Computer fuzzing is a software testing technique used to find vulnerabilities, bugs, or weaknesses in programs by providing random, unexpected, or malformed inputs. The goal is to expose flaws that could lead to crashes, security vulnerabilities, or unintended behaviors.
Fuzzing works by automating the process of input generation, feeding massive volumes of diverse inputs into a program, and monitoring its reactions. When a program behaves unexpectedly—such as crashing, freezing, or throwing an error—the fuzzer logs the input that caused the problem, enabling developers to investigate and fix potential issues.
The paper "No Grammar, No Problem: Towards Fuzzing the Linux Kernel without System-Call Descriptions" by Alexander Bulekov and colleagues presents a novel approach to fuzzing the Linux kernel. Traditional kernel fuzzing tools, like syzkaller, rely on predefined system-call descriptions (or grammars) to generate inputs for fuzzing, which limits their ability to discover new vulnerabilities.
The authors propose a new technique that eliminates the need for system-call descriptions. Instead, they use a program called syzkaller, which generates random sequences of system calls to fuzz the Linux kernel. This method simplifies the fuzzing process and increases the potential for uncovering previously unknown bugs, as it can explore a wider range of system behavior without being constrained by predefined input structures.
The paper demonstrates the effectiveness of this approach by successfully discovering several new vulnerabilities in the Linux kernel. This work is important because it shows that fuzzing can be made more flexible and powerful by removing the reliance on detailed system-call grammars, potentially improving the security and robustness of the Linux kernel and other operating systems.