To all my fuzzing friends, @jeffball55 wrote up an article on using AFL and KLEE to go after the Linux kernel. https://blog.grimm-co.com/post/analyzing-the-linux-kernel-in-userland-with-afl-and-klee/ … He found an out of bounds read in the ASN.1 decoder which still exists on RHEL 7 despite being patched in the mainline kernel a couple years ago.
-
-
Honestly, I'm not as certain about that either. It surely has different things that haven't been fixed, but whether the older base kernel (upon which there are a bunch of updates) outweighs bugs *introduced* in newer kernel versions and the added attack surface there...
-
Someone would need to do a serious study of it
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
