To test the viability of our framework, we fuzzed over one hundred packages from the Arch Linux package repository with essentially zero effort. After only a few days, we already found 11 crashes, six of which were exploitable.

By Bhargava Shastry + Dominik Maier + Vincent Ulitzsch

Full abstract and materials:

Posted by Charlie