raptor Jul 10, 2025

CVE-2023-52927: Turning a Forgotten #Syzkaller Report into #kCTF #Exploit

https://qriousec.github.io/post/cve-2023-52927/

CVE-2023-52927: Turning a Forgotten Syzkaller Report into kCTF Exploit

Table of Contents I. Introduction II. Netfilter hooks, nf_tables, nf_conntrack, nf_nat and nf_queue 2.1 Netfilter hooks 2.2 nf_tables 2.3 nf_conntrack 2.4 nf_nat 2.5 nf_queue III. The Forgotten Syzkaller Report IV. Root Cause Analysis of a “no reproducer” Syzkaller UAF Report 4.1 Allocation Backtrace 4.2 Free Backtrace 4.3 UAF Backtrace 4.4 Root Cause V. Crafting a Reproducer to Trigger the KASAN UAF 5.1 Allocate a template nf_conn by calling nft_ct_set_zone_eval() 5.2 Setup nf_nat_setup_info() function 5.

Qrious Secure
HabrSep 24, 2024

Адаптируем фаззинг для поиска уязвимостей

Фаззинг — очень популярная методика тестирования программного обеспечения случайными входными данными. В сети огромное количество материалов о том, как находить дефекты ПО с его помощью. При этом в публичном пространстве почти нет статей и выступлений о том, как искать уязвимости с помощью фаззинга. Возможно, исследователи безопасности не хотят делиться своими секретами. Тем интереснее рассмотреть эту тему в данной статье.

https://habr.com/ru/companies/pt/articles/845490/

#поиск_уязвимостей #fuzzing #syzkaller #операционные_системы #linux_kernel #vulnerabilities #фаззинг #operating_systems

Адаптируем фаззинг для поиска уязвимостей

Фаззинг — очень популярная методика тестирования программного обеспечения случайными входными данными. В сети огромное количество материалов о том, как находить дефекты ПО с его помощью. При этом в...

Хабр
0xor0neMay 10, 2024

Fuzzing NVMe-oF/TCP Linux kernel subsystem with Syzkaller
Great blog post by Alon Zahavi

https://www.cyberark.com/resources/threat-research-blog/your-nvme-had-been-syzed-fuzzing-nvme-of-tcp-driver-for-linux-with-syzkaller

#syzkaller

Your NVMe Had Been Syz’ed: Fuzzing NVMe-oF/TCP Driver for Linux with Syzkaller

Following research conducted by a colleague of mine [1] at CyberArk Labs, I better understood NVMe-oF/TCP. This kernel subsystem exposes INET socket(s), which can be a fruitful attack surface for...

hardik05Nov 6, 2023
If you want to learn kernel fuzzing try this:
https://github.com/hardik05/Damn_Vulnerable_Kernel_Module
#syzkaller #kafl
GitHub - hardik05/Damn_Vulnerable_Kernel_Module: Damn Vulenerable Kernel Module for kernel fuzzing

Damn Vulenerable Kernel Module for kernel fuzzing. Contribute to hardik05/Damn_Vulnerable_Kernel_Module development by creating an account on GitHub.

GitHub
Ryan Adamson Jul 25, 2023

I’ve been fuzzing the Linux kernel off and on for a few days now — it’s really fun to uncover bugs! There’s an epic battle going on between the fuzzer and the os: Each had made the other crash several times in different ways.
As of now it’s all tied up!

Syzkaller: 3
Kernel: 3

#fuzzing #linux #syzkaller #hpc

0xor0neJun 11, 2023

Excellent blog post for learning Linux kernel internals, networking, fuzzing and syzkaller:

https://xairy.io/articles/syzkaller-external-network

#Linux #kernel #fuzzing #networking #syzkaller #infosec #cybersecurity

0xor0neMar 31, 2023

Great blog post by @andreyknvl for learning Linux kernel internals, networking, fuzzing and syzkaller:

https://xairy.io/articles/syzkaller-external-network

#Linux #kernel #fuzzing #networking #syzkaller #hacking #infosec #cybersecurity

🔍 Looking for Remote Code Execution bugs in the Linux kernel

Using syzkaller to fuzz the Linux kernel network stack externally

Andrey Konovalov
0xor0neMar 30, 2023

Great blog for learning Linux kernel internals, networking, fuzzing and syzkaller:

https://xairy.io/articles/syzkaller-external-network

#Linux #kernel #fuzzing #networking #syzkaller #hacking #infosec #cybersecurity

🔍 Looking for Remote Code Execution bugs in the Linux kernel

Using syzkaller to fuzz the Linux kernel network stack externally

Andrey Konovalov
0xor0neJan 30, 2023

A must read blog post by
Andrey Konovalov for learning Linux kernel networking internals, fuzzing and syzkaller:

https://xairy.io/articles/syzkaller-external-network

#Linux #kernel #fuzzing #networking #syzkaller #hacking #infosec #cybersecurity

🔍 Looking for Remote Code Execution bugs in the Linux kernel

Using syzkaller to fuzz the Linux kernel network stack externally

Andrey Konovalov
0xor0neJan 16, 2023

Couple years old but still a good intro series for learning the basics of syzkaller and Linux kernel fuzzing

Part 1: https://f0rm2l1n.github.io/2021-02-02-syzkaller-diving-01/

Part 2: https://f0rm2l1n.github.io/2021-02-04-syzkaller-diving-02/

Part 3: https://f0rm2l1n.github.io/2021-02-10-syzkaller-diving-03/

#Linux #kernel #fuzzing #syzkaller #infosec

Syzkaller Diving 01

Learn basic KCOV and how fuzzer adopts it

Monte Cristo