Fuzzing BusyBox: Leveraging LLM and Crash Reuse for Embedded Bug Unearthing

arXiv:2403.03897v1 Announce Type: cross
Abstract: BusyBox, an open-source software bundling over 300 essential Linux commands into a single executable, is ubiquitous in Linux-based embedded devices. Vulnerabilities in BusyBox can have far-reaching consequences, affecting a wide array of devices. This research, driven by the extensive use of BusyBox, delved into its analysis. The study revealed the prevalence of older BusyBox versions in real-world embedded products, prompting us to conduct fuzz testing on BusyBox. Fuzzing, a pivotal software testing method, aims to …

array arxiv bug busybox can consequences crash cs.cr cs.se devices embedded embedded devices far fuzzing linux linux commands llm open-source software research reuse single software vulnerabilities