Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Razzer - Finding Kernel Race Bugs through Fuzzing

IEEE via YouTube

Overview

Explore a cutting-edge approach to identifying kernel race bugs through fuzzing in this 20-minute IEEE conference talk. Delve into the innovative Razzer tool, designed to efficiently detect data races in kernel systems. Learn how static analysis and deterministic thread interleaving techniques are combined to guide fuzz testing towards potential race conditions. Discover the impact of Razzer's implementation on the latest Linux kernel versions, uncovering 30 new races with 16 confirmed and patched by developers. Gain insights into the tool's design, implementation, and evaluation, including a comparison with Syzkaller. Understand the critical importance of addressing kernel race bugs for system reliability and security, including their potential for privilege escalation attacks.

Syllabus

Intro
Kernel Vulnerability
Inefficient Fuzzing for Race Bugs
Our approach: Razzer
Design Overview
Static Analysis: Example
Single-thread Fuzzing
Transformation to Multi-thread Input
Multi-thread Fuzzing
Implementation
Evaluation: Comparison with Syzkaller
Conclusion

Taught by

IEEE Symposium on Security and Privacy

Reviews

Start your review of Razzer - Finding Kernel Race Bugs through Fuzzing

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.