[$] Scrutinizing bugs found by syzbot

Post Syndicated from jake original https://lwn.net/Articles/872649/rss

The syzbot
kernel-fuzzing system
finds an enormous number of bugs, but, since many
of them may seem to be of a relatively low severity, they have a lower priority
when contending for the attention of developers. A talk
at the recent Linux
Security Summit North America
reported on some research that
dug further into the bugs that syzbot has
found; the results are rather worrisome. Rather than a pile of
difficult- or impossible-to-exploit bugs, there are numerous, more serious
problems lurking within.