MOCK: Optimizing Kernel Fuzzing Mutation with Context-aware Dependency

Jiacheng Xu

Network and Distributed System Security (NDSS) Symposium 2024 · Day 3 · Kernel Fuzzing

Modern operating system **kernels** are the bedrock of computing, responsible for managing hardware and software resources and providing a secure platform for applications. However, their immense complexity, characterized by vast codebases and intricate architectures, makes them a perennial source of **vulnerabilities**. For instance, 2022 alone saw 288 Linux kernel vulnerabilities reported, averaging a **CVSS score** of 6.5, with an annual average of 196 vulnerabilities over the past five years. These flaws present critical attack vectors, potentially leading to sensitive data exposure, system disruption, or full system compromise. **Coverage-guided fuzzing** has emerged as a leading technique for discovering such vulnerabilities, demonstrating significant success in complex real-world systems by generating diverse inputs to explore code paths.