9 matches found
EUVD-2026-32454
In the Linux kernel, the following vulnerability has been resolved: ntfs3: add buffer boundary checks to rununpack rununpack checks runbuf runlast at the top of the while loop but then reads sizesize and offsetsize bytes via rununpacks64 without verifying they fit within the remaining buffer. A...
Rust and Go Directed Fuzzing with LibAFL-DiFuzz
In modern SSDLC, program analysis and automated testing are essential for minimizing vulnerabilities before software release, with fuzzing being a fast and widely used dynamic testing method. However, traditional coverage-guided fuzzing may be less effective in specific tasks like verifying stati...
libafl has unsound usages of `core::slice::from_raw_parts_mut`
The library breaks the safety assumptions when using unsafe API slice::fromrawpartsmut. The pointer passed to fromrawpartsmut is misaligned by casting u8 to u16 raw pointer directly, which is unsound. The bug is patched by using alignoffset, which could make sure the memory address is aligned to ...
libafl_qemu (>=0.10.0 <=0.10.1), libafl_sugar (>=0.10.0 <=0.11.0) +2 more potentially affected by unknown CVE via libafl (>=0.10.1 <=0.11.0)
libafl CARGO version =0.10.1, =0.10.0, =0.10.0, =0.10.0, =0.10.0, =0.10.1 Source cves: unknown CVE Source advisory: OSV:GHSA-F7QJ-V3VP-4856...
GHSA-F7QJ-V3VP-4856 libafl has unsound usages of `core::slice::from_raw_parts_mut`
The library breaks the safety assumptions when using unsafe API slice::fromrawpartsmut. The pointer passed to fromrawpartsmut is misaligned by casting u8 to u16 raw pointer directly, which is unsound. The bug is patched by using alignoffset, which could make sure the memory address is aligned to ...
PT-2024-40265 · Libafl · Libafl
Name of the Vulnerable Software and Affected Versions: LibAFL versions prior to 0.11.2 Description: The issue arises from the misuse of the slice::from raw parts mut API, where a pointer is misaligned due to a direct cast from u8 to u16 raw pointer, leading to unsound behavior. The problem is...
libafl_qemu (>=0.10.0 <=0.10.1), libafl_sugar (>=0.10.0 <=0.11.0) +2 more potentially affected by unknown CVE via libafl (>=0.10.1 <=0.11.0)
libafl CARGO version =0.10.1, =0.10.0, =0.10.0, =0.10.0, =0.10.0, =0.10.1 Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2024-0424...
PT-2024-40967 · Libafl · Libafl
Name of the Vulnerable Software and Affected Versions: LibAFL versions prior to 0.11.2 Description: The issue arises from the misuse of the slice::from raw parts mut API, where a pointer is misaligned due to a direct cast from u8 to u16 raw pointer, leading to unsound behavior. The problem is...
LibAFL - Advanced Fuzzing Library - Slot Your Fuzzer Together In Rust! Scales Across Cores And Machines. For Windows, Android, MacOS, Linux, No_Std, ...
Advanced Fuzzing Library - Slot your own fuzzers together and extend their features using Rust. LibAFL is written and maintained by Andrea Fioraldi [email protected] and Dominik Maier [email protected]. Why LibAFL? LibAFL gives you many of the benefits of an off-the-shelf fuzzer, while...