[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"article-copy-fail-human-ai-vulnerability-analysis-en":3,"article-related-copy-fail-human-ai-vulnerability-analysis-en":35,"series-research-de826e07-576c-40dd-8110-f62a75090a0d":86},{"id":4,"title":5,"content":6,"summary":7,"source":8,"source_url":9,"author":10,"image_url":11,"keywords":12,"language":18,"translated_content":10,"views":19,"is_premium":20,"created_at":21,"updated_at":21,"cover_image":11,"published_at":22,"rewrite_status":23,"rewrite_error":10,"rewritten_from_id":24,"slug":25,"category":26,"related_article_id":27,"status":28,"google_indexed_at":10,"x_posted_at":10,"tweet_text":10,"title_rewritten_at":10,"title_original":10,"key_takeaways":29,"topic_cluster_id":33,"embedding":34,"is_canonical_seed":20},"de826e07-576c-40dd-8110-f62a75090a0d","Copy Fail如何证明人机协同能挖内核漏洞","\u003Cp data-speakable=\"summary\">Copy Fail展示了研究员定方向、AI做扫描的人机协同漏洞分析流程。\u003C\u002Fp>\u003Cp>2026年3月23日，\u003Ca href=\"https:\u002F\u002Ftheori.io\" target=\"_blank\" rel=\"noopener\">Theori\u003C\u002Fa> 研究员 Taeyang Lee 向 Linux 内核安全团队提交了 \u003Ca href=\"https:\u002F\u002Fwww.cve.org\u002FCVERecord?id=CVE-2026-31431\" target=\"_blank\" rel=\"noopener\">CVE-2026-31431\u003C\u002Fa>，也就是后来被称为 Copy Fail 的漏洞。这个漏洞的 CVSS 评分是 7.8，影响范围覆盖 Ubuntu 24.04 LTS、RHEL 8\u002F9\u002F10、Amazon Linux 2023 和 SUSE 16 等主流发行版，修复补丁在 4 月 1 日合入主分支，4 月 29 日公开披露。\u003C\u002Fp>\u003Ctable>\u003Cthead>\u003Ctr>\u003Cth>项目\u003C\u002Fth>\u003Cth>数值\u003C\u002Fth>\u003Cth>含义\u003C\u002Fth>\u003C\u002Ftr>\u003C\u002Fthead>\u003Ctbody>\u003Ctr>\u003Ctd>CVE 编号\u003C\u002Ftd>\u003Ctd>CVE-2026-31431\u003C\u002Ftd>\u003Ctd>Linux 内核 Copy Fail 漏洞\u003C\u002Ftd>\u003C\u002Ftr>\u003Ctr>\u003Ctd>发现时间\u003C\u002Ftd>\u003Ctd>2026-03-23\u003C\u002Ftd>\u003Ctd>研究员提交报告\u003C\u002Ftd>\u003C\u002Ftr>\u003Ctr>\u003Ctd>CVSS\u003C\u002Ftd>\u003Ctd>7.8\u003C\u002Ftd>\u003Ctd>高危本地提权\u003C\u002Ftd>\u003C\u002Ftr>\u003Ctr>\u003Ctd>PoC 体积\u003C\u002Ftd>\u003Ctd>732 字节\u003C\u002Ftd>\u003Ctd>Python 脚本即可利用\u003C\u002Ftd>\u003C\u002Ftr>\u003Ctr>\u003Ctd>补丁合入\u003C\u002Ftd>\u003Ctd>2026-04-01\u003C\u002Ftd>\u003Ctd>修复进入主线\u003C\u002Ftd>\u003C\u002Ftr>\u003Ctr>\u003Ctd>公开披露\u003C\u002Ftd>\u003Ctd>2026-04-29\u003C\u002Ftd>\u003Ctd>协调披露完成\u003C\u002Ftd>\u003C\u002Ftr>\u003Ctr>\u003Ctd>根因起点\u003C\u002Ftd>\u003Ctd>2017-01\u003C\u002Ftd>\u003Ctd>相关优化提交引入问题\u003C\u002Ftd>\u003C\u002Ftr>\u003C\u002Ftbody>\u003C\u002Ftable>\u003Ch2>这次发现真正重要的，不是漏洞本身\u003C\u002Fh2>\u003Cp>Copy Fail 之所以值得写，不只是因为它是一个 Linux 内核本地提权漏洞，而是因为它把“人类研究员 + AI 平台”的分工关系讲得非常清楚。这个漏洞不是 AI 自己撞出来的，也不是传统人工审计一行行翻出来的，而是研究员先提出一个很窄、很具体的攻击面假设，再让 AI 去做大范围语义扫描。\u003C\u002Fp>\n\u003Cfigure class=\"my-6\">\u003Cimg src=\"https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1779207848752-ph8g.png\" alt=\"Copy Fail如何证明人机协同能挖内核漏洞\" class=\"rounded-xl w-full\" loading=\"lazy\" \u002F>\u003C\u002Ffigure>\n\u003Cp>这个流程很像高手带着新工具打仗。人负责判断哪里值得看，AI 负责把相关代码路径尽量扫干净。对安全研究来说，这比“AI 自动发现漏洞”的叙事更现实，也更接近今天真正能落地的工作方式。\u003C\u002Fp>\u003Cp>文章里提到的关键点很明确：\u003Ca href=\"https:\u002F\u002Fxint.io\" target=\"_blank\" rel=\"noopener\">Xint Code\u003C\u002Fa> 在约 1 小时内完成了对 crypto 子系统的深度关联分析，定位到了 authencesn 模板中的逻辑缺陷。这个速度放在人工审计里，几乎不可能靠纯手工实现。\u003C\u002Fp>\u003Cul>\u003Cli>漏洞类型：逻辑缺陷，不是传统内存破坏\u003C\u002Fli>\u003Cli>利用方式：100% 稳定的本地提权\u003C\u002Fli>\u003Cli>攻击脚本：732 字节 Python\u003C\u002Fli>\u003Cli>影响面：多个主流 Linux 发行版\u003C\u002Fli>\u003C\u002Ful>\u003Ch2>研究员先定方向，AI 再放大结果\u003C\u002Fh2>\u003Cp>Taeyang Lee 的价值不在于“发现了一个奇怪的函数”，而在于他把 AF_ALG 套接字、splice() 零拷贝、scatterlist 这些看似分散的组件，串成了一个可疑的攻击面。他的直觉来自 kernelCTF 经验，也来自对内核加密子系统交互边界的长期观察。\u003C\u002Fp>\u003Cp>这里最关键的一点是：研究员不是在问“crypto 子系统有没有 bug”，而是在问“AF_ALG + splice 能不能把只读页缓存送进一个最终会被写入的位置”。这个问题非常具体，AI 才有可能围绕它做有效搜索。没有这个方向，AI 只会在大量正常代码里来回跑。\u003C\u002Fp>\u003Cblockquote>“a researcher identifies the attack surface, XC analyzes it” — Xint Code\u003C\u002Fblockquote>\u003Cp>这句话很直白，也很准确。人类提供判断，AI 提供规模化执行。Copy Fail 的发现过程几乎就是这句话的注脚。\u003C\u002Fp>\u003Cp>更重要的是，这种分工解决了一个老问题：复杂系统里的漏洞往往不是单点错误，而是几个“单独看都合理”的改动叠在一起之后，才出现的交互失配。Copy Fail 就是这样。\u003C\u002Fp>\u003Ch2>为什么传统方法很难碰到它\u003C\u002Fh2>\u003Cp>Copy Fail 不是那种会直接崩溃、冒日志、触发明显异常的漏洞。它的根因藏在三个时间点不同、目标不同的改动里：2011 年的 authencesn 实现，2015 年 AF_ALG 接口对非特权用户开放，2017 年的 in-place 优化。每一步单独看都说得通，合在一起却把页缓存写进了不该写的位置。\u003C\u002Fp>\n\u003Cfigure class=\"my-6\">\u003Cimg src=\"https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1779207846777-pmc7.png\" alt=\"Copy Fail如何证明人机协同能挖内核漏洞\" class=\"rounded-xl w-full\" loading=\"lazy\" \u002F>\u003C\u002Ffigure>\n\u003Cp>这也是为什么模糊测试、规则型静态分析、内存检测工具都不容易发现它。它不是越界读写那种“看一眼就知道不对劲”的问题，而是语义层面的错位：写入行为本身看起来合法，但合法的前提建立在错误的对象属性上。\u003C\u002Fp>\u003Cp>如果把传统方法拆开看，局限会更明显。\u003C\u002Fp>\u003Cul>\u003Cli>模糊测试擅长找崩溃，不擅长找跨子系统语义错位\u003C\u002Fli>\u003Cli>ASan 和 KASan 盯的是内存安全，不是逻辑授权关系\u003C\u002Fli>\u003Cli>规则型 SAST 依赖已知模式，碰到组合型缺陷就容易失效\u003C\u002Fli>\u003Cli>人工审计能发现问题，但很难穷举 Linux 内核级别的全部交互路径\u003C\u002Fli>\u003C\u002Ful>\u003Cp>这也是 Copy Fail 最有意思的地方：它不是“更隐蔽的内存洞”，而是“更复杂的系统协同错误”。\u003C\u002Fp>\u003Ch2>数据、算力和经验，三者缺一都不行\u003C\u002Fh2>\u003Cp>文章把 Copy Fail 的出现放在 2026 年这个时间点，原因也很现实。第一，\u003Ca href=\"\u002Ftag\u002Fllm\">LLM\u003C\u002Fa> 的语义理解能力已经到了能处理跨文件、跨模块关系的程度。第二，\u003Ca href=\"\u002Ftag\u002Fgpu\">GPU\u003C\u002Fa> 和云算力让一次大范围代码扫描变得可承受。第三，研究员的经验积累已经足够把问题问对。\u003C\u002Fp>\u003Cp>这里可以直接拿几个数字看：Linux 内核本身有 3000 万行以上代码，crypto 子系统约 6.8 万行 C 代码，Xint Code 却能在约 1 小时内完成深度扫描。把这个速度和人工审计对比一下，就知道 AI 的角色不是“替代专家”，而是把专家的判断扩展到更大的代码空间里。\u003C\u002Fp>\u003Cp>文章还提到页缓存相关漏洞经验的积累。从 \u003Ca href=\"https:\u002F\u002Fnvd.nist.gov\u002Fvuln\u002Fdetail\u002FCVE-2016-5195\" target=\"_blank\" rel=\"noopener\">Dirty COW\u003C\u002Fa> 到 \u003Ca href=\"https:\u002F\u002Fnvd.nist.gov\u002Fvuln\u002Fdetail\u002FCVE-2022-0847\" target=\"_blank\" rel=\"noopener\">Dirty Pipe\u003C\u002Fa>，安全社区对页缓存攻击的理解已经成熟很多。Copy Fail 正是建立在这种经验之上，只是这次它发生在内核加密路径里，而不是常见的文件系统路径。\u003C\u002Fp>\u003Cp>如果再看披露节奏，也能看出这次事件的专业度。3 月 23 日报告，4 月 1 日补丁合入，4 月 29 日公开，整个协调披露周期 37 天。对发行版维护者来说，这个窗口不算宽松，但足够完成修复集成。\u003C\u002Fp>\u003Ch2>Copy Fail 说明了什么，也暴露了什么\u003C\u002Fh2>\u003Cp>Copy Fail 说明，今天真正有效的漏洞研究，不是盯着某个工具有没有“自动找洞”的能力，而是看研究员能不能提出高质量问题，再让 AI 去做高覆盖率验证。这个模式对资源有限的团队尤其重要，因为它比单纯堆算力更依赖判断力。\u003C\u002Fp>\u003Cp>它也暴露了另一个现实：如果团队长期忽视底层分析、内核驱动分析和系统级归因能力，就会越来越难发现这类跨组件漏洞。只靠表层防护和用户态检测，碰到这种逻辑缺陷时会非常被动。\u003C\u002Fp>\u003Cp>对安全团队来说，Copy Fail 的直接启发很明确：\u003C\u002Fp>\u003Cul>\u003Cli>先训练研究员提出好问题，再让 AI 放大搜索范围\u003C\u002Fli>\u003Cli>把跨文件语义分析当成核心能力，而不是附加功能\u003C\u002Fli>\u003Cli>继续盯住页缓存、零拷贝、权限边界这类老问题的新组合\u003C\u002Fli>\u003Cli>把补丁验证、PoC 复现和缓解措施纳入同一套流程\u003C\u002Fli>\u003C\u002Ful>\u003Cp>我更愿意把 Copy Fail 看成一个信号：内核漏洞研究已经进入“人负责判断，AI 负责穷举”的阶段。下一批最难找的漏洞，很可能还会出现在几个单独看都没问题的设计交汇处。问题只剩一个——你的团队能不能先问对那个问题。\u003C\u002Fp>","Copy Fail表明，研究员先定攻击面，AI再做大规模语义扫描，能更快挖出Linux内核逻辑漏洞。","zhuanlan.zhihu.com","https:\u002F\u002Fzhuanlan.zhihu.com\u002Fp\u002F2037585321274160460",null,"https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1779207848752-ph8g.png",[13,14,15,16,17],"Copy Fail","Linux内核","AI漏洞分析","本地提权","语义分析","en",0,false,"2026-05-19T16:23:36.696976+00:00","2026-05-19T16:23:36.687+00:00","done","22c174e4-2506-46dc-832b-b1dc87cd6ebd","copy-fail-human-ai-vulnerability-analysis-en","research","a2527d1f-99c7-4f8b-86c3-26679b44ccce","published",[30,31,32],"Copy Fail 不是 AI 独立发现的，而是研究员先定攻击面、AI 再做大规模扫描。","这个漏洞是跨子系统逻辑缺陷，传统模糊测试和规则型静态分析都不容易命中。","对安全团队来说，最实用的方向是训练研究员提好问题，再用 AI 放大验证范围。","3103988e-c4fe-45e3-98ab-846500c9d507","[-0.012460138,0.006439817,0.013739113,-0.04747547,0.010638356,-0.010029442,-0.03566424,0.0025794143,0.010257721,0.019270396,-0.002727254,-0.032141827,0.0126682,0.011798479,0.13288231,0.026932312,0.0023367398,0.034772452,-0.0021022847,-0.016602853,0.009934828,-0.016413582,-0.032457586,-0.015889946,-0.015077097,-0.013274816,0.009972516,-0.008840655,0.049321678,-0.018809825,0.021835906,0.0049411934,-0.0053210715,0.016193949,0.013678543,0.0019546633,0.030569434,0.008195367,0.0017305024,0.02036088,0.018969217,0.00085252855,-0.009741319,0.013747721,0.0058465805,0.0042568534,0.015486129,-0.013801513,-0.009517465,0.009326562,-0.026800662,-0.0006505013,0.0023689196,-0.17613995,0.0066947932,0.02100053,-0.019107739,0.002655377,0.023871629,-0.00057697925,-0.020923154,0.010531346,-0.022246609,-0.04196448,-0.007878,-0.021769192,-0.0015569754,-0.010585875,-0.019298648,-0.0056689167,-0.01381667,-0.018063886,-0.00473983,-0.014528176,-0.03611456,-0.009317621,-0.0042570746,0.0015478663,-0.00096082437,0.007714596,-0.017882448,-0.018965984,0.0007268916,-0.0032136005,0.0006840228,-0.0013608148,-0.0043985685,-0.018081196,-0.0003255545,0.028858343,-0.01837225,0.027050516,-0.0053946613,0.017967757,0.0044395695,0.015435948,-0.0019627246,0.013714215,0.011428847,0.015012752,-0.0217784,-0.040850535,0.01887138,0.0048223753,0.010852362,0.0017677898,-0.0056729265,-0.036018856,0.016694972,0.016450169,0.007090951,-0.018154051,-0.028763374,0.0019546233,-0.0073686256,-0.12899621,-0.03679861,0.014463544,0.004656787,0.005878501,-0.0124055045,0.0043581123,-0.003414888,0.021931952,5.6881046e-05,0.0098409,-0.015445493,0.0053318315,-0.021270538,-0.010265361,-0.007653355,-0.010425093,-0.0032069082,0.014082768,-0.014080789,-0.006947006,0.0084755095,-0.010732245,-0.004801262,-0.052283827,0.018772434,0.020444537,0.006975074,-0.023469662,0.0017794549,0.02751548,-0.0058763213,-0.0036928162,0.020391202,-0.019256277,0.0007093641,-0.018492956,-0.0010986796,-0.023252819,0.003246749,-0.060942132,-0.014694108,0.01582811,-0.007718004,0.023866571,-0.016013542,-0.018598346,-0.0055872006,0.029057099,0.0031527348,-0.0015153543,0.032975286,0.011137374,-0.022233516,0.011581788,0.0051916135,-0.026974164,0.008884611,0.0020552108,-0.013955596,-0.012549688,-0.009717166,-0.00083502167,0.016648224,-0.017568817,0.009268456,0.020006487,-0.014589046,-0.0052080094,-0.0016365866,-0.006038655,0.00817899,0.013086363,0.018656775,-0.015752899,-0.01596617,-0.018195465,0.015372724,0.0021029469,0.014946639,-0.028678408,-0.008461407,-0.00034904623,0.00073580863,0.018535059,0.00050122244,-0.021979291,0.011062445,-0.00025757303,0.0117816,-0.007589559,0.005414832,-0.025271652,0.025023524,0.0066456706,0.0012326045,0.028551888,-0.0099242935,-0.0038294832,-0.00252328,-0.01410291,-0.014601267,-0.00022983774,0.005098882,-0.0051502176,0.021337021,-0.013173692,0.008514388,0.015933326,-0.00800923,-0.010037874,-0.0121547505,-0.02116322,-0.009487422,0.033665624,0.009209827,0.02113805,-0.006945134,-0.0033766318,0.01141411,0.027681101,0.008918336,0.039602574,0.025912626,-0.0043748072,-0.029269587,0.0016904849,-0.012429577,0.010498125,0.022365239,-0.015142379,0.019130206,0.010241518,-0.013098771,-0.006377559,-0.014496606,0.019813253,-0.020364527,-0.022607071,0.03362302,-0.013788038,0.015438262,0.0053213583,0.0061108735,-0.01796994,-8.183487e-05,-0.011454048,-0.005789691,0.0043395837,0.0010455566,-0.025403775,0.01520131,0.003539579,-0.028453078,0.024007762,-0.025991052,0.024916438,-0.0173394,-0.014730976,0.051980905,0.01570115,-0.054700393,0.022752965,-0.0025014156,-0.020280713,0.01836847,0.011902977,-0.024675673,0.009926544,-0.0057355817,0.007071377,-0.016383082,-0.0033617439,-0.0038926464,-0.003950295,-0.00858576,0.010806075,-0.004420859,0.0026535934,-0.013390359,-0.015659174,0.003291547,-0.008980863,-0.0044195536,-0.0122785475,0.018837621,-0.020749675,0.004305515,0.029949836,-0.010913271,-0.0051326253,0.00046912368,0.04789407,0.02145757,-0.0019729936,-0.02255587,-0.01553743,0.015574916,-0.01486706,-0.0117892735,0.0008332228,-0.03843933,-0.011057297,0.020320522,-0.027786074,0.016379353,-0.003062226,0.0021762042,-0.004263287,-0.011440182,-0.0038254217,-0.007563033,-0.0022451994,0.009312384,-0.0082310345,0.00012532946,0.02025516,0.029110566,-0.0013521016,-0.011333972,0.003620462,-0.0036734303,0.0059419256,-0.02151223,0.015236458,0.009428971,0.0033722455,-0.0137348175,0.019372495,-0.0330772,0.016690452,-0.015059578,-0.008070833,0.011337159,-0.0031975727,0.0312662,0.0017593382,-0.0027317815,-0.018695094,-0.017185556,0.034207784,0.0036753032,-0.008065821,-0.0040842276,0.007075335,0.02688231,-0.014362955,-0.011029672,0.011426865,0.011643135,-0.017080856,0.0055736415,0.017411549,-0.029536651,-0.004452058,0.027819827,-0.017269775,0.006405409,-0.01970611,-0.018007934,0.018808346,-0.011413489,-0.004440847,-0.00774439,-0.00536098,0.010051193,0.040755823,-0.009280607,-0.023561258,-0.025729673,-0.0072842343,-0.022329437,-0.0069568316,0.015335188,0.018872892,0.0074968142,0.007515012,-0.009850014,-0.020661287,-0.02422954,0.018423147,0.002384374,-0.0016327605,-0.0066737337,-0.019090261,-0.0051450636,0.017871117,0.00682984,0.0142375035,0.010985026,-0.015726948,-0.010567704,0.028509635,0.030458251,-0.00045370383,-0.006553217,0.016568767,0.01057398,0.030029077,0.016326087,-0.018083805,0.012571695,-0.014640186,0.029500384,0.008489401,0.025520187,0.0032325278,0.039359834,0.020301765,-0.0049629384,0.0018839923,-0.010774033,-0.020723142,0.014229951,-0.010411838,0.014620405,-0.00062778534,-0.006362339,-0.030199042,0.011728311,-0.030327287,-0.021825776,0.026829818,-0.016200155,0.011707065,-0.02133036,0.0065543167,-0.00227106,0.016614772,-0.004622176,-0.024254639,-0.0044477726,0.0046121427,-0.034679346,0.017532274,0.021918388,0.036768623,0.03845308,0.000796485,-0.0064174137,-0.0066142445,0.0027459778,0.004500096,0.0034779315,-0.042608913,-0.0044510043,-0.0013461146,0.02206756,0.006462521,-0.009046188,-0.010284974,-0.020905968,-0.0248181,-0.0070894444,0.00020065457,-0.0014417017,-0.00638201,-0.00016937112,0.010393075,-0.010330444,-0.0018628096,-0.012084037,0.017058339,-0.008429914,0.0067573832,0.0052488083,0.011027088,0.0006577661,-0.027848551,0.0075375377,0.027519021,-0.028074667,-0.02127393,-0.0069621257,-0.0052491534,0.009395887,0.0103745675,-0.015245256,-0.020123914,-0.0340168,-0.026570676,-0.014665649,-0.01585577,0.01588573,0.014024304,0.016020305,-0.016218932,0.0036854183,-0.0036032698,-0.006702134,-0.008034636,-0.0004302333,0.019716363,-0.0024730803,-0.014148945,-0.039520808,-0.020410115,0.0121983625,0.011344716,-0.010948358,-0.011726447,-0.01080496,0.003993743,0.0045358376,0.019200655,-0.014636736,0.008082779,-0.0016008492,0.021992434,0.012463987,-0.03277322,0.03621212,3.7235845e-05,0.027426999,0.021590134,-0.0015547526,0.023619523,-0.024671152,0.021495486,0.034830827,0.007436599,0.008318109,-0.012022485,0.020496387,-0.013476762,-0.020728184,0.000309929,-0.008427493,-0.0070016356,0.025550937,-0.10248273,0.009627952,0.014004671,-0.006942546,-0.0056619043,-0.020532686,0.0097367,-0.006432213,-0.013899724,-0.01418188,0.023425207,-0.007214804,0.037021056,0.015850939,-0.019236071,-0.024798077,-0.002058227,0.0043467283,0.035565194,-0.021886036,0.033488303,-0.010503741,-0.0037268698,0.01347802,-0.00019724088,-0.024361415,0.0016177493,0.018931229,-0.0011663577,0.028824234,-0.037372254,0.0067109033,0.030335717,-0.003928973,0.01738651,-0.025469325,-5.4618675e-05,-0.043765265,-0.00427102,-0.0140492795,0.003516753,0.005240092,-0.016050367,-0.0051907995,0.0043227305,0.022393716,-0.013672333,-0.008196144,-0.023279272,-0.011959545,-0.039127372,-0.0012446232,0.008765268,-0.02112769,-0.028134715,0.014390682,0.014068275,0.0061423224,-0.0016675909,0.029117089,0.012670276,0.009957124,-0.033360474,0.017794846,0.029501135,-0.00066117407,0.01125796,0.036812324,0.025411261,-0.0103857,-0.007882496,-0.009673117,0.008520008,0.02417959,-0.0011098186,0.011160393,-0.021566017,0.031070756,-0.036687475,-0.00071608013,-0.05455312,-0.02365656,-0.09865285,-0.041544404,0.00932483,0.004561628,0.015496333,-0.02078681,0.033683814,-0.012484501,-0.022646071,-0.018728217,0.0004278423,0.019335276,-0.023548711,-0.0329177,0.021342203,0.002752366,0.0013762019,0.0010146818,-0.012588431,-0.02174703,-0.01703379,-0.012737913,0.01539934,-0.047938872,0.022059478,0.016864115,-0.008045204,0.0017660062,0.027292117,-0.012350553,-0.031796023,-0.109836504,-0.011753589,-0.0031263311,-0.022219367,0.004010493,0.016664483,-0.0020520322,-0.0121930605,0.032916892,-0.008353645,-0.04180606,-0.020622332,0.002271696,-0.007938054,-0.01172401,0.10937532,-0.0014581424,-0.0024491427,-0.009504789,0.0020820743,0.023262052,-0.03479788,-0.020094106,-0.009974648,0.011584002,0.017912013,0.02540326,-0.02221582,-0.0030608461,0.005936957,0.018332984,-0.009742051,-0.003988155,-0.017285852,0.012934841,0.004791392,-0.008481855,0.01115806,-0.011800545,0.022037206,0.03104736,0.02968845,-0.0036201905,0.003770389,-0.008176476,-0.0010926365,-0.017414464,0.00034741886,0.009022386,-0.001747077,0.0052005206,-0.067908145,0.015585053,-0.016368024,0.018006444,0.0022866307,-0.012661083,-0.006544549,0.01713712,-0.015400805,0.013035894,0.0009303159,-0.03506226,0.03208058,0.02928709,0.011998232,0.03006131,0.010425817,0.006126452,-0.008844138,-0.016611433,-0.010743439,0.008809185,0.0043011643,0.005889416,0.0058255293,0.0170085,0.021300063,0.019845443,-0.0062278206,0.0014248381,-0.0003393372,-0.0022196043,-0.0017305181,0.0020620069,-0.005525644,-0.0044486695,-0.020651232,0.010696427,-0.0068068043,0.0055409214,0.021501413,-0.016146908,0.004255254,0.029353987,0.02584248,-0.013871707,-0.00429282,0.006371722,-0.0068759075,-0.004346554,-0.038582053,-0.022482885,-0.010206355,-0.004483074,0.0026885362,0.046654575,0.036052518,0.03243392,0.0256921]",{"tags":36,"relatedLang":45,"relatedPosts":49},[37,38,40,42,44],{"name":16,"slug":16},{"name":13,"slug":39},"copy-fail",{"name":14,"slug":41},"linux内核",{"name":15,"slug":43},"ai漏洞分析",{"name":17,"slug":17},{"id":27,"slug":46,"title":47,"language":48},"copy-fail-human-ai-vulnerability-analysis-zh","Copy Fail 為何能挖出內核漏洞","zh",[50,56,62,68,74,80],{"id":51,"slug":52,"title":53,"cover_image":54,"image_url":54,"created_at":55,"category":26},"6bef1751-4ed9-4a46-aad5-47808b26d308","fragnesia-kernel-bug-root-shell-access-en","Fragnesia turns a kernel bug into root shell access","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1779207309809-8wht.png","2026-05-19T16:14:25.109265+00:00",{"id":57,"slug":58,"title":59,"cover_image":60,"image_url":60,"created_at":61,"category":26},"4ed1af1c-05fe-425c-a296-464dbfca0e73","peft-bench-fine-tuning-methods-benchmark-en","PEFT-Bench compares fine-tuning methods fairly","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1779179046277-spz9.png","2026-05-19T08:23:37.63089+00:00",{"id":63,"slug":64,"title":65,"cover_image":66,"image_url":66,"created_at":67,"category":26},"180a8696-ada6-43c3-ac47-5b6cea8e0b31","confident-ai-llm-evaluation-metrics-guide-en","Confident AI’s guide to LLM evaluation metrics","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1779178451812-i778.png","2026-05-19T08:13:46.826703+00:00",{"id":69,"slug":70,"title":71,"cover_image":72,"image_url":72,"created_at":73,"category":26},"576ffe2e-a54b-4030-84ea-8cc6eeb4f76f","code-becomes-the-agent-harness-en","Code Becomes the Agent Harness","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1779173049719-vnmy.png","2026-05-19T06:43:30.92356+00:00",{"id":75,"slug":76,"title":77,"cover_image":78,"image_url":78,"created_at":79,"category":26},"3440bae8-d711-472c-8861-ef8ea63d39e8","rrfp-readiness-driven-pipeline-training-en","RRFP Makes Pipeline Training Follow Readiness","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1779172447258-y1kc.png","2026-05-19T06:33:32.339315+00:00",{"id":81,"slug":82,"title":83,"cover_image":84,"image_url":84,"created_at":85,"category":26},"f15bbb27-837c-4841-9460-5c68d705e883","dashattention-differentiable-adaptive-sparse-attention-en","DashAttention makes sparse long-context attention differentiable","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1779171841715-ussc.png","2026-05-19T06:23:34.566629+00:00",[87,92,97,102,107,112,117,122,127,132],{"id":88,"slug":89,"title":90,"created_at":91},"a2715e72-1fe8-41b3-abb1-d0cf1f710189","ai-predictions-2026-big-changes-en","AI Predictions for 2026: Brace for Big Changes","2026-03-26T01:25:07.788356+00:00",{"id":93,"slug":94,"title":95,"created_at":96},"8404bd7b-4c2f-4109-9ec4-baf29d88af2b","ml-papers-of-the-week-github-research-desk-en","ML Papers of the Week Turns GitHub Into a Research Desk","2026-03-27T01:11:39.480259+00:00",{"id":98,"slug":99,"title":100,"created_at":101},"87897a94-8065-4464-a016-1f23e89e17cc","ai-ml-conferences-to-watch-in-2026-en","AI\u002FML Conferences to Watch in 2026","2026-03-27T01:51:54.184108+00:00",{"id":103,"slug":104,"title":105,"created_at":106},"6f1987cf-25f3-47a4-b3e6-db0997695be8","openclaw-agents-manipulated-self-sabotage-en","OpenClaw Agents Can Be Manipulated Into Failure","2026-03-28T03:03:18.899465+00:00",{"id":108,"slug":109,"title":110,"created_at":111},"a53571ad-735a-4178-9f93-cb09b699d99c","vega-driving-language-instructions-en","Vega: Driving with Natural Language Instructions","2026-03-28T14:54:04.698882+00:00",{"id":113,"slug":114,"title":115,"created_at":116},"a34581d6-f36e-46da-88bb-582fb3e7425c","personalizing-autonomous-driving-styles-en","Drive My Way: Personalizing Autonomous Driving Styles","2026-03-28T14:54:26.148181+00:00",{"id":118,"slug":119,"title":120,"created_at":121},"2bc1ad7f-26ce-4f02-9885-803b35fd229d","training-knowledge-bases-writeback-rag-en","Training Knowledge Bases with WriteBack-RAG","2026-03-28T14:54:45.643433+00:00",{"id":123,"slug":124,"title":125,"created_at":126},"71adc507-3c54-4605-bbe2-c966acd6187e","packforcing-long-video-generation-en","PackForcing: Efficient Long-Video Generation Method","2026-03-28T14:55:02.646943+00:00",{"id":128,"slug":129,"title":130,"created_at":131},"675942ef-b9ec-4c5f-a997-381250b6eacb","pixelsmile-facial-expression-editing-en","PixelSmile Framework Enhances Facial Expression Editing","2026-03-28T14:55:20.633463+00:00",{"id":133,"slug":134,"title":135,"created_at":136},"6954fa2b-8b66-4839-884b-e46f89fa1bc3","adaptive-block-scaled-data-types-en","IF4: Smarter 4-Bit Quantization That Adapts to Your Data","2026-03-31T06:00:36.65963+00:00"]