During our recent fuzzing efforts on various subsystems of the Linux kernel, we encountered a kernel panic. Interestingly, the kernel panic that exposed the vulnerability was not directly related to the input seed generated by our fuzzer. Instead, it was the fuzzer’s activity itself that inadvertently triggered the bug. Although the initial sample generated by the fuzzer didn’t provide a direct proof of concept (PoC), a thorough analysis of the panic log enabled us to develop a PoC for th...
