QMSan: Efficiently Detecting Uninitialized Memory Errors During Fuzzing
Matteo Marini
Network and Distributed System Security (NDSS) Symposium 2025 · Day 3 · Fuzzing 2
In the realm of software security, **Use of Uninitialized Memory (UUM)** errors represent a particularly insidious class of vulnerabilities. These errors occur when a program attempts to read from a memory location that has been allocated but not yet written to, leading to unpredictable behavior, crashes, or even exploitable conditions. Matteo Marini's talk, "QMSan: Efficiently Detecting Uninitialized Memory Errors During Fuzzing," introduces a novel, binary-based solution designed to overcome the significant limitations of existing UUM detection tools, particularly in the context of large-scale fuzzing of closed-source or complex software.
AI review
Solid, original systems research that fills a real gap: binary-level UUM detection fast enough to actually run inside a fuzzing loop. The multi-layered opportunistic/accurate detector architecture is the kind of engineering tradeoff that takes real work to get right, and 44 new bugs plus CVEs is a credible proof that it isn't just a prototype.