Waltzz: WebAssembly Runtime Fuzzing with Stack-Invariant Transformation
Lingming Zhang
34th USENIX Security Symposium (USENIX Security '25) · Day 3 · Software Security 3: Fuzzing
This talk introduces **Waltzz**, a novel, domain-specific fuzzer meticulously designed for WebAssembly (Wasm) runtimes. Presented by Lingming Zhang from Zhejiang University, Waltzz addresses the critical challenge of effectively identifying security vulnerabilities such as remote code execution and sandbox escapes within Wasm execution environments. Wasm, a high-performance binary instruction format, enables code written in various languages to run efficiently across web and other platforms. Its runtimes are foundational to many modern applications, making their security paramount.
AI review
Waltzz is legitimate, well-scoped fuzzing research with a clean core insight — stack invariant transformation — that directly solves a real problem nobody had nailed cleanly before. 17 CVEs across SpiderMonkey, V8, JSC, Wasmtime, and Wasmer is not a rounding error; that's a result that earns the stage. The work is reproducible, the evaluation methodology is solid, and the contribution is clearly the team's own.