One Article Review
| Source |  GoogleSec |
|---|---|
| Identifiant | 8614873 |
| Date de publication | 2024-11-20 11:55:46 (vue: 2024-11-20 18:07:38) |
| Titre | Leveling Up Fuzzing: Finding more vulnerabilities with AI |
| Texte | Posted by Oliver Chang, Dongge Liu and Jonathan Metzman, Google Open Source Security TeamRecently, OSS-Fuzz reported 26 new vulnerabilities to open source project maintainers, including one vulnerability in the critical OpenSSL library (CVE-2024-9143) that underpins much of internet infrastructure. The reports themselves aren\'t unusual-we\'ve reported and helped maintainers fix over 11,000 vulnerabilities in the 8 years of the project. But these particular vulnerabilities represent a milestone for automated vulnerability finding: each was found with AI, using AI-generated and enhanced fuzz targets. The OpenSSL CVE is one of the first vulnerabilities in a critical piece of software that was discovered by LLMs, adding another real-world example to a recent Google discovery of an exploitable stack buffer underflow in the widely used database engine SQLite.This blog post discusses the results and lessons over a year and a half of work to bring AI-powered fuzzing to this point, both in introducing AI into fuzz target generation and expanding this to simulate a developer\'s workflow. These efforts continue our explorations of how AI can transform vulnerability discovery and strengthen the arsenal of defenders everywhere.The story so farIn August 2023, the OSS-Fuzz team announced |
| Notes | ★★★ |
| Envoyé | Oui |
| Condensat | #0 buffer | const 12 22 27 37 prompt: below 1 4 5 any but for here in llm llms once one prompt: prompt: your running the up **create **execute **finalize **prepare *out /src/llvm /src/snappy/snappy 000 0x502000000630 0x560036939241 0x560036939242 0x56003697d30b 0x7ffd65dca010read 0x7ffd65dca850 160 2023 2024 272 370k+ 3; unsigned 5434 7000 9143 ; | ; buffer ; const ; return = li ^example ^server ^~~~~~~~server `create `createtablequery` `data `fuzzeddataprovider` `iov `iovec` `snappy::compressfromiovec` `sqlite3 abilities able about access accurate achieve across actionour actual actually adding additional address after again agent all already also analysis analyze announced another answer any anything append approach architecture: are area aren arise arrive arsenal as asan ask attackers august automate automated automatically autonomously base64 base` based become been before behaviors being below blob blog bool both breakdown bring buffer bug bugs build building built but byte c/c++ calling calls can candidate cause caused causes causing cc:12:27: cc:12:46: cc:22:39: cc:27:23: cc:37:5: cc:661:5 #2 cc:954:10in chang changes:1 char char* charset check chunk chunk` cjson clusterfuzz code coding collaborate collaborating column come commit compilation compile compiles complete completely confident configurations const const* constructed context continue correct corrected correctly could couldn coverage covered cpp:63:3 #1 crash crashes creates creating critical cross cve dangling data database deallocated debuggers dec decades decode defenders definitions describing destroys details determine determines developer developing different discoverable discovered discovery discusses documentation doesn don dongge draft drafting driver driver” each effective effort efforts emitliteral emulating enable end end:drafting engine enhanced ensure ensures entire error error: errors evaluate even everywhere example examples execute executes executing exercise exercised exist existed existing exists exists` expanding exploit exploitable exploited explorations extended far farin feature: feedback field fifth file finalize` find finding finding: first fix fix3 fix:the fixed fixes fixing flags focusing following forward found four framework free from fulfill fully function functionality functions further fuzz fuzzed fuzzeddataprovider& fuzzer fuzzing fuzzing: gain gen generate generated generating generation get given goal goes google greater guarantee had half hallucinate handle hardcoded harness has have having heap help helped here hiding higher highlight highly hold holds hope hoping hours how however httplib httplib::multipartfile& human humans hundreds ideal ideas implementing important improve improvement improvements:automatically improvementsto improving including increase index information infrastructure initial instantly int integrating interactive interceptors interesting internet introducing isn issue issues issues:server iterating iteration iterative its january jonathan language large leaves led legitimate length length/4 less lessons letting leveling leverage library likely line lines liu llm llms llvmfuzzertestoneinput long longer look maintainers major make malicious manual marked may means meant measure member memcpy memintrinsics memory metric metzman might milestone missing mistakes models more much multipartfile named names namespace need needed new nextimproving not now null null; number object obvious occurs october offer oliver once ondata one only open open` openssl operator oss other o |
| Tags | Tool Vulnerability Threat Patching Technical |
| Stories | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.