No Fuzzer has been there yet

Finding Bugs in Linux Wireless Stacks

If you suspend your transcription on amara.org, please add a timestamp below to indicate how far you progressed! This will help others to resume your work!

Please do not press “publish” on amara.org to save your progress, use “save draft” instead. Only press “publish” when you're done with quality control.

Video duration: Not yet available
Language: English
Abstract: Everything started with a Python script that helped discover a memory leak in the Linux Bluetooth stack. After expanding it to a rock-solid fuzzer targeting the Linux Bluetooth stack and discovering more bugs, we extend it to Wi-Fi. 💥 BOOM 💥! A heap overflow (CVE-2022-41674) and more severe vulnerabilities that do not require user interaction and also affect Android devices.

This talk introduces how (kernel) fuzzing works and how our fuzzer for Linux wireless interfaces works specifically. I will show some issues we stumbled upon and how we solved them. Finally, I discuss some of the vulnerabilities it found and will provide some insight into the disclosure process.

This talk is beginner-friendly: If you have never heard of Fuzzing or do not have any pre-knowledge regarding security, don't worry but please come and you will learn something new and interesting. :)

Talk ID: jev22-49248
Event:: jev22
Day: 4
Room: HIP1
Start: 7 p.m.
Duration: 01:00:00
Track: E.T.I.
Type of: Talk
Speaker: Sönke
Talk Slug & media link: jev22-49248-no_fuzzer_has_been_there_yet

The video is not yet available

Missing form or progress bar? It may take up to ten minutes until the form appears, after you saved your progress on amara. Please give it a little patience and reload the page.