SyzBridge is a research project that adapts Linux upstream PoCs to downstream distributions. It provides rich interfaces that allow you to do a lot of cool things with Syzbot bugs
- Bug Reproduce (Upstream/Downstream)
- VM Management
- Kernel Tracing
- Integration with other Syzbot-based tools SyzScope
Access to our paper for more details
@inproceedings{syzbridge,
author = {Xiaochen Zou and Yu Hao and Zheng Zhang and Juefei Pu and Weiteng Chen and Zhiyun Qian},
title = {{SyzBridge: Bridging the Gap in Exploitability Assessment of Linux Kernel Bugs in the Linux Ecosystem}},
booktitle = {31st Annual Network and Distributed System Security Symposium, {NDSS}},
year = {2024},
}
Exploitability assessment is a popular topic in cybersecurity. Most exploitability assessment tools primarily focus on Linux upstream kernel, which means they rely on original upstream PoCs. However, only a small portion (19%) of those upstream PoCs can trigger the same bugs on downstream distros. SyzBridge provides a capability to bridge this gap between upstream and downstream, adapting the upstream PoCs to downstream, providing more possibility to exploitability assessment tools.
It's super easy to integrate other bug assessment tools or build your own plugin on SyzBridge.
Here is a tutorial for building a bug-bisection plugin: BugBisection
We used a customized syzkaller to fuzz request_mod
repo links here