AnyPoC: Universal Proof-Of-Concept Test Generation for Scalable LLM-Based Bug Detection

While recent LLM-based agents can identify many candidate bugs in source code, their reports remain static hypotheses that require manual validation, limiting the practicality of automated bug detection. We frame this challenge as a test generation task: given a candidate report, synthesizing an...

Finding Memory Leaks in C/C++ Programs Via Neuro-Symbolic Augmented Static Analysis

Memory leaks remain prevalent in real-world C/C++ software. Static analyzers such as CodeQL provide scalable program analysis but frequently miss such bugs because they cannot recognize project-specific custom memory-management functions and lack path-sensitive control-flow modeling. We present...

RVISmith: Fuzzing Compilers for RVV Intrinsics

Modern processors are equipped with single instruction multiple data SIMD instructions for fine-grained data parallelism. Compiler auto-vectorization techniques that target SIMD instructions face performance limitations due to insufficient information available at compile time, requiring...

LLM-Based Dynamic Differential Testing for Database Connectors with Reinforcement Learning-Guided Prompt Selection

Database connectors are critical components enabling applications to interact with underlying database management systems DBMS, yet their security vulnerabilities often remain overlooked. Unlike traditional software defects, connector vulnerabilities exhibit subtle behavioral patterns and are...

LASA: Enhancing SoC Security Verification with LLM-Aided Property Generation

Ensuring the security of modern System-on-Chip SoC designs poses significant challenges due to increasing complexity and distributed assets across the intellectual property IP blocks. Formal property verification FPV provides the capability to model and validate design behaviors through security...

OpDiffer: LLM-Assisted Opcode-Level Differential Testing of Ethereum Virtual Machine

As Ethereum continues to thrive, the Ethereum Virtual Machine EVM has become the cornerstone powering tens of millions of active smart contracts. Intuitively, security issues in EVMs could lead to inconsistent behaviors among smart contracts or even denial-of-service of the entire blockchain...

Linux Distros Unpatched Vulnerability : CVE-2024-26685

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nilfs2: fix potential bug in endbufferasyncwrite According to a syzbot report, endbufferasyncwrite, which handles the completion of block device writes, may...

CVE-2024-56650 netfilter: x_tables: fix LED ID check in led_tg_check()

In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: fix LED ID check in ledtgcheck Syzbot has reported the following BUG detected by KASAN: BUG: KASAN: slab-out-of-bounds in strlen+0x58/0x70 Read of size 1 at addr ffff8881022da0c8 by task repro/5879 ... Call...

CVE-2024-50225 btrfs: fix error propagation of split bios

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix error propagation of split bios The purpose of btrfsbbiopropagateerror shall be propagating an error of split bio to its original btrfsbio, and tell the error to the upper layer. However, it's not working well on some...

CVE-2024-39488 arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY

In the Linux kernel, the following vulnerability has been resolved: arm64: asm-bug: Add .align 2 to the end of BUGENTRY When CONFIGDEBUGBUGVERBOSE=n, we fail to add necessary padding bytes to bugtable entries, and as a result the last entry in a bug table will be ignored, potentially leading to a...

CVE-2021-47542

In the Linux kernel, the following vulnerability has been resolved: net: qlogic: qlcnic: Fix a NULL pointer dereference in qlcnic83xxaddrings In qlcnic83xxaddrings, the indirect function of ahw-hwops-allocmbxargs will be called to allocate memory for cmd.req.arg, and there is a dereference of it ...

CVE-2021-47542 net: qlogic: qlcnic: Fix a NULL pointer dereference in qlcnic_83xx_add_rings()

In the Linux kernel, the following vulnerability has been resolved: net: qlogic: qlcnic: Fix a NULL pointer dereference in qlcnic83xxaddrings In qlcnic83xxaddrings, the indirect function of ahw-hwops-allocmbxargs will be called to allocate memory for cmd.req.arg, and there is a dereference of it ...

WebCopilot - An Automation Tool That Enumerates Subdomains Then Filters Out Xss, Sqli, Open Redirect, Lfi, Ssrf And Rce Parameters And Then Scans For Vulnerabilities

WebCopilot is an automation tool designed to enumerate subdomains of the target and detect bugs using different open-source tools. The script first enumerate all the subdomains of the given target domain using assetfinder, sublister, subfinder, amass, findomain, hackertarget, riddler and crt then...

Stable Channel Update for Desktop

The Stable channel has been updated to 119.0.6045.123 for Mac and Linux and 119.0.6045.123/.124 for Windows, which will roll out over the coming days/weeks. A full list of changes in this build is available in the log. Security Fixes and Rewards Note: Access to bug details and links may be kept...

GitHub Security Lab: [cpp] CWE-787: query to detect unsigned integer to signed integer conversions used in pointer arithmetics

This bug was reported directly to GitHub Security Lab...

Facebook Releases New Tool That Finds Security and Privacy Bugs in Android Apps

Facebook on Wednesday announced it's open-sourcing Mariana Trench, an Android-focused static analysis platform the company uses to detect and prevent security and privacy bugs in applications created for the mobile operating system at scale. "Mariana Trench is designed to be able to scan large...

Interactsh - An OOB Interaction Gathering Server And Client Library

Interactsh is an Open-Source Solution for Out of band Data Extraction, A tool designed to detect bugs that cause external interactions, For example - Blind SQLi, Blind CMDi, SSRF, etc. Features DNS/HTTP/SMTP Interaction support CLI Client / Web Dashboard support AES encryption with zero logging...

GSD-2021-1000330 ethernet:enic: Fix a use after free bug in enic_hard_start_xmit

ethernet:enic: Fix a use after free bug in enichardstartxmit This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.38 by commit...

Announcing the Fuzzilli Research Grant Program

Posted by Samuel Groß, Project Zero Project Zero’s mission is to make 0-day hard in order to improve end-user security. We attack this problem in different ways, including supporting other security researchers. While Google currently offers research grants, they are limited to academics and those...

Stable Channel Update for Desktop

The stable channel has been updated to 83.0.4103.116 for Windows, Mac, and Linux, which will roll out over the coming days/weeks. Security Fixes and Rewards Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain...