Comment by garlic_chives
2 years ago
AIxCC is an AI Cyber Challenge launched by DARPA and ARPA-H.
Notably, a zero-day vulnerability in SQLite3 was discovered and patched during the AIxCC semifinals, demonstrating the potential of LLM-based approaches in bug finding.
Notably, an undiscovered trivial NULL pointer dereference in SQLite3's SQL parser was discovered and patched. But yeah, it makes very good marketing material.
It's not a critical issue, but it was surprising since we didn’t know that SQLite3 would be one of the challenges before the competition.
Is there any write ups or CVE pages on that vulnerability? From a quick search, I can't find anything.