Skip to content

Latest commit

 

History

History
41 lines (30 loc) · 1.89 KB

README.md

File metadata and controls

41 lines (30 loc) · 1.89 KB

SyzBridge

What is SyzBridge

SyzBridge is a research project that adapts Linux upstream PoCs to downstream distributions. It provides rich interfaces that allow you to do a lot of cool things with Syzbot bugs

  • Bug Reproduce (Upstream/Downstream)
  • VM Management
  • Kernel Tracing
  • Integration with other Syzbot-based tools SyzScope

Access to our paper for more details

@inproceedings{syzbridge,
  author    = {Xiaochen Zou and Yu Hao and Zheng Zhang and Juefei Pu and Weiteng Chen and Zhiyun Qian},
  title     = {{SyzBridge: Bridging the Gap in Exploitability Assessment of Linux Kernel Bugs in the Linux Ecosystem}},
  booktitle = {31st Annual Network and Distributed System Security Symposium, {NDSS}},
  year      = {2024},
}

Why did we develop SyzBridge

Exploitability assessment is a popular topic in cybersecurity. Most exploitability assessment tools primarily focus on Linux upstream kernel, which means they rely on original upstream PoCs. However, only a small portion (19%) of those upstream PoCs can trigger the same bugs on downstream distros. SyzBridge provides a capability to bridge this gap between upstream and downstream, adapting the upstream PoCs to downstream, providing more possibility to exploitability assessment tools.

How to use

Build your own plugin

It's super easy to integrate other bug assessment tools or build your own plugin on SyzBridge.

Here is a tutorial for building a bug-bisection plugin: BugBisection

Request module fuzzing

We used a customized syzkaller to fuzz request_mod repo links here

Quick Start