Knowing the exploitability and severity of software vulnerabilities helps practitioners
prioritize vulnerability mitigation efforts. Researchers have proposed and evaluated many …

Fuzzing has played an important role in improving software development and testing over
the course of several decades. Recent research in fuzzing has focused on applications of …

Nowadays, dynamic testing tools have significantly expedited the discovery of bugs in the
Linux kernel. When unveiling kernel bugs, they automatically generate reports, specifying …

The monolithic nature of modern OS kernels leads to a constant stream of bugs being
discovered. It is often unclear which of these bugs are worth fixing, as only a subset of them …

A large number of memory corruption vulnerabilities, eg, heap overflow and use after free
(UAF), could only be exploited in specific heap layouts via techniques like heap feng shui …

To determine the exploitability for a kernel vulnerability, a secu-rity analyst usually has to
manipulate slab and thus demonstrate the capability of obtaining the control over a program …

The dynamic of the Linux kernel heap layout significantly impacts the reliability of kernel
heap exploits, making exploitability assessment challenging. Though techniques have been …

Automatic exploit generation is a challenging problem. A challenging part of the task is to
connect an identified exploitable state (exploit primitive) to triggering execution of code …

Recent research has proposed various methods to perform kernel exploitation and bypass
kernel protection. For example, security researchers have demonstrated an exploitation …

Heap metadata attacks have become one of the primary ways in which attackers exploit
memory corruption vulnerabilities. While heap implementation developers have introduced …