com/2026/04/anthropics-claude-mythos-finds.html |
| S23 | Red Hat RHSA-2026:7837 (Firefox downstream) | access.redhat.com/errata/RHSA-2026:7837 |
## Post-Announcement Analysis
| ID | Source | URL |
|----|--------|-----|
| S24 | Forrester: AI Will Break the Vuln Management Playbook | forrester.com/blogs/project-glasswing-shows-that-ai-will-break-the-vulnerability-management-playbook/ |
| S25 | Humai: Less Than 1% Are Patched | humai.blog/anthropic-found-thousands-of-zero-days-in-windows-macos-chrome-and-firefox-less-than-1-are-patched/ |
| S26 | Picus Security: The Glasswing Paradox | picussecurity.com/resource/blog/anthropics-project-glasswing-paradox |
| S27 | VentureBeat: Mythos detection ceiling | venturebeat.com/security/mythos-detection-ceiling-security-teams-new-playbook/ |
## Unverified / To Investigate ## Unverified / To Investigate
- Security firm **Aisle** reportedly replicated some Glasswing discoveries with cheaper models (mentioned by Schneier, S4) - Security firm **Aisle** reportedly replicated some Glasswing discoveries with cheaper models (mentioned by Schneier, S4)