On Thu, May 13, 2021 at 10:22:05PM -0700, syzscope sys wrote:
> I just found out that Ubuntu is on the CVE CNA list.
> Do you think it's possible that Ubuntu could assign the CVEs for those
> issues directly instead of asking Google? Once the CVE is assigned, it
> should also not only benefit Ubunt
Hi Seth,
I just found out that Ubuntu is on the CVE CNA list.
Do you think it's possible that Ubuntu could assign the CVEs for those
issues directly instead of asking Google? Once the CVE is assigned, it
should also not only benefit Ubuntu but also other potentially affected
kernels.
On Tue, May 1
On Fri, May 07, 2021 at 05:47:51PM -0700, SyzScope wrote:
> This is SyzScope, a research project that aims to reveal high-risk
> primitives from a low-risk bug.
Hello, this is pretty cool stuff. Continuing on 'executing' beyond the
point when ASAN has given up has given some pretty cool results.
Hi developers,
This is SyzScope, a research project that aims to reveal high-risk
primitives from a low-risk bug.
We noticed that Ubuntu did a good jobs of applying patches from
high-risk bugs(CVEs, OOB/UAF write), but in our research, we found some
low-risk bugs even WARNING may compromise
